Article 11 — Technical Documentation
Article 11 of the EU AI Act requires that providers of high-risk AI systems prepare comprehensive technical documentation before placing the system on the market, and keep it updated throughout the system’s operational life. This documentation must be made available to market surveillance authorities on request.
Annex IV specifies the contents of the required technical documentation in detail.
Annex IV Documentation Requirements
| Annex IV section | Requirement | VeriProof contribution |
|---|---|---|
| 1. General description | Purpose, intended users, hardware/software environment | Manual — you write this |
| 2. Detailed description of elements | Architecture, training methods, key design decisions | Manual + architecture documentation |
| 3. Monitoring, functioning, and control information | Logging, output monitoring, human oversight mechanisms | VeriProof session capture and audit trail |
| 4. Description of changes through lifecycle | Version history, change log for significant modifications | Manual — engineering process |
| 5. Post-market monitoring system | How real-world performance data is collected and reviewed | VeriProof is the system; evidence package is the documentation |
| 6. Risk management documentation | Output of the Article 9 process | VeriProof evidence package for Article 9 |
| 7. Instructions for use | Deployer guidance on intended use, limitations, oversight requirements | Manual — product documentation |
VeriProof generates evidence for Annex IV sections 3, 5, and 6. Sections 1, 2, 4, and 7 are documentation you write as part of your system design and product management processes.
The Technical Documentation Package
VeriProof provides evidence artifacts for Annex IV sections 3, 5, and 6. You assemble these into your technical documentation package alongside your own system documentation.
To gather evidence for a report period:
- Session evidence pack: Open the session in the Customer Portal and download the evidence pack PDF from the session detail view.
- Auditor Evidence ZIP: Open the Compliance workspace and use the Evidence Exports tab to download an evidence ZIP covering the application and report period.
- Blockchain Audit Certificate: Download from the Compliance workspace to provide integrity proof.
For a step-by-step walkthrough of assembling a complete Article 11 package from these artifacts, see Evidence Packaging Walkthrough.
What the Package Should Cover
A well-structured Annex IV package typically includes:
Section A — System Description (your documentation)
- System name, version, deployment date
- Intended purpose and user population
- Countries of deployment
Section B — Monitoring Implementation (your documentation + VeriProof config exports)
- Description of the session capture architecture
- Governance scoring configuration and threshold rationale
- Alert rule inventory
Section C — Post-Market Monitoring Data (from VeriProof session and bulk exports)
- Session-level records with blockchain proof reference for the report period
- Governance score summary and trend for the period
- Alert trigger history with severity distribution
Section D — Risk Management Evidence (from VeriProof session exports + your governance records)
- Governance dimension performance against Article 9 thresholds
- Incident log: sessions that triggered high-severity alerts, with response timestamps
- Corrective actions recorded against triggered alerts
Section E — Integrity Verification (Blockchain Audit Certificate)
- Blockchain proof material supporting tamper-evidence claims for the exported records
Keeping Documentation Current
Article 11 requires documentation to be kept up to date. In practice this means:
- After significant changes (new model version, new use case, new geographic market): regenerate the technical documentation package to capture the current system state
- Annual review cycle: Most conformity assessment processes expect evidence covering the preceding 12 months of production operation
- On incident: Supplement the standard documentation with an incident-specific evidence export for Article 17 corrective action records
You can generate documentation packages at any time from the Customer Portal or API. There is no limit on the number of packages you generate.
Evidence Package Lifecycle
Export the evidence artifacts
Use the API or the Compliance workspace to export the session evidence, bulk application ZIP, and Blockchain Audit Certificate for the target period.
Validate the output
Review the exported materials to confirm:
- Session counts and date ranges match the period under review
- Governance dimensions and thresholds reflect your current operational configuration
- The blockchain certificate covers the sessions included in the package
Assemble and archive the package
Combine the VeriProof artifacts with your system documentation and store the complete package in your document management system. Record the assembly date and the period covered.
Share with auditors on request
National market surveillance authorities can request your technical documentation in the course of a compliance assessment. Provide the assembled package and note which artifacts came from VeriProof and which reflect your own system and process documentation.
Next Steps
- Evidence Packaging Walkthrough — step-by-step guide
- Article 9 — Risk Management — risk evidence for Annex IV section 6
- Article 17 — Quality Management — corrective action documentation