Artificial intelligence has ceased to be the domain of research laboratories or technology giants. Today, AI systems process loan applications in banks, support doctors’ decisions, recruit employees, optimise supply chains and make hundreds of other critical decisions in economic and social life. This rapid expansion of AI brings enormous opportunities, but also real risks – from algorithmic discrimination through privacy violations, to threats to public safety. In response to these challenges, the European Union has adopted the AI Act – the world’s first comprehensive legal regulation of artificial intelligence systems.
For Polish companies, regardless of their size or industry, the AI Act is not a distant prospect, but a real necessity to prepare now. This regulation does not only concern companies creating AI systems. It also covers those who implement them, integrate them with their own business processes or simply use them in their daily operations. The key question you should ask yourself is: does your team possess the competencies necessary to ensure compliance with the AI Act?
This article provides a practical guide that will explain what the AI Act is, what kind of competencies are essential in the organisation at various levels – from management staff to technical teams – and how to effectively prepare a training plan that will allow your company not only to avoid severe penalties (up to €35 million!), but also to use this transformation as an opportunity to build competitive advantage.
Quick navigation
- AI Act in a nutshell: the first global AI system regulation and implementation timeline
- AI risk classification – how to determine whether your systems are subject to regulation?
- Article 4 of the AI Act: the obligation of AI literacy for all employees
- Technical competencies of teams: bias testing, explainability, data governance
- What management and compliance staff must know?
- Training roadmap: how to effectively prepare the team for the AI Act
- Severe penalties for non-compliance and how to avoid them
- The relationship between the AI Act and NIS2, GDPR and DORA
- How EITT prepares companies for AI Act compliance
- FAQ: answers to the most frequently asked questions
What is the AI Act and when does it come into force?
The AI Act (Artificial Intelligence Act) is a regulation of the European Parliament and the Council of the EU adopted in May 2024, which establishes the world’s first comprehensive legal system regulating the development, placing on the market and use of artificial intelligence systems. This regulation is based on a risk-based approach, which means that the higher the risk associated with a specific AI system for the health, safety or fundamental rights of citizens, the more rigorous requirements it must meet.
The AI Act implementation timeline is gradual:
- February 2025 (6 months after entry into force) – prohibition of the use of high-risk AI systems deemed unacceptable (e.g. social scoring by public authorities, real-time biometric identification in public spaces without exceptions).
- August 2025 (12 months) – requirements for general purpose AI models (GPAI – General Purpose AI, such as GPT-4, Claude, Gemini).
- August 2026 (24 months) – full requirements for high-risk AI systems, including obligations of providers and deployers.
- August 2027 (36 months) – requirements for high-risk AI systems already in use (legacy systems).
A key aspect of the AI Act is extraterritoriality – the regulation applies not only to companies based in the EU, but also to those outside the EU that offer AI systems on the EU market or whose systems produce effects on EU territory. So if your company uses AI tools from American or Asian providers, the regulation still applies to you as a “deployer”.
How does AI risk classification affect your company?
The AI Act divides AI systems into four risk categories, and this categorisation determines what requirements you must meet:
1. AI systems with unacceptable risk (prohibited)
Completely prohibited in the EU. Examples:
- Social scoring systems by public authorities
- Real-time biometric identification in public spaces (with exceptions for crime prosecution)
- Subliminal manipulation of people’s behaviour
- Exploitation of vulnerabilities of specific groups (e.g. children, disabled persons)
2. High-risk AI systems
This is the heart of the regulation. These systems can be used, but only after meeting rigorous requirements. The AI Act defines two groups:
Group A: AI systems used as safety components of products subject to EU harmonisation legislation (e.g. toys, medical devices, vehicles, industrial machinery).
Group B: Stand-alone AI systems in eight high-risk areas:
- Biometrics – identification and categorisation of persons
- Critical infrastructure management – transport, energy, water
- Education and vocational training – assessment of students, access to educational institutions
- Employment – recruitment, employee assessment, performance monitoring
- Access to services – credit worthiness assessment, insurance risk scoring, public assistance
- Law enforcement – risk assessment of committing a crime, lie detection, criminal profiling
- Migration management – verification of document authenticity, assessment of illegal migration risk
- Administration of justice – supporting interpretation of law, application of law to facts
Does your company use AI systems for recruitment, employee assessment, credit scoring, predictive maintenance of critical infrastructure? If so, you are probably operating in the high-risk zone.
