ELEMENTS OF AI – Talk Time: AI compliance That Works: Practical Foundations for Your Organisation

Artificial intelligence is reshaping how organisations operate — but it is also reshaping their legal and regulatory obligations. The EU AI Act is now progressively entering into force, and organisations across all sectors must understand how it interacts with existing obligations (GDPR, cybersecurity). But where do you start when resources are limited and regulatory expectations are high?

This session provides a practical, accessible introduction to AI and data protection compliance for professionals from diverse backgrounds. Rather than overwhelming participants with legal complexity, we focus on the foundational steps that create lasting compliance infrastructure: mapping your AI systems and data processing activities, categorising them according to regulatory risk levels, and using this inventory as a pillar for subsequent compliance efforts.

Participants will learn why systematic mapping is not merely an administrative exercise but a strategic tool for building organisational trust, demonstrating accountability to regulators, and making informed decisions about AI deployment.

Whether you are just beginning to assess your AI footprint or seeking to strengthen existing governance frameworks, this session addresses how to categorise AI systems by risk level, identify high-priority compliance actions, assign internal responsibilities and begin building the governance structures and documentation that regulators will expect. Participants leave with a clear understanding of where they stand and a realistic picture of the first steps they can take immediately.

This module will cover the following points:

• Understanding the regulatory landscape: Overview of the EU AI Act and its interaction with existing frameworks (GDPR, cybersecurity) —key definitions and timelines
• Why mapping matters: Why creating an inventory of AI systems is an essential first step for any compliance programme
• Risk-based categorisation: How to classify AI systems (prohibited, high-risk, limited-risk, minimal-risk) and align this with GDPR’s data protection risk logic
• Building trust as a strategic asset: How proactive AI and data compliance translates into competitive advantage, contractual readiness, and a demonstrable culture of responsibility- towards clients, employees, regulators and the public
• Practical starting points: Actionable steps and governance structures to launch or strengthen your AI and data protection compliance efforts immediately

By the end of this training, the participant will be able to:

• Explain the core requirements of the EU AI Act and how they complement existing legal frameworks
• Identify which AI systems and data processing activities within their organisation require mapping and regulatory attention
• Categorise AI systems according to the AI Act's risk-based classification framework and understand corresponding compliance obligations
• Recognise the strategic value of mapping for building stakeholder trust and demonstrating accountability
• Apply a practical step-by-step approach to initiate or improve AI and data protection compliance efforts within their own organisational context

This course will alternate between theory, hands-on practice, and interactive exercises.