Capability · risk classification

AI-powered risk classification

Multi-framework risk tiers with the article references your auditors will demand.

Risk classification engine displaying multi-framework risk tiers with article citations

Risk classification is the hinge of every AI compliance regime, and every framework defines risk differently. The EU AI Act has four tiers tied to specific use cases. Colorado defines 'consequential' AI by impact on protected attributes. NIST AI RMF applies Govern, Map, Measure, and Manage as cross-cutting functions to every system. Attestry's classifier evaluates your system against all three, cites the article or clause that triggered each conclusion, and returns a calibrated confidence score on the EU AI Act tier so your legal team can defend the classification, not just trust it.

What's included

Built to be auditor-ready out of the box

EU AI Act 4-tier classification

Unacceptable, high-risk, limited-risk, minimal-risk, with Article 5 prohibitions, Annex III high-risk use cases, and Article 50 transparency obligations cited per system. Prohibitions surface before the classification is final.

Colorado AI Act consequential determination

Identifies systems making consequential decisions under Colorado's framework. Deployer and developer duties are broken out separately so each role's obligations are explicit.

NIST AI RMF applicability

Maps each system to the four NIST functions (Govern, Map, Measure, Manage), with applicability surfaced as a flag per function. Subcategory-level gaps surface during the NIST AI RMF assessment workflow.

Reasoning trace with regulatory citations

Each conclusion expands into a reasoning trace citing the article or clause that triggered it: Annex III categories, Article 5 prohibitions, deployer/developer duty mapping. A confidence score on the EU AI Act tier shows where manual review is highest value.

Cryptographic primitives behind this capability

Each capability rests on signed, verifiable signature components.

Component

Framework crosswalk

Component

Capability manifests

Component

Signed attestations

Start attesting in 60 seconds.

Free plan includes fingerprinting, unverified attestations, and a public registry listing. Upgrade when you need signed proofs or SLA-backed verification.

Create a free account See pricing

Capability · risk classification

AI-powered risk classification

Multi-framework risk tiers with the article references your auditors will demand.

Start free See all features

What's included

Built to be auditor-ready out of the box

EU AI Act 4-tier classification

Colorado AI Act consequential determination

Identifies systems making consequential decisions under Colorado's framework. Deployer and developer duties are broken out separately so each role's obligations are explicit.

NIST AI RMF applicability

Reasoning trace with regulatory citations

Cryptographic primitives behind this capability

Each capability rests on signed, verifiable signature components.

Component

Framework crosswalk

Component

Capability manifests

Component

Signed attestations

Start attesting in 60 seconds.

Free plan includes fingerprinting, unverified attestations, and a public registry listing. Upgrade when you need signed proofs or SLA-backed verification.

Create a free account See pricing