How do project managers prepare for the EU AI Act deadline?

The EU AI Act's broadest provisions apply from August 2026. For project managers running projects that use AI tools in regulated contexts -- or in any EU-facing context -- that deadline is a delivery milestone, not a compliance team abstraction.

This checklist covers the five steps that constitute reasonable preparation. It does not require a legal team to complete, though legal should review the output of steps 2 and 3 for any project with high-risk AI exposure.

Why Project Managers Own This

The EU AI Act assigns obligations to AI system deployers -- the organisations that use AI systems in their operations -- not just to the companies that build them. Project managers who deploy AI tools on behalf of their organisations are part of the compliance chain.

This does not mean project managers become compliance officers. It means they need to know which AI tools their project uses, what risk tier those tools fall into, and whether the appropriate oversight mechanisms are in place.

Step 1: Inventory Every AI Tool in Use

List every AI tool the project team currently uses. Include:

• Direct tools (AI writing assistants, transcription tools, project management AI features, code assistants)
• Embedded AI (AI features within Microsoft 365, Salesforce, your project management platform, communication tools)
• Experimental or trial tools team members are evaluating

Be thorough. Shadow AI use -- tools adopted without formal approval -- is common and creates undocumented compliance exposure. A brief team conversation about what tools people actually use is usually more accurate than any approved tool list.

Step 2: Classify Each Tool by EU AI Act Risk Tier

For each tool in the inventory, determine which risk tier applies:

• Unacceptable risk: Prohibited. If any tool falls here, escalate immediately.
• High risk: Requires conformity assessment, documentation, human oversight, and registration. High-risk AI includes systems used in hiring, credit scoring, critical infrastructure, law enforcement, and certain health and safety applications.
• Limited risk: Requires transparency disclosures (users must be told they are interacting with AI).
• Minimal risk: No specific obligations. The majority of productivity AI tools fall here.

Most AI tools used in project management fall into minimal or limited risk. If any tool falls into high risk, that requires immediate legal review.

Step 3: Document Human Oversight for High-Risk Systems

For any tool classified as high-risk, document:

• What decisions the tool influences
• Who reviews AI outputs before consequential decisions are made
• How that review is logged
• The escalation path if the tool behaves unexpectedly

This documentation does not need to be elaborate. A one-page process description attached to the project risk register is sufficient to demonstrate oversight.

Step 4: Verify Vendor Compliance Status

For each AI tool in use -- particularly any in the limited or high-risk tier -- check whether the vendor:

• Has published an EU AI Act compliance statement or conformity declaration
• Offers a data processing agreement (DPA) that covers EU data protection requirements
• Has an incident response process for AI-related issues

If a vendor cannot answer basic compliance questions, that is itself a risk signal worth documenting.

Step 5: Create an AI Change Management Record

Establish a simple record -- a spreadsheet or a section in your project risk register -- that tracks:

• Which AI tools the project uses
• Their risk tier classification
• The vendor compliance verification date
• The human oversight mechanism in place (if high-risk)
• The last review date

Update this record when new tools are adopted or when vendor compliance status changes. The record demonstrates that AI use on the project is managed and reviewed -- which is what any audit or governance review will look for.

The August 2026 deadline is the formal trigger, but the value of this process is ongoing. Projects that build this habit now will not scramble when the next regulatory update arrives.

Free tool: The AI Tool Risk Evaluator walks your team through a structured 5-minute risk evaluation before adopting any AI tool. Free, no login required.

Subscribe to AI for Project Managers at Indigo.pub for practical AI governance guidance delivered to your inbox.