Transparency rules in2 Aug 2026
Help center / Best practices

A practical path to audit-ready in a week

You do not need a compliance department to get to an audit-ready posture. Here is a realistic plan that fits around a normal week.

Updated May 2026

The plan

  1. 1
    Inventory the tools you use

    Spend an hour adding the AI your team uses, or connect a source to find it for you. Aim for honest coverage, not perfection. See add the AI systems you use and find shadow AI.

  2. 2
    Confirm the high-risk classifications

    Go through anything flagged high-risk, read the reasoning, and confirm or reclassify. This is where the heaviest duties come from, so it is worth doing carefully. See confirm or reclassify a high-risk system.

  3. 3
    Generate the org-wide documents

    Generate the AI Literacy Policy, and the Article 50 Disclosure if you have limited-risk systems. Both are quick and apply broadly. See generate your first document.

  4. 4
    Work the high-risk documents and duties

    For each high-risk system, generate its per-system documents and handle the operational duties, like switching on log retention. Your roadmap lists them in order of what is at stake.

  5. 5
    Record a review

    Once your register and documents reflect reality, run a quarterly review to sign off that they do. That gives you a dated record in the audit log. See complete your quarterly review.

After the first week

The hard part is the first pass; keeping it current is light. Add new tools as they are adopted, regenerate documents when the register changes, and let the quarterly review catch anything that slipped. See prepare for an authority inquiry for what good looks like when someone asks.

Was this helpful?

Still need help?

Get in touch and a human will answer, or book a short walkthrough.

A note on cookies

We use strictly necessary cookies to run the site and keep it secure. With your OK, we also use privacy-respecting, EU-hosted analytics to see how Veillo is used. No advertising, no third-party trackers. Read our cookie policy.