Chapter IIIHigh-Risk
Article 42
Presumption of Conformity with Certain Requirements
Plain-Language Summary
Creates rebuttable presumptions of conformity for specific scenarios: AI systems trained and tested on data reflecting the intended geographic, behavioural or functional setting are presumed to meet data governance requirements; systems compliant with voluntary cybersecurity schemes are presumed to meet cybersecurity requirements.
Keywords
presumption of conformitydata governancecybersecurityspecific contexttestingtraining data
Legal Text
Article 42 — Presumption of Conformity with Certain Requirements 1. Taking into account their intended purpose, high-risk AI systems that have been trained and tested on data concerning the specific geographical, behavioural, functional and contextual setting within which they are intended to be used shall be presumed to comply with the data governance and management requirements laid down in Article 10. 2. Approved cybersecurity schemes under Regulation (EU) 2019/881 and the references of which have been published in the Official Journal of the European Union, shall be presumed to meet the cybersecurity requirements set out in Article 15 of this Regulation, in so far as those schemes or parts thereof cover those requirements.