3. Limited risk AI systems
Require transparency. Examples:
- Chatbots (the user must know they are talking to AI)
- Emotion recognition systems
- Biometric categorisation systems
- Deepfakes (must be labelled)
4. Minimal risk AI systems
No special requirements (e.g. spam filters, video games). Most AI systems fall into this category, but it is worth conducting a proper assessment.
Practical self-assessment questions:
- Do we use AI in HR processes (recruitment, assessment, monitoring)?
- Do we apply AI-supported credit scoring or risk assessment?
- Do we use facial recognition or other biometric systems?
- Does AI support decisions regarding access to services or benefits?
A “yes” answer to any of these questions means you are probably operating in the high-risk zone and need advanced compliance competencies.
Article 4 of the AI Act: why must every employee understand AI?
One of the most groundbreaking, yet often overlooked requirements of the AI Act is Article 4 – AI Literacy. It states that:
“Providers and deployers of AI systems shall take measures to ensure a sufficient level of AI literacy skills in relation to those systems, in particular for personnel involved in the operation and use of AI systems and for persons affected by the use of AI systems.”
What does this mean in practice? AI literacy is not an optional training for IT departments. It is a mandatory awareness programme for all employees, which should cover:
For operational staff:
- Basics of how AI works – what is machine learning, an algorithm, a predictive model
- Understanding AI limitations – where AI can be wrong, what a model “hallucination” is
- Responsible use of AI tools – how to correctly formulate queries, verify results
- Recognising potential errors and bias – how to detect that AI may discriminate
For managers:
- Understanding AI’s impact on decision-making processes in the team
- Responsibility for decisions supported by AI
- Principles of supervision over AI systems
- When and how to escalate problems
For senior management:
- Strategic implications of the AI Act for the business model
- Legal and reputational risks associated with AI
- Principles of AI corporate governance
- The relationship between the AI Act and other regulations (GDPR, NIS2, DORA)
The absence of an AI literacy programme is not only exposure to penalties. It is primarily a real risk that employees will use AI tools incorrectly, fail to notice system errors or violate the rights of persons whose data is being processed.
What technical competencies are essential in IT and Data Science teams?
Technical teams face the deepest competency transformation. The AI Act introduces requirements that demand new, specialist skills going far beyond traditional software engineering or data science.
1. Bias Testing and Fairness Assessment
What it is: The ability to detect and measure bias in AI systems – situations where an algorithm discriminates against specific groups (e.g. based on gender, age, ethnicity).
Required skills:
- Knowledge of fairness metrics (demographic parity, equalised odds, calibration)
- Ability to conduct tests on representative samples
- Analysis of results in terms of protected attributes
- Documentation of test results for compliance purposes
Tools: Fairlearn, AI Fairness 360 (IBM), What-If Tool (Google), Aequitas
The AI Act requires: For high-risk systems – systematic testing for bias before deployment and during operation.
2. Explainability and Interpretability (XAI)
What it is: The ability to explain why an AI system made a specific decision. For “black boxes” (e.g. deep neural networks) this is a serious technical challenge.
Required skills:
- Model-agnostic techniques (LIME, SHAP)
- Model-specific techniques (attention mechanisms, saliency maps)
- Creating reports explaining AI decisions for non-technical users
- Balancing trade-off: accuracy vs interpretability
The AI Act requires: For high-risk systems – the ability to provide explanations of decisions to persons affected by those decisions (right to explanation).
3. Data Governance and Data Quality Management
What it is: Ensuring that training data is of high quality, representative, appropriately anonymised and compliant with GDPR.
Required skills:
- Data lineage tracking – tracking the origin and transformation of data
- Data quality assessment – assessment of data completeness, consistency, timeliness
- Management of training, validation, test samples
- Anonymisation and pseudonymisation techniques compliant with GDPR
- Data versioning
The AI Act requires: Detailed data governance documentation, including data provenance, their representativeness and methodology of preparing training datasets.
4. Risk Management Framework for AI
What it is: A systematic approach to identifying, assessing, mitigating and monitoring risks associated with AI systems.
Required skills:
- Conducting AI Risk Assessments (AIRA)
- Mapping risks in the context of the AI Act, GDPR, cybersecurity
- Creating risk mitigation plans
- Implementation of monitoring and alerting mechanisms
The AI Act requires: For high-risk systems – a risk management system throughout the system’s lifecycle.
5. Comprehensive Documentation and Audit Trail
What it is: Maintaining full, detailed technical documentation of the AI system and logs allowing audit of decisions.
