EU Regulatory Intelligence — by YRproject

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NL·EN
Guide

AI Act board briefing: a template for the board and management team

Adopted 2026-06-28 · ≈ 1 min read · Dirk Baaijen

A concise template to get the AI Act and AI use onto the board table: what is happening, which risks and deadlines, which decisions are needed, and which oversight questions the board should ask. Adopt it for your next board/management meeting.

Short answer: AI use and the AI Act belong on the board table — not as technology, but as risk, decision and oversight. This concise template maps it in five blocks. Adopt it for your next board, management-team or supervisory-board meeting.

Template — AI Act board briefing [organisation], [date]

1. Where we stand. Which AI systems do we use (brief overview/register), in which processes, and with which suppliers? Do we have an AI use policy?

2. What is happening legally. The AI Act applies in phases; relevant next obligations are [transparency art. 50 / AI literacy art. 4 / high-risk]. Which regimes affect us (prohibited/high-risk/GPAI/transparency)? Plus GDPR and sectoral rules.

3. Risks. Top-3 risks: [e.g. uncontrolled employee use (shadow AI), data leak via AI tools, high-risk application without safeguards]. Impact and likelihood briefly.

4. Decisions needed. [e.g. adopt AI policy · appoint owner/AI contact · start literacy training · assess high-risk applications · re-assess suppliers]. Per decision: owner + deadline.

5. Board oversight questions. Who owns AI governance? Do we have sight of all AI systems? Can we demonstrate (logging/register) what happens? What is our exposure in the chain?

Annex: deadline overview and register. Repeat quarterly.

How to use it

Fill in the blocks briefly (one page), table it, and have an owner and deadline recorded per decision. Link it to your AI governance framework and, for the execution side, the AI agent governance checklist.

Lees ook: AI agent governance checklist.

Sources

  1. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act) — phased application, roles and human oversight.
  2. https://eur-lex.europa.eu/eli/reg/2016/679/oj
    Regulation (EU) 2016/679 (GDPR) — accountability.

Share on LinkedIn

Read next

U

AI agents for executives: which questions must you ask?

For executives, AI agents are not about technology but about control: who owns it, which actions may the agent take itself, how do we oversee it, and who is liable? This sets out the board-level core questions.

W

The AI Act for directors: responsibility, liability and oversight

The AI Act makes the board ultimately responsible for responsible AI use. Fines reach 35 million euro or 7% of global turnover. This guide explains what the board must steer on, how to organise oversight, and where personal risk lies.

U

NIS2 and board accountability: what must management do?

Under NIS2 the management body must approve the cybersecurity measures, oversee their implementation, undergo mandatory training, and can be held liable for breaches of these duties.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject — programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method →

A project or programme? Work with YRproject →

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.