Frequently Asked Questions

Yes, if your company develops or deploys AI systems and has a presence or customers in the EU. As an operator (user of AI), Art. 4 AI Literacy applies from 02.02.2025. High-risk obligations take effect from August 2026.

Companies must ensure that employees who operate or supervise AI systems have the necessary understanding of AI. Effective from 02.02.2025 — no exceptions for SMEs. Training on learn.iio.space meets this requirement.

Prohibited AI practices: up to €35 million or 7% of annual turnover. High-risk violations: up to €15 million or 3% of turnover. Providing false information to authorities: up to €7.5 million or 1.5% of turnover. For SMEs, percentage caps apply.

As an operator (user), no — the reporting obligation lies with the provider. However, you have obligations: AI Literacy of your employees (Art. 4), transparent handling of AI-generated content (Art. 50), and assessment of whether the use is high-risk.

ISO 42001:2023 is the international standard for AI Management Systems (AIMS). Certification is voluntary but increasingly demanded by clients and tenders. It provides a systematic framework for responsible AI governance.

Depending on the size of the company: SMEs approximately €5,000–15,000 for audit + certificate (TÜV, BSI, DQS). Preparation including ISMS setup: an additional €10,000–50,000. IIO assists with the preparation. Certificate is valid for 3 years with an annual surveillance audit.

Complementary: ISO 42001 is a management system framework (like ISO 27001 for IT security), EU AI Act is law. An ISO 42001 certification can serve as evidence of EU AI Act compliance, but it does not fully replace it.

Only with a lawful basis (consent or legitimate interest) and if provided for in the original purpose of use. Anonymized or synthetic data are unproblematic. In case of personal reference: Data Protection Impact Assessment (DPIA) recommended.

Purely automated decisions with significant impact on individuals are generally prohibited, except with consent, contract, or law. Affected individuals have the right to an explanation and human review. HITL (Human-in-the-Loop) is the technical solution.

NIST AI RMF is a voluntary US standard without sanctions — a pragmatic process framework (GOVERN, MAP, MEASURE, MANAGE). EU AI Act is a binding EU law with fines. Both complement each other: NIST provides the methodology, EU AI Act the legal requirements.

Recommendation: Prioritize NIST AI RMF GOVERN first — an internal AI governance structure is the pragmatic entry point without certification pressure. Simultaneously comply with EU AI Act Art. 4 (AI Literacy). Implement ISO 42001 if required by clients or tenders.

HITL means that a human reviews and approves AI decisions with significant impact before they are executed. Technically: an approval step in the workflow. Legally: requirement for high-risk AI according to EU AI Act Art. 14.

Minimum requirements: purpose description, data used, model architecture, decision logic, risk assessment, test protocols. For high-risk AI additionally: EU declaration of conformity. Tool: IIO-Framework automatically supports documentation.

Methods: Disparate Impact Ratio (ratio of positive decisions by groups), Confusion Matrix divided by population groups, SHAP values for feature contribution. Tools: Fairlearn (Microsoft), AI Fairness 360 (IBM). Regular review in operation.

Yes, completely free and without registration. The content is provided by Intelego GmbH and the Open Cognition Commons (OCC) under CC-BY 4.0. No subscription, no credit card, no hidden costs.

After the assessment (≥80%), you will receive a digital completion certificate as a PDF. The certificate includes your name, the course title, date, and learning objectives. It is not an accredited industry certificate, but a documented proof of AI Literacy in accordance with Art. 4.

Beginner Path (5 courses): approx. 3.5 hours. Practitioner Path (3 additional courses): approx. 5.5 hours. Expert Course: approx. 4 hours. Total: approx. 13 hours for all 10 courses. Courses can be paused and resumed at any time.

Yes: Cookieless Analytics (Matomo, no tracking cookie), no login, no user account, no storage of personal data on the server. Progress is only stored locally in the browser (localStorage).