Required skills:
- Documentation of model architecture, hyperparameters, training procedures
- Maintaining logs of all model versions (MLOps)
- Automation of compliance documentation generation
- Management of technical documentation in accordance with AI Act requirements
The AI Act requires: For high-risk systems – detailed technical documentation available to supervisory authorities and maintaining logs for a minimum of 10 years (for some categories).
6. Human Oversight Mechanisms
What it is: Designing AI systems with built-in human oversight mechanisms (human-in-the-loop, human-on-the-loop).
Required skills:
- Designing interfaces enabling effective supervision
- Implementation of confidence score thresholds requiring human intervention
- Override mechanisms – enabling humans to reject AI decisions
- Designing hybrid workflows (AI + human)
The AI Act requires: For high-risk systems – ensuring that humans can supervise AI operation and intervene when necessary.
What does management and the compliance department need?
The AI Act introduces personal responsibility of managers for ensuring AI system compliance. This is not just a task for IT or legal departments – it is a strategic priority at board level.
Competencies for C-level (CEO, COO, CTO, CFO)
1. Strategic understanding of the AI Act
- Impact of regulation on business model and product strategies
- Assessment of which business processes require reclassification due to the AI Act
- Build vs buy vs abstain decisions for high-risk AI systems
- Budgeting investments in compliance (personnel, training, audits, certifications)
2. AI Risk Governance
- Establishment of AI governance structure (AI Governance Board)
- Definition of risk appetite for AI systems
- Escalation of incidents related to AI
- Integration of AI risk management with enterprise risk management (ERM)
3. Awareness of penalties and legal consequences
- Penalties for non-compliance: up to €35 million or 7% of global turnover (whichever is higher)
- Civil liability for damage caused by AI systems
- Reputational risk and impact on ESG rating
Competencies for Legal and Compliance departments
1. Interpretation of AI Act provisions
- Detailed knowledge of the definition of AI system according to the AI Act
- Risk classification criteria
- Obligations of providers vs deployers vs importers
- Procedures for reporting serious incidents to supervisory authorities
- Notification requirements to EU databases (EU Database for High-Risk AI Systems)
2. Gap Analysis and Action Plans
- Audit of all AI systems used in the organisation
- Assessment of the gap between current state and AI Act requirements
- Prioritisation of actions according to legal and business risk
- Action schedule with milestones
3. Compliance documentation management
- Maintaining an AI systems register (AI registry)
- Collecting technical documentation for high-risk systems
- Managing declarations of conformity (Declaration of Conformity)
- Preparation for audits by supervisory authorities
4. Relations with AI suppliers
- Negotiating contracts with AI system suppliers (SLA, liability clauses)
- Verification of supplier compliance with the AI Act
- Contractual provisions regarding access to documentation and audit support
- Vendor risk assessment procedures for AI systems
Competencies for Data Protection Officers (DPO)
The AI Act and GDPR are closely linked. DPOs must understand:
- The relationship between DPIA (Data Protection Impact Assessment) and AIRA (AI Risk Assessment)
- GDPR principles in the context of AI training datasets
- Right to explanation of automated decisions (Art. 22 GDPR)
- Consent management requirements for AI systems processing personal data
How to build an effective AI Act training plan – roadmap?
