Technical documentation (Annex IV)
Mandatory provider documentation under Article 11 EU AI Act
Practitioner's note: This article is practice-oriented compliance documentation, not legal advice. We are a compliance specialist, not a law firm. For legally binding information please consult a licensed lawyer.
TL;DR
The technical documentation under Article 11 and Annex IV of the EU AI Act is a comprehensive documentation obligation for providers of high-risk AI systems. Contents: system description, development process, training data, risk management, human oversight, accuracy / robustness / cybersecurity, and conformity assessment. Date of application: 2 August 2026 (Digital Omnibus proposal of 19 November 2025: postponement to 2 December 2027 — trilogue ongoing, not yet adopted).
What is technical documentation (Annex IV)?
Annex IV requires nine areas:
- General description of the AI system
- Development (methods, architecture, frameworks)
- Training data (origin, preprocessing, bias testing)
- Accuracy, robustness, cybersecurity
- Risk management system
- Human oversight
- Post-market monitoring plan
- Assessment of potential discrimination
- List of applied harmonized standards
Practical example
In practice: technical documentation for an HR recruiting tool typically comprises 80 to 150 pages. Effort: 2 to 4 person-months on the provider's side.
Frequently asked questions
Is a GitHub README sufficient?
No. The Annex IV technical documentation is significantly more comprehensive — risk management, bias testing, and training data documentation must be expressly documented.
Do I have to make the documentation public?
No. It is submitted to market surveillance authorities on request. The EU database entry (Article 49), in contrast, is public.
What is the difference compared to a DPIA?
A DPIA (Article 35 GDPR) assesses data protection risks. The Annex IV technical documentation assesses the AI as a product — a much broader scope.