A documented system of policies, procedures, and processes required of providers under the EU AI Act to ensure consistent compliance with regulatory requirements throughout AI system development and operation. QMS obligations for high-risk AI systems include risk management procedures, data governance, technical documentation practices, post-market monitoring, vulnerability identification, incident reporting protocols, and recordkeeping.
See: AI governance; High-risk AI system; ISO/IEC 42001; Post-market monitoring; Provider; Vulnerability / CVE