Technical documentation (Annex IV): what high-risk systems must include

Short answer: Anyone placing a high-risk AI system on the market must draw up technical documentation in advance that meets Annex IV of the AI Act (Article 11). That file demonstrates the system complies with all requirements and lets supervisors verify it. It must exist before deployment and stay current throughout the system's lifetime.

Why Annex IV exists

The technical documentation is the evidence behind the declaration of conformity. Without a complete file a provider cannot affix CE marking and a supervisor cannot check whether the system meets the rules. Annex IV sets out which elements the file must contain as a minimum, so that documentation is traceable and comparable. The file is therefore not an after-the-fact formality but the backbone of the conformity assessment.

What it must contain as a minimum

Annex IV lists the mandatory elements. In broad terms:

• General description of the system: intended purpose, provider, versions, how it works and the form in which it is placed on the market.
• Design and development: design choices, system architecture, algorithms used, and the logic behind the system.
• Data and data governance: the training, validation and test datasets, their provenance, and the data quality measures under Article 10.
• Monitoring, functioning and control: expected performance, accuracy metrics, and the system's limitations.
• Risk management system: a description of the risk management system under Article 9.
• Changes the provider makes during the lifetime, plus the list of harmonised standards applied.

Keep it current, not a one-off record

The documentation is a living file. With every meaningful change — a new model version, different data, an adjusted purpose — the provider must update the file. Findings from post-market monitoring must also feed back into it. Providers keep the documentation available to supervisors for at least ten years after placing on the market.

Relation to other obligations

Annex IV does not stand alone. The file references and bundles the work required by Article 9 (risk management), Article 10 (data), Article 12 (logging) and Article 13 (transparency). Tackling those obligations separately without bundling them misses the overview Annex IV is meant to provide. See the high-risk obligations overview for the full picture.

What to do

• Start early: build the file during development, not just before market launch.
• Follow the Annex IV structure point by point so nothing is missing at assessment.
• Link documentation to version control: each model version gets a traceable file.
• Assign an owner who keeps the file current after deployment.
• Retain for at least ten years and keep it available to supervisors.

Good technical documentation is the difference between demonstrable compliance and an unprovable claim.