Last Updated on July 16, 2026 by Narendra Sahoo
This is for compliance and security leaders who already know the EU AI Act applies to them and need a concrete control set for where the law actually stands today — not a summary written before the rules changed. Awareness is done; 2026 is the year of implementation, and the rules just moved. On 29 June 2026 the Council of the EU gave its final green light to the Digital Omnibus on AI — the package that resets several of the dates compliance teams have been building toward. This guide gives you the ten controls that work together as one compliance system, current as of the Omnibus’s final adoption.
|
2 Dec 2027
New Annex III high-risk deadline, deferred from 2 Aug 2026
|
2 Aug 2026
Article 50 disclosure duty — still live, not delayed
|
€35M / 7%
Top fine tier for prohibited-practice violations (Article 99)
|
10 Controls
One governance system, not ten isolated tasks
|
What the Digital Omnibus Changed
💡 CRITICAL INSIGHT
Most EU AI Act checklists published before mid-2026 still show 2 August 2026 as the deadline for high-risk obligations. That date now applies only to Article 50 disclosure — the high-risk duties in Controls 5–8 below were deferred by over a year. A control set built on the old timeline isn’t just outdated, it’s actively misleading about what’s due when.
1️⃣ Control 1 — A Complete AI System Inventory
Every obligation in the Act attaches to a specific system, so readiness starts with a register: one row per model, with owner, purpose, provider, data classification, and deployment status. Include shadow AI — assistants in browser tabs, coding copilots, AI features inside SaaS. An unlisted system is an unmanaged compliance risk, and the first thing an assessor may discover. For the full step-by-step version of this control, see VISTA InfoSec’s EU AI Act Compliance Checklist.
✅ CONTROL 1 CHECKLIST — INVENTORY
| □ Build one inventory row per AI system: owner, purpose, provider, data classification, deployment status |
| □ Include shadow AI — browser copilots, coding assistants, AI features buried inside SaaS tools |
| □ Review and refresh the inventory on a recurring cycle, not once and done |
2️⃣ Control 2 — Risk Classification for Every System
Map each system to the Act’s tiers — prohibited, high-risk, limited, minimal — using Article 6 and the Annex III categories. Classification drives every downstream duty: misclassify a high-risk system and Controls 5 through 8 below get built on the wrong foundation.
👉 IN PRACTICE — AN AI-POWERED RECRUITMENT TOOL
A mid-market SaaS company adds an AI-powered resume-screening feature to its recruitment product. Under the inventory (Control 1), it gets one line: owner (Head of Product), purpose (candidate shortlisting), provider (in-house model fine-tuned on a third-party foundation model), data classification (personal data, employment-related). Under classification (Control 2), Annex III lists AI systems intended for recruitment or selection of natural persons as high-risk by default — so this system triggers Articles 9, 10, and 14, plus, from 2 December 2027, the full high-risk control set below. The Article 50 disclosure duty applies today, regardless of tier. That single classification call decides whether Controls 5–8 apply at all — exactly why Control 2 sits upstream of everything that follows.
✅ CONTROL 2 CHECKLIST — CLASSIFICATION
| □ Map each system against Article 6 and the Annex III high-risk categories |
| □ Document the classification rationale in writing, not just the conclusion |
| □ Re-classify whenever a system’s purpose, provider, or deployment changes |
|
Not sure how the Digital Omnibus changes your deadlines? VISTA InfoSec’s AI governance consultants map your systems, confirm your classification, and tell you exactly which post-Omnibus deadline applies — no guesswork, no jargon. |
3️⃣ Control 3 — A Prohibited-Practices Screen
Screen the inventory against the Article 5 bans — social scoring, manipulative systems, unlawful biometric use — and, since the Digital Omnibus, a new prohibition on AI-generated non-consensual intimate imagery and CSAM (“nudifiers”), which carries a transitional period to 2 December 2026 for providers to add safeguards. The original bans have been enforceable since February 2025 and carry the top fine tier (€35M / 7% of turnover under Article 99). This is the one control with no partial credit: if a use is prohibited, it stops.
✅ CONTROL 3 CHECKLIST — PROHIBITED PRACTICES
| □ Screen every system against the Article 5 bans, including the new nudifier/CSAM prohibition |
| □ Treat any prohibited use as a hard stop — not a risk to document and manage |
| □ Track the 2 December 2026 transitional deadline for the new prohibition |
4️⃣ Control 4 — AI Literacy Training
Under Article 4, staff who work with AI must understand its capabilities and limits — mandatory since February 2025 and one of the easiest things an auditor can check. The Digital Omnibus softens the legal standard from guaranteeing a specific literacy level to supporting its development, but that’s a drafting nuance, not a compliance exemption. Cover developers, deployers, procurement, and anyone exercising human oversight, and keep attendance records: unevidenced training doesn’t count as done.