Preparing the team for AI Act compliance is a multi-stage process that should be tailored to the organisation’s specifics. Here is a tested roadmap:
Phase 1: Assessment and Prioritisation (Month 1-2)
Actions:
- Conduct an inventory of all AI systems used in the company
- Classify them according to AI Act risk categories
- Identify roles and teams critical for compliance
- Conduct competency gap analysis for these teams
- Establish training priorities according to compliance urgency and legal risk
Output: AI Systems Inventory + Training Needs Assessment Report
Phase 2: Awareness Training – basic level (Month 2-3)
Target group: All employees (Article 4 AI Act requirement)
Programme:
- What is the AI Act and why does it apply to your company (2h)
- Basics of AI literacy – how AI works, what ML models are (2h)
- Responsible use of AI tools at work (2h)
- Recognising AI risks and bias (2h)
- Case studies: AI errors and their consequences (1h)
Format: E-learning + online workshops Output: AI Literacy Certificate + knowledge test
Phase 3: Training for management (Month 3-4)
Target group: C-level, VP, Senior Management
Programme:
- Strategic implications of the AI Act for business (half day)
- AI Risk Governance – how to supervise AI (half day)
- Penalties, legal liability and reputational risk (half day)
- Workshop: AI Governance Framework for your company (1 day)
Format: On-site workshop with case studies Output: AI Governance Policy Draft + Action Plan
Phase 4: Technical training – intermediate level (Month 4-6)
Target group: IT teams, Data Science, ML Engineering
Programme:
- AI Act Technical Requirements Deep Dive (1 day)
- Bias Testing and Fairness Assessment (2 days, hands-on)
- Explainable AI (XAI) – tools and techniques (2 days, hands-on)
- Data Governance for AI – GDPR + AI Act (1 day)
- Risk Management Framework for AI (1 day)
- Technical documentation compliant with the AI Act (1 day)
Format: Practical workshops + lab exercises Output: AI Act Technical Compliance Certificate + project portfolio
Phase 5: Training for Legal and Compliance (Month 5-6)
Target group: Legal teams, compliance, DPO, internal auditors
Programme:
- AI Act Legal Framework – detailed analysis of provisions (2 days)
- Gap Analysis Methodology (1 day, practical)
- Vendor Management for AI systems (1 day)
- Preparation for audits by supervisory authorities (1 day)
- Compliance documentation and incident reporting procedures (1 day)
Format: On-site workshops + legal case studies Output: Compliance Playbook + operational procedures
Phase 6: Advanced Specialisation (Month 7-12)
Target group: Specialist roles (AI Ethics Officer, AI Risk Manager, AI Auditor)
Programme:
- Advanced XAI techniques and bias mitigation (external certification)
- AI Security and Adversarial ML (external certification)
- AI Auditing Standards (ISO/IEC 42001, IEEE 7000) (external certification)
- Ethical AI Design (external certification)
Format: Certification courses + industry conferences Output: International certificates
Phase 7: Continuous Learning and Update Training (Ongoing)
The AI Act is a living regulation – technical standards and guidance notes will be published over the coming years.
Actions:
- Quarterly AI Act Updates newsletter
- Webinars on new regulator guidelines
- Annual refresher training for all employees
- Specialist follow-up workshops for technical teams
What penalties are threatened for non-compliance with the AI Act?
The AI Act provides for some of the most severe administrative penalties in the history of EU regulations. The penalty system is tiered according to the severity of the violation:
Tier 1: Most serious violations – up to €35 million or 7% of global annual turnover
- Use of prohibited AI systems (unacceptable risk)
- Violation of obligations concerning general purpose AI models (GPAI)
Tier 2: Serious violations – up to €15 million or 3% of global annual turnover
- Violation of requirements for high-risk AI systems
- Violation of deployer obligations
Tier 3: Other violations – up to €7.5 million or 1.5% of global annual turnover
- Providing false information to supervisory authorities
- Violation of transparency requirements (e.g. for chatbots, deepfakes)
Additional consequences:
- Civil liability: Persons harmed by high-risk AI systems can claim compensation
- Product placing ban: Supervisory authorities can prohibit placing on the market or withdraw from the market non-compliant AI systems
- Reputational risk: Public disclosure of violations can seriously damage the company’s image
- Impact on ESG rating: Non-compliance with the AI Act affects governance assessment in ESG rating
Probability of enforcement: Supervisory authorities (in Poland: the President of the Personal Data Protection Office and sectoral regulatory bodies) will have extensive powers:
- Conducting audits and inspections
- Requesting access to source code and technical documentation
- Requesting explanations and documents
- Issuing orders to suspend AI system operations
Remember: penalties are calculated on global turnover of the capital group, not just the Polish branch.
How does the AI Act interact with NIS2, GDPR and DORA?
The AI Act does not operate in a legal vacuum. Companies must ensure compliance with the entire ecosystem of EU regulations with which the AI Act intersects:
AI Act + GDPR (General Data Protection Regulation)
Intersections:
- Many AI systems process personal data – requires consent/legal basis under GDPR
- Art. 22 GDPR (automated decision-making) vs AI Act requirements
- DPIA (Data Protection Impact Assessment) should be integrated with AIRA (AI Risk Assessment)
- Right to explanation of automated decisions (GDPR) + explainability obligation (AI Act)
Key principle: The AI Act imposes additional requirements on AI systems processing personal data, but does not replace GDPR.
Practical action: DPO and AI Compliance Officer must work closely together. Privacy by design procedures should include AI-specific requirements.
