Effort Assessment & Go/No-Go
Effort by Risk Level
| Risk Level | One-off Effort | Annual Effort | Typical Cost (internal) |
|---|---|---|---|
| Minimal | 0h | 0h | 0 EUR |
| Limited (Transparency) | 8–16h | 4–8h | 960–1,920 EUR one-off |
| High-risk (Self-assessment) | 268–536h | 104–208h | 32–64k EUR one-off + 12–25k EUR/year |
| High-risk (Third party) | 400–800h+ | 160–320h+ | 48–96k EUR+ one-off + 19–38k EUR/year + Notified Body |
Decision Rules
Automatic GO
- Minimal risk
- Limited risk (transparency obligations are trivial)
Go/No-Go Assessment Required
- High-risk with self-assessment (Annex VI)
Automatic NO-GO EU
- High-risk with third-party assessment (Annex VII)
- Any system where compliance effort > 15% of the 3-year contribution margin
CRA Synergies (Effort Reduction)
Where a product is already CRA-compliant, the additional AI Act effort is reduced significantly:
| AI Act Requirement | Without CRA | With CRA Basis | Saving |
|---|---|---|---|
| QMS | 40–80h | 10–20h | ~75% |
| Technical documentation | 80–160h | 30–60h | ~60% |
| Cybersecurity (Art. 15) | 20–40h | 5–10h | ~75% |
| Incident response | 10–20h | 2–4h | ~80% |
| Total high-risk | 268–536h | ~120–240h | ~55% |
TIP
For CRA-compliant products, the AI Act effort for high-risk is estimated to fall to 14,400–28,800 EUR one-off plus 8,000–16,000 EUR/year. This significantly improves the Go/No-Go calculation.