✅ CONTROL 4 CHECKLIST — AI LITERACY
| □ Train developers, deployers, procurement, and human-oversight staff on AI capabilities and limits |
| □ Keep dated attendance and completion records as evidence |
| □ Update materials to reflect the Omnibus’s softened literacy standard |
| Want all ten controls as a downloadable checklist?
Download VISTA InfoSec’s free EU AI Act Readiness Checklist — covering all ten controls in this guide, ready to work through control by control. |
5️⃣ Control 5 — A Risk-Management Process for High-Risk AI
For high-risk systems, Article 9 requires a documented, lifecycle-long risk-management system — identify, assess, mitigate, monitor. The Digital Omnibus pushed the compliance date for stand-alone (Annex III) high-risk systems to 2 December 2027, so there’s more runway than the original 2 August 2026 date implied. Use it to anchor the process in a recognised AI risk management framework — the NIST AI Risk Management Framework and its Generative AI Profile — rather than to delay starting.
✅ CONTROL 5 CHECKLIST — RISK MANAGEMENT
| □ Stand up an Article 9 risk-management process: identify, assess, mitigate, monitor |
| □ Anchor it in the NIST AI RMF and its Generative AI Profile |
| □ Use the extended runway to build it properly — not as a reason to delay starting |
6️⃣ Control 6 — Data Governance and Quality Checks
High-risk systems must eventually be trained and operated on data that is relevant, representative, and examined for bias — a duty now due by 2 December 2027 for Annex III systems, not 2 August 2026. That extra runway applies to the AI Act deadline only: GDPR exposure from poorly governed personal data runs on its own clock and doesn’t move with the Omnibus. Build documented data lineage, quality gates before training, and records of the checks performed now, while the deadline pressure is off and the gaps are still cheap to fix.
✅ CONTROL 6 CHECKLIST — DATA GOVERNANCE
| □ Document data lineage and quality gates before training begins |
| □ Keep records of every bias and quality check performed |
| □ Remember: GDPR exposure doesn’t move with the Omnibus’s extra runway |
7️⃣ Control 7 — Technical Documentation and Logging
The Act expects technical documentation sufficient for an authority to assess compliance, plus automatic logging so decisions are traceable after the fact — due for Annex III high-risk systems by 2 December 2027 under the Digital Omnibus’s revised timeline. Build record-keeping into the pipeline now anyway: documentation reconstructed retroactively is obvious to an assessor, whichever year the assessment lands in.
✅ CONTROL 7 CHECKLIST — DOCUMENTATION & LOGGING
| □ Build technical documentation as you go, not retroactively before an assessment |
| □ Turn on automatic logging so decisions are traceable after the fact |
| □ Assign a named owner responsible for keeping documentation current |
8️⃣ Control 8 — Human Oversight and Transparency Duties
Under Article 14, a competent person must be able to understand, intervene in, or stop a high-risk system — named individuals with real authority and training, not a policy sentence. That duty now follows the deferred high-risk timeline: 2 December 2027 for Annex III systems. Article 50 transparency duties are a separate track, and the Omnibus left them alone: they apply from 2 August 2026, regardless of a system’s risk tier — disclose AI interaction and label AI-generated content.
⚠ DON’T CONFUSE THESE TWO CLOCKS
The one partial exception is watermarking under Article 50(2): systems already on the market before 2 August 2026 get a four-month grace period, to 2 December 2026. Don’t let the high-risk deferral above lull you into treating Article 50 as delayed too — it isn’t. Disclosure obligations are live from 2 August 2026 for every system that interacts with people, no matter its risk tier.
✅ CONTROL 8 CHECKLIST — OVERSIGHT & TRANSPARENCY
| □ Name individuals with real authority to intervene in or stop a high-risk system |
| □ Meet the Article 50 disclosure duty by 2 August 2026, regardless of risk tier |
| □ Track the separate 2 December 2026 watermarking grace period |
|
Need your human-oversight and transparency duties audited? VISTA InfoSec reviews your oversight assignments and Article 50 disclosure mechanisms against the post-Omnibus timeline — so nothing slips through on the wrong clock. |
9️⃣ Control 9 — Third-Party and Vendor AI Governance
Most organisations’ riskiest AI arrives through vendors. Extend due diligence to model providers: training-data provenance, change-notification SLAs, security testing evidence, and clear breach terms. The GPAI Code of Practice is the benchmark for what a serious provider should already commit to. Vendor contracts allocate responsibilities — they don’t transfer your deployer obligations under the Act.
