Skip to content
TruthVouch Docs

Manual AI System Registration

Use manual registration for AI systems that auto-discovery missed or if you prefer to register systems intentionally. You provide system details, and Compliance AI auto-classifies risk level and maps to frameworks.

How to Register Manually

  1. Go to Compliance > Registry > AI Systems > New System
  2. Fill in required fields:
    • System Name — Official name
    • Description — What it does
    • System Type — See options below
    • Data Inputs — What data it processes
    • Scope of Impact — Who is affected
    • Regions Operating — Where users are located
  3. Click Create

Compliance AI will auto-classify risk level and make available for scans.

System Type Options

TypeDefinitionExamples
Large Language Model (LLM)Generative AI for text generationChatGPT integration, content generation
Vision ModelAI that processes images/videoFacial recognition, object detection
Recommender SystemAI that suggests products/contentProduct recommendations, content ranking
Classification ModelAI that assigns categoriesSpam detection, sentiment analysis
Prediction ModelAI that forecasts outcomesChurn prediction, demand forecasting
Anomaly DetectionAI that identifies unusual patternsFraud detection, intrusion detection
Decision SupportAI that assists human decisionsLoan approval helper, hiring tool
Autonomous SystemAI that makes decisions without humansAuto-scaling, automated trading
ClusteringAI that groups similar itemsCustomer segmentation, data organization
Reinforcement LearningAI that learns through interactionGame AI, optimization systems
Generative Model (Non-LLM)Generative AI beyond textImage generation (DALL-E), music generation
Embedding/Vector ModelAI that creates vector representationsDocument embeddings, similarity search
OtherAI system not fitting aboveDescribe in notes

Data Input Categories

Select all that apply:

CategoryExamples
Customer DataNames, emails, purchase history, behavior
Financial DataBank accounts, transaction history, income, credit
Health DataMedical records, genetic data, biometrics
Employee DataNames, IDs, performance reviews, location
Behavioral DataBrowsing history, clicks, time spent, interactions
Biometric DataFacial recognition, fingerprints, iris scans, voice
Location DataGPS coordinates, addresses, geofencing
Content DataUser-generated posts, documents, media
Public DataNews, social media, public records
Synthetic DataGenerated for testing, not real

Selecting “Financial,” “Health,” or “Biometric” automatically increases risk level.

Scope of Impact

Describe who the system affects:

ScopeDefinition
Individual UsersSystem affects specific people (recommendations, decisions)
Teams/DepartmentsSystem used by specific business units
Organization-WideAll employees have access or are affected
Customers/PublicExternal users are affected (public-facing)
Employees & CustomersBoth internal and external impact
Autonomous/Critical DecisionSystem makes binding decisions without appeal

Regions Operating

Select all regions where the system or its users are located:

  • EU (triggers GDPR, EU AI Act)
  • United States
  • California (triggers CCPA)
  • United Kingdom
  • Canada
  • Japan
  • China
  • India
  • Singapore
  • Brazil
  • Australia
  • Other (specify)

Selecting “EU” triggers stricter compliance requirements (GDPR, EU AI Act).

Auto-Classification: Risk Level

Based on your inputs, Compliance AI assigns risk level:

Risk LevelTriggersExamples
UnacceptableSocial scoring, subliminal manipulationSystem will be marked as non-deployable in EU
High-RiskAutonomous decisions + sensitive data, biometrics, financial decisionsLoan approval, hiring, facial recognition
Limited-RiskDecision support or customer-facing without sensitivityChatbot, recommendation engine, content ranking
Minimal-RiskNo decision-making, non-sensitive dataSpell checker, search, accessibility tools

You can override the auto-classification if you disagree. Explain reasoning in notes.

Custom Fields

Add metadata for your organization:

  • Owner Name & Email — Primary contact
  • Owner Team — Department responsible
  • Production Deployment Date — When system went live
  • Model Version — Current version identifier
  • External Vendor — If using vendor AI (OpenAI, Anthropic, etc.), note it
  • Cost Center — For cost tracking
  • Notes — Any additional context

Required Documentation

Before a system can be scanned, upload:

  1. System Description Document (PDF/DOCX)

    • What the system does
    • How it’s used
    • Who uses it
    • When it was created/updated

  2. Data Dictionary (CSV/XLSX) — Optional but recommended

    • Input data fields
    • Output fields
    • Data types
    • Example values

  3. Model Card — Auto-generated or upload yours

    • Training data description
    • Performance metrics
    • Limitations and biases

  4. Training Data Document — If applicable

    • Where training data came from
    • Number of samples
    • Data quality assessments
    • Bias analysis

Upload documents on system creation or edit page.

Example: Manual Registration

Scenario: You have a custom ML model for customer churn prediction that auto-discovery missed.

Form:

  • System Name: Customer Churn Prediction Engine v2.1
  • Description: Predicts which customers are likely to cancel subscriptions in next 90 days. Used by retention team to prioritize save outreach.
  • System Type: Prediction Model
  • Data Inputs: Customer demographics, subscription history, support tickets, usage metrics
  • Scope of Impact: Employees (retention team) and indirectly customers (receive offers)
  • Regions Operating: US, EU
  • Owner: alice@company.com (Data Science team)
  • Production Date: 2023-06-15
  • Vendor: None (custom trained)
  • Notes: Trained on 2 years historical data. Monthly retraining. Integrated with CRM for push notifications.

Auto-Classification:

  • Risk Level: High-risk
    • Reasoning: Autonomous decision-making (which customers to target) + financial impact (retention spend allocation) + EU users → GDPR & EU AI Act apply
    • Flag for DPIA, bias testing, audit trail implementation

After registration, system is ready for compliance scans.

Bulk Import

Register multiple systems at once using CSV:

  1. Go to Registry > Import Systems
  2. Download template
  3. Fill in rows (one system per row)
  4. Upload CSV

Compliance AI will:

  • Validate each row
  • Flag errors (missing required fields)
  • Create all valid systems
  • Report on any failures

Use bulk import if you’re registering 5+ systems from auto-discovery results.

After Registration

Once created, system can be:

  1. Scanned against compliance frameworks
  2. Linked to policies — Specific policies apply to system
  3. Assigned to team — Track ownership
  4. Updated — Change metadata, risk level, deployment status
  5. Decommissioned — Mark as retired when system sunsets

Next Steps