The European Telecommunications Standards Institute publishes specification on continuous conformity assessment for AI systems

The European Telecommunications Standards Institute announced on 29 January 2026 the publication of ETSI TS 104 008, a technical specification introducing a framework for Continuous Auditing-Based Conformity Assessment. The specification addresses the limitations of traditional, one-off audits when applied to AI systems that evolve through updates, retraining, and changes in data.

ETSI TS 104 008 is designed to support post-market monitoring obligations under the EU Artificial Intelligence Act. It sets out a structured approach for automated and ongoing conformity assessment across the operational lifecycle of an AI system. Rather than focusing on a single category of risk, the framework covers multiple aspects of compliance, including quality, safety, security, transparency, and governance.

The specification reflects the assumption that AI systems are not static. Model drift, data shifts, and the emergence of new risks are treated as expected conditions rather than exceptions. To address this, the framework translates high-level regulatory requirements into measurable criteria and machine-readable specifications that can be monitored continuously. This approach is intended to allow organisations and auditors to detect potential non-conformities as they arise, rather than retrospectively.

ETSI TS 104 008 also defines the organisational prerequisites, processes, and documentation practices needed to implement continuous auditing in practice. By standardising how legal obligations are linked to technical monitoring activities, the specification aims to provide a common reference point for providers, auditors, and other stakeholders involved in assessing AI systems after deployment. ETSI has indicated that further details on implementation and use cases will be developed through ongoing technical work within its committees.