Transparency rules in2 Aug 2026
Help center / The compliance documents

The Risk Management Procedure

High-risk systems need a documented process for spotting and reducing the risks they create. The Risk Management Procedure is that process, written down.

Updated May 2026

What it is

A documented process for identifying, weighing, and reducing the risks a high-risk system creates over its life, and keeping that current as the system and its use change. It sits under Article 9.

When it applies

Once you have at least one confirmed high-risk system. It is generated organisation-wide rather than per system, since it describes how you run risk management across your high-risk uses.

How to generate it

Confirm your high-risk systems first, then generate the Risk Management Procedure from Documents. Review it so it reflects how your team actually reviews and mitigates risk, rather than the template defaults.

app.veillo.eu/app/documents
Risk Management Procedure
Article 9 · Organisation-wide
Generate
Risk Management Procedure, on the Documents screen. Organisation-wide.
A starting point, not final legal text
The template wording is a lawyer-authored input and is marked pending counsel review until signed off. Treat the generated document as a strong draft to review with your own lawyer. See what "pending counsel review" means.

Veillo is compliance tooling, not a law firm. Even counsel-reviewed content is general reference, not legal advice on your specific situation.

Was this helpful?

Still need help?

Get in touch and a human will answer, or book a short walkthrough.

A note on cookies

We use strictly necessary cookies to run the site and keep it secure. With your OK, we also use privacy-respecting, EU-hosted analytics to see how Veillo is used. No advertising, no third-party trackers. Read our cookie policy.