Article 11 — Technical Documentation
Article 11 of the EU AI Act requires that providers of high-risk AI systems prepare comprehensive technical documentation before placing the system on the market, and keep it updated throughout the system’s operational life. This documentation must be made available to market surveillance authorities on request.
Annex IV specifies the contents of the required technical documentation in detail.
Annex IV Documentation Requirements
| Annex IV section | Requirement | VeriProof contribution |
|---|---|---|
| 1. General description | Purpose, intended users, hardware/software environment | Manual — you write this |
| 2. Detailed description of elements | Architecture, training methods, key design decisions | Manual + architecture documentation |
| 3. Monitoring, functioning, and control information | Logging, output monitoring, human oversight mechanisms | VeriProof session capture and audit trail |
| 4. Description of changes through lifecycle | Version history, change log for significant modifications | Manual — engineering process |
| 5. Post-market monitoring system | How real-world performance data is collected and reviewed | VeriProof is the system; evidence package is the documentation |
| 6. Risk management documentation | Output of the Article 9 process | VeriProof evidence package for Article 9 |
| 7. Instructions for use | Deployer guidance on intended use, limitations, oversight requirements | Manual — product documentation |
VeriProof generates evidence for Annex IV sections 3, 5, and 6. Sections 1, 2, 4, and 7 are documentation you write as part of your system design and product management processes.
The Technical Documentation Package
VeriProof’s compliance evidence export generates a structured package that satisfies the evidence requirements for sections 3, 5, and 6 of Annex IV.
To generate the package, open Compliance → Evidence Exports in the Customer Portal. Select the EU AI Act framework, choose the articles to include (9, 10, 11, 13, 17), set the report period, and click Download Evidence Pack (PDF). The PDF is signed by VeriProof and suitable for submission to a conformity assessment body or market surveillance authority. JSON format is also available if you need to process the data programmatically.
What the Package Contains
Section A — System Description (populated from your organisation’s settings)
- System name, version, deployment date
- Intended purpose and user population
- Countries of deployment
Section B — Monitoring Implementation
- Description of the session capture architecture (auto-generated from your SDK configuration)
- Governance scoring configuration and threshold documentation
- Alert rule inventory
Section C — Post-Market Monitoring Data
- Session-level records with blockchain proof reference for the report period
- Governance score summary: mean, percentile distribution, trend over period
- Alert trigger history with counts by severity and dimension
- Statistical summary of input/output distribution
Section D — Risk Management Evidence
- Governance dimension performance against Article 9 thresholds
- Incident log: sessions that triggered high-severity alerts, with response timestamps
- Corrective actions recorded against triggered alerts
Section E — Attestation
- TEE measurement from the Notary service confirming proof integrity
- Signed statement that the session records in the package are complete and unaltered for the report period
Keeping Documentation Current
Article 11 requires documentation to be kept up to date. In practice this means:
- After significant changes (new model version, new use case, new geographic market): regenerate the technical documentation package to capture the current system state
- Annual review cycle: Most conformity assessment processes expect evidence covering the preceding 12 months of production operation
- On incident: Supplement the standard documentation with an incident-specific evidence export for Article 17 corrective action records
You can generate documentation packages at any time from the Customer Portal or API. There is no limit on the number of packages you generate.
Evidence Package Lifecycle
Generate the package
Use the Customer Portal (Compliance → Evidence Export) or the API to generate a package covering the desired time period and regulatory articles.
Validate the output
Review the generated PDF to ensure:
- The system description section is accurate (edit your organisation settings if not)
- Governance dimensions and thresholds reflect your current operational configuration
- The session count and date range match your expectations
Archive and version the package
Store the package in your document management system alongside your other Article 11 documentation. VeriProof retains a copy in your account for the duration of your subscription.
Share with auditors on request
National market surveillance authorities can request your technical documentation in the course of a compliance assessment. VeriProof’s package is formatted to be shared directly or attached to the template forms used by EU member state authorities.
Next Steps
- Evidence Packaging Walkthrough — step-by-step guide
- Article 9 — Risk Management — risk evidence for Annex IV section 6
- Article 17 — Quality Management — corrective action documentation