AI Act + NIS2 (Network and Information Security Directive)
Intersections:
- Security of AI systems is part of the broader cybersecurity strategy
- Security incidents related to high-risk AI systems may require notification under both the AI Act and NIS2
- Risk management requirements are present in both regulations
Key principle: AI systems, especially in critical infrastructure, must meet the requirements of both the AI Act and NIS2.
Practical action: Integrate AI security with corporate cybersecurity framework. CISO should be involved in oversight of AI systems.
AI Act + DORA (Digital Operational Resilience Act)
Intersections:
- DORA concerns the financial sector – one of the key areas of application of high-risk AI systems
- Operational resilience requirements cover AI systems supporting critical business processes
- ICT risk management (DORA) must take into account specific AI risks
Key principle: Financial institutions implementing AI systems must ensure compliance with both regulations simultaneously.
Practical action: DORA audits should include assessment of AI systems. Operational resilience testing must include AI failure scenarios.
Integrated compliance strategy
Instead of treating each regulation separately, effective companies build an integrated compliance framework covering:
- Common risk register (AI Act + GDPR + NIS2 + DORA)
- Coordinated training programmes
- Unified governance structure with clear division of responsibilities
- Integrated documentation and reporting system
How does EITT prepare companies for AI Act compliance?
At EITT we believe that technology is only a tool – real advantage is built by people’s competencies. The AI Act is not just a legal requirement, it is an opportunity for organisational transformation and building a culture of responsible use of AI. Our mission is to support Polish companies in this transformation by developing competencies at every level of the organisation.
Our approach: from assessment to certification
1. AI Act Readiness Assessment We start with a comprehensive assessment:
- Inventory of AI systems in the organisation
- Risk classification according to the AI Act
- Gap analysis – what you have, what is missing
- Prioritisation of actions according to legal and business risk
- Adaptation roadmap with timelines and budget
2. Role-specific training programmes We offer a full spectrum of training, from awareness to deep technical:
For all employees:
- AI Literacy Programme (Art. 4 compliance)
- Format: e-learning + workshops, 8h
- Completion certificate
For management:
- AI Act Strategic Leadership
- Format: 2-day workshop, case studies, board simulation
- AI Governance Framework Workshop
For technical teams:
- AI Act Technical Compliance (5 days)
- Bias Testing & Fairness Engineering (3 days, hands-on)
- Explainable AI Workshop (2 days, XAI tools)
- Secure AI Development (DevSecOps for AI, 3 days)
- Risk Management for AI Systems (2 days)
For Legal & Compliance:
- AI Act Legal Framework (3 days)
- AI Compliance Auditor Training (4 days)
- Vendor Risk Management for AI (1 day)
3. Practical tools and templates We do not just teach theory – we provide ready-to-use:
- AI Act compliant technical documentation templates
- AI risk assessment procedures
- Audit checklists for high-risk systems
- AI governance policy templates
- Bias testing tools
4. Continuous support and advisory
- Access to our AI Act experts for 12 months
- Update webinars: new regulator guidelines
- Compliance helpdesk: answers to current questions
- Annual follow-up audit
Why EITT?
- 500+ experts with experience in IT, cybersecurity, compliance, Data Science
- 2500+ trainings conducted for leading Polish and international companies
- 4.8/5 average rating from training participants
- Practical approach: case studies from the Polish market, real-world scenarios
- Certified trainers: our experts hold international certifications (CIPP/E, CISSP, CISA, Data Science certifications)
Do not wait until 2026. Companies that invest in AI Act competencies today will be tomorrow’s market leaders. Contact us to discuss a preparation plan for your organisation.
👉 Check our AI and compliance trainings 👉 Contact an EITT expert
FAQ – most frequently asked questions about the AI Act and team competencies
Does the AI Act only apply to companies that create AI systems?
No. The AI Act concerns three main groups:
- Providers – create or develop AI systems
- Deployers – use AI systems in their operations (e.g. HR department using AI for recruitment)
- Importers and distributors – place AI systems on the EU market
If your company uses an AI chatbot, credit scoring system, AI tools for recruitment or CV analysis, you are a “deployer” and are subject to the AI Act. You do not have to create AI to be covered by the regulation.
How long do we have to prepare for the AI Act?
The timeline is gradual:
- February 2025 – prohibition of unacceptable systems (if you use them – you must stop immediately)
- August 2026 – full requirements for new high-risk systems (18 months remaining)
- August 2027 – requirements for already operating systems (legacy systems)
Conclusion: If you plan to implement a new high-risk AI system, you have approximately 18 months to ensure full compliance. If you already use such systems, you have 3 years. However, building team competencies takes time – start now.