✅ CONTROL 9 CHECKLIST — VENDOR GOVERNANCE
| □ Extend due diligence to model providers: provenance, SLAs, security evidence, breach terms |
| □ Benchmark providers against the GPAI Code of Practice |
| □ Remember vendor contracts don’t transfer your deployer obligations |
🗿 Control 10 — Incident Response and Serious-Incident Reporting
High-risk systems carry serious-incident reporting duties with strict timelines, and failing to report is a separate violation that compounds the first. Extend your incident-response playbooks to AI: detection for model failures and prompt-injection abuse — the OWASP Top 10 for LLM Applications and MITRE ATLAS map that attack surface — defined escalation, and a rehearsed notification path to the right authority.
✅ CONTROL 10 CHECKLIST — INCIDENT RESPONSE
| □ Extend incident-response playbooks to model failures and prompt-injection abuse |
| □ Map your attack surface against the OWASP LLM Top 10 and MITRE ATLAS |
| □ Rehearse the notification path to the right authority before you need it |
🔗 Tie the Ten Together — Then Test Them
Ten controls only protect you if they operate as one system. ISO/IEC 42001 gives you the management-system wrapper — and helps satisfy the Act’s own quality-management duty under Article 17 — while a conformity assessment is the formal test high-risk systems must pass before going live. Not sure whether you need the certification on top of the Act itself? See VISTA InfoSec’s EU AI Act vs. ISO 42001: What’s the Difference, and Do You Need Both? Track the moving dates through the implementation timeline and the EU AI Office. Guidance from ENISA and CISA closes the security loop.
The table below shows how the ten controls actually gate one another — and which deadline governs each, now that high-risk and transparency duties sit on two different clocks.
How VISTA InfoSec Turns This Checklist Into a Tested Control Set
VISTA InfoSec’s AI governance assessments follow the same practitioner-led, evidence-based methodology behind our other regulatory engagements, run in three phases:
|
1. Inventory & Classification Build or validate your AI system inventory and confirm risk classification against Article 6 and Annex III, including shadow AI. |
2. Control Gap Assessment Benchmark current practice against all ten controls above and the Act’s post-Omnibus deadlines — policies, technical controls, and vendor contracts. |
3. Remediation Roadmap A prioritised remediation roadmap that names owners and dates, ahead of conformity assessment. |
In our published DPO-as-a-Service case study, a full compliance gap assessment, policy framework, and staff training rollout were delivered inside four weeks for a UK financial services client. We bring that same audit rigor to benchmarking your AI estate against all ten controls above.
KEY TAKEAWAYS
| ✓ High-risk (Annex III) deadlines are now 2 December 2027, not 2 August 2026 — but Article 50 disclosure is still due 2 August 2026 |
| ✓ Start with the inventory (Control 1) — every other control depends on knowing what systems you run |
| ✓ Prohibited practices (Control 3), now including the new nudifier/CSAM ban, have no partial credit and no deadline flexibility |
| ✓ The extra runway on high-risk duties is time to build controls properly — not a reason to delay starting |
| ✓ A checklist isn’t evidence — a documented, tested control is what an assessor actually credits |
Frequently Asked Questions
The Bottom Line
The organisations that fail their first EU AI Act assessment won’t be the ones who misjudged the law — they’ll be the ones still planning against a deadline the Digital Omnibus already moved. The EU AI Act requirements still reward early movers: an inventory can be built in weeks; fixing gaps found during an assessment often takes months, regardless of which year that assessment lands in. Individually, these are EU AI Act controls. Mapped together with current dates, they’re a governance system you can hand to a control owner today.
Related reading: VISTA InfoSec’s EU AI Act Compliance Checklist — the step-by-step version of Control 1.
| VISTA InfoSec • AI Governance & EU AI Act Compliance Specialists
Ten Controls, Two Real Deadlines — Know Where You Stand 2 August 2026 for Article 50 disclosure, 2 December 2027 for high-risk systems. Get an EU AI Act readiness assessment now and know exactly which of the ten controls you’d fail today, while fixing them is still cheap.
|
Narendra Sahoo (PCI QPA, PCI QSA, PCI SSF ASSESSOR, CISSP, CISA, CRISC, 27001 LA) is the Founder and Director of VISTA InfoSec, a global Information Security Consulting firm, based in the US, Singapore & India. Mr. Sahoo holds more than 25 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, & Compliance services. VISTA InfoSec specializes in Information Security audit, consulting and certification services which include GDPR, HIPAA, CCPA, NESA, MAS-TRM, PCI DSS Compliance & Audit, PCI PIN, SOC2 Compliance & Audit, PDPA, PDPB to name a few. The company has for years (since 2004) worked with organizations across the globe to address the Regulatory and Information Security challenges in their industry. VISTA InfoSec has been instrumental in helping top multinational companies achieve compliance and secure their IT infrastructure.