Owner: CTO (AIMS Owner) with CISO and General Counsel
Effective Date: June 13, 2026
Reviewed: Annually
Frameworks: ISO/IEC 42001:2023 Annex A.6; supports EU AI Act provider obligations and the Secure Development Policy

Purpose

Define the responsible-AI life cycle for Neuroscale AI systems (ISO/IEC 42001 Annex A.6), so that objectives, requirements, validation, deployment, monitoring, and retirement are documented and gated. It implements the AI Acceptable Use Policy → AIMS and runs on top of the Secure Development Policy.

Scope

All Neuroscale AI systems: customer-facing Arbi AI features (recruiting/sourcing, screening, ranking, assistive), the Aurora synthetic-media feature, own-trained / self-hosted models, and material integrations of third-party models surfaced through a feature.

Objectives for responsible development (A.6.1.2)

Every AI system is developed to be: lawful and within its tiered EU AI Act / state-law obligations; fair and tested for disparate impact where it affects people; transparent (intended use, limitations, and AI-interaction disclosure); secure and privacy-preserving (deidentification of training data; least-privilege); and subject to human oversight for consequential decisions.

Life cycle stages and gates

Each stage produces documented evidence in the AI Model Registry feature card and is gated by the AI risk review.

1. Concept & requirements (A.6.2.2)

  • Define intended use, users, and uses to avoid; identify affected individuals/groups.
  • Complete the EU AI Act tiering / Annex III high-risk screen (mandatory in the registry schema).
  • Record requirements in the AI Requirements Specification.
  • Gate: DPIA/FRIA triggered where required (DPIA Procedure); no significant build before the screening DPIA is on file.

2. Design & development (A.6.1.3, A.6.2.3)

  • Apply secure-development and secure-architecture principles (Secure Development Policy).
  • Govern data per the Deidentification Standard and dataset cards (data provenance, quality, preparation — A.7).
  • Document design and development in the model card.

3. Verification & validation (A.6.2.4)

  • Run the AI System Evaluation: performance benchmarks, bias/fairness (disparate-impact / subgroup parity per the Employment-AI Bias-Audit Procedure), robustness, and known-limitation testing.
  • Gate: documented validation confirmation before deployment; high-risk features require independent bias-audit sign-off before any AEDT deployment.

4. Deployment (A.6.2.5)

  • Deploy through Change Management with an AI Deployment Approval Record (the AI review log entry) capturing the approver, conditions, and evidence references.
  • Ship the required AI-interaction / AI-content disclosures (AI Interaction Disclosure; EU AI Act Art. 50 from Aug 2, 2026).

5. Operation & monitoring (A.6.2.6)

  • Post-market monitoring: drift, bias regression, abuse/misuse signals, and incidents are monitored continuously; cadence recorded in the model card.
  • Event logging per A.6.2.8 (Logging & Monitoring); AI incidents handled via the AI Serious-Incident & Adverse-Impact Reporting Procedure.
  • Periodic re-evaluation (default 24 months; sooner on material change) and re-confirmation of tiering.

6. Retirement

  • Decommission per Records Disposal; retain the model card, evaluation records, and decisions for the retention period; update the registry status to Retired.

Technical documentation (A.6.2.7)

The AI Model Registry model card is the AI system’s technical documentation, structured to align with EU AI Act Annex IV for high-risk systems (intended purpose, design, data, validation, monitoring, and limitations).

Roles

RoleResponsibility
CTO (AIMS Owner)Owns the life cycle; chairs AI risk review; approves deployment
CISOAI security, monitoring, incident handling
General CounselTiering, DPIA/FRIA, regulatory obligations
Product ownerRequirements, evaluation, model-card upkeep

Records

Per-feature model cards, evaluation records, deployment approval records, monitoring records — retained per the Records Retention Schedule.

Cross-references

Version history

VersionDateDescriptionAuthorApproved by
1.0June 13, 2026Initial AI system life cycle process.Cameron WolfeIshan Jadhwani