How much does it cost to train a team for the AI Act?
The cost depends on the company size and scope of AI use. Sample estimate for a company of 200 people:
- AI Literacy for everyone (200 people × 8h): 50-80 thousand PLN
- Technical training for IT/Data teams (20 people × 40h): 80-120 thousand PLN
- Training for compliance/legal (5 people × 24h): 25-40 thousand PLN
- Workshops for management (10 people × 16h): 30-50 thousand PLN
Total: 185-290 thousand PLN for a comprehensive annual programme.
For comparison: the minimum penalty for non-compliance is €7.5 million (approximately 32 million PLN). The training ROI is obvious.
What does “AI literacy” mean and who must possess it?
AI literacy (ability to use AI) is understanding:
- How AI systems work, their capabilities and limitations
- What risks are associated with using AI (errors, bias)
- How to use AI tools responsibly
- How to recognise problematic AI decisions and when to escalate
Who must possess AI literacy according to the AI Act?
- All employees directly using AI systems
- All employees affected by AI system decisions
- Persons supervising AI systems
- Management staff responsible for AI systems
In practice: if your company uses AI systems – all employees should undergo basic AI literacy training.
Can I rely on AI supplier assurances about AI Act compliance?
Partially, but with great caution. As a “deployer” you have your own obligations which you cannot fully transfer to the supplier:
- Verification that the system is appropriate for your use case
- Conducting your own AI risk assessment
- Ensuring human oversight
- Monitoring system operation in your organisation
- Employee training (AI literacy)
- Incident reporting
What you can require from the supplier:
- Declaration of Conformity
- Technical documentation
- Instructions for use
- Access to logs and audit data
- Support in case of supervisory authority inspection
Key principle: In the contract with the AI supplier clearly define the division of responsibilities and compliance support requirements. Legal and procurement departments must know the specifics of AI contracts.
How will the AI Act affect innovative AI projects – does it hamper innovation?
This is a common concern, but the AI Act provides for mechanisms supporting innovation:
AI Regulatory Sandboxes Regulators will create “regulatory sandboxes” – controlled environments where companies can test innovative AI systems under supervision, but with greater flexibility in interpreting provisions. Ideal for startups and R&D projects.
Support for SMEs (small and medium enterprises)
- Priority access to sandboxes
- Reduced certification fees
- Advisory support from supervisory authorities
Importantly: Companies investing in responsible AI from the start (security, fairness, transparency built into the design) will gain competitive advantage. The AI Act is not a barrier – it is a quality standard that builds customer trust.
Long-term perspective: Like GDPR, the AI Act may be a short-term challenge, but in the long term it creates a level playing field and raises the overall market level.
Who in the organisation should be responsible for AI Act compliance?
The AI Act requires a multidisciplinary approach. Typical responsibility structure:
Strategic level:
- Board/CEO – ultimate responsibility, approval of AI strategy and budgets
- AI Governance Board (committee) – oversight of all AI initiatives, coordination between departments
Operational level:
- AI Compliance Officer (new role) – coordination of compliance activities, contact with regulators
- CTO/Head of Data Science – responsibility for technical aspects, quality assurance
- CISO – security of AI systems, protection against attacks
- DPO (Data Protection Officer) – GDPR compliance in the context of AI
- Legal/Compliance Team – interpretation of provisions, contracts with suppliers, legal risk management
Executive level:
- Data Scientists/ML Engineers – implementation of technical requirements (bias testing, XAI)
- Risk Managers – conducting AI risk assessments
- Internal Auditors – audits of AI system compliance
In small companies: Functions can be combined (e.g. DPO + AI Compliance Officer), but basic knowledge must be present.
Conclusion: The AI Act is not a matter for the IT department or just legal – it is a transformation of the entire organisation, requiring commitment from management to operational teams. Investment in people’s competencies is an investment in the future of your company.
Ready for the AI Act? Contact EITT to receive a personalised offer of training and advisory for your organisation.
👉 Check our trainings in AI, Machine Learning and Compliance 👉 Arrange a consultation with an expert
Read Also
- NIS2 Training - What Your IT Team Needs to Know
- AI Agents in Enterprise - What Your Team Needs to Learn
- ‘Data strategy for AI: how to prepare your company for a successful implementation of artificial intelligence?‘
Develop Your Skills
This article is related to the training Artificial Intelligence - Developing Future Competencies. Check the program and sign up to develop your skills with EITT experts.