Regulatory & Compliance
EU regulatory toolkits — AI Act, DORA, GDPR — built operator-first, not legal-first.
Free guides
The DORA Article 28 ICT register — what it must actually contain
What a DORA Register of Information has to capture under Article 28: every ICT third-party arrangement, which critical or important function each one supports, the criticality and sub-contracting chain, and the concentration-risk picture — not just a procurement list. An operator's view of the register supervisors actually open.
The EU AI Act deployer checklist — what an SME has to do before August 2026
A practical EU AI Act readiness checklist for deployers: build the AI system inventory, classify each system (prohibited, high-risk under Annex III, limited-risk, minimal), meet the Article 50 transparency obligations, cover the Article 26 deployer duties, and assemble the evidence — treated as a documentation exercise, not a legal one.
Frequently asked
What does Vihren Labs offer for Regulatory & Compliance?
EU regulatory toolkits — AI Act, DORA, GDPR — built operator-first, not legal-first. The line includes: EU AI Act SME Compliance Starter (€149).
Is there a free guide for Regulatory & Compliance?
Yes — "The DORA Article 28 ICT register — what it must actually contain" and "The EU AI Act deployer checklist — what an SME has to do before August 2026", free to read, with a step-by-step checklist and FAQ.
Are these one-time purchases or a subscription?
One-time purchases. You buy on Gumroad, download, and own it — no subscription or recurring fee. Most products offer a single-operator and a team licence.