The AI System Wizard
The AI System Wizard is Klarvo's guided intake process, designed to capture all information needed for EU AI Act compliance in a structured, user-friendly flow.
Wizard Design Philosophy
The wizard follows these principles:
< 10 minutes for a complete Full Assessment
Every answer creates action: Classification decision, obligation flag, evidence request, or task
Progressive disclosure: Complex questions only appear when relevant
Save progress: Resume anytime without losing work
The 20 Steps
#### Part 1: Foundation (Steps 0-3)
Step 0: Mode Selection
Choose Quick Capture or Full Assessment. Quick Capture skips optional questions and creates follow-up tasks.
Step 1: Basic Information
System name and internal reference ID
Lifecycle status (Idea, Pilot, Live, Retired)
Primary owner assignment
Step 2: Vendor Information
Built in-house vs. third-party acquisition
Vendor selection or creation
Contract documentation links
Step 3: Ownership & Accountability
Backup owner
Oversight owner
Department/team assignment
#### Part 2: Scope & Context (Steps 4-5)
Step 4: Deployment Scope
Deployment regions (EU, UK, US, Other)
EU countries of operation
Internal user groups
Affected external parties
Step 5: Value Chain Role
Deployer, Provider, or Both
External offering assessment
Foundation model usage
#### Part 3: Definition & Classification (Steps 6-9)
Step 6: AI System Definition Test
Infers outputs from inputs?
Output types (predictions, recommendations, etc.)
Operates autonomously?
Adapts after deployment?
Technical approach (ML, LLM, rules-based)
Step 7: Use Case & Functionality
Purpose category
Workflow description
Human involvement level
Override capability
Usage frequency and scale
Step 8: Prohibited Practices Screening
Eight critical questions covering Article 5:
Manipulation/deception
Exploitation of vulnerabilities
Social scoring
Criminal profiling
Facial recognition scraping
Workplace emotion inference
Biometric categorisation
Real-time remote biometric ID
Step 9: High-Risk Screening
Nine Annex III category checks:
Biometrics
Critical infrastructure
Education
Employment
Essential services
Law enforcement
Migration/border
Justice/democratic processes
Safety components
#### Part 4: Obligations (Steps 10-14)
Step 10: Transparency Obligations
Article 50 requirements:
Direct interaction disclosure
Synthetic content marking
Emotion recognition notice
Deepfake disclosure
Public-interest text disclosure
Step 11: Data & Privacy
Personal data processing
Special category data
Minors involved
Data sources and control
Retention periods
DPIA status
Step 12: Human Oversight
Oversight model (HITL/HOTL/HOOTL)
Oversight owner authority
Competence requirements
Training status
SOP documentation
Step 13: Logging & Records
Automatic logging capability
Log storage location
Access controls
Retention period
Export capability
6-month retention confirmation
Step 14: Incidents & Monitoring
Incident response process
Severity levels
Notification procedures
Suspension capability
#### Part 5: Special Contexts (Steps 15-17)
Step 15: Workplace Context
Workplace use assessment
Worker notification status
Step 16: Public Authority Context
Public authority status
Public service provision
Registration status
Step 17: Training & AI Literacy
Staff roles involved
Training program status
Completion tracking
#### Part 6: Finalization (Steps 18-20)
Step 18: FRIA Assessment
FRIA trigger evaluation
FRIA status tracking
Link to FRIA Wizard
Step 19: Review & Sign-off
Final classification confirmation
Reviewer assignment
Sign-off date
Notes
Step 20: Completion
Summary of outputs
Generated documents
Next steps
Action items
Auto-Generated Outputs
Upon completion, the wizard creates:
AI System Record: Full database entry
Classification Memo: PDF with rationale
Gap Checklist: Missing controls/evidence
Task Plan: Auto-assigned action items
Evidence Requests: Specific document needs