Readiness diagnostic

Answer the core controls. No answer is stored server-side in this MVP.

The product scope includes software modules, AI, APIs, data and updates delivered to customers. Yes No

A risk file links foreseeable use, misuse, potential harm and mitigation measures. Yes No

Vulnerabilities, dependencies, security tests and patches are tracked with dated evidence. Yes No

AI components have documented datasets, evaluations, limits, monitoring and withdrawal procedures. Yes No

Instructions, usage limits, integration requirements and warnings are available to customers and distributors. Yes No

Each delivered version can be linked to requirements, changes, tests, incidents and dependencies. Yes No

A post-market process collects incidents, complaints, weak signals and corrective actions. Yes No

Manufacturer, importer, distributor and integrator roles are contractualized and verifiable. Yes No

A customer communication, deactivation, urgent patch or software recall procedure is tested. Yes No

Evidence is kept in an auditable space with owner, date and retention period. Yes No

After the score

Turn every negative answer into an action plan: owner, expected evidence, due date and commercial risk.