RiskForgev1.0.0
Guided 8-dimension risk assessment CLI with 37 questions drawn from EU AI Act Article 9 requirements, Annex III pattern matching, and SHA-256 hash-chained audit trail. Produces a Risk Management File (JSON + PDF) suitable for inclusion in your Annex IV technical documentation pack; not a substitute for notified-body conformity assessment. Approximately 30 minutes per assessment instead of weeks of consulting work.
Apache 2.0 · zero telemetry · source Regulation (EU) 2024/1689 (Article 9).
Why RiskForge exists
Risk management system
Article 9 applies from 2 December 2027 for high-risk AI systems. The Digital Omnibus (adopted June 2026, pending publication in the Official Journal) deferred that date from 2 August 2026. What the article requires is a documented, lifecycle-long risk management system, not a one-time assessment. Failure to maintain it routes through the Article 16 provider obligations and is sanctionable up to €15M or 3% of global annual turnover under Article 99(4). The operational consequence: risk management must produce versioned, reviewable artefacts mapped to identified hazards, with testing evidence sufficient to defend the residual-risk judgement.
When the findings land on a governance desk
Tools surface problems. Programmes solve them.
RiskForge hands you the file. The work that follows (programme design, board narrative, regulator engagement) is what AskAjay.ai (the advisory arm of AI Exponent LLC) does.
Explore advisory at AskAjay.ai →Other AiExponent flagship tools