Docs

Appearance

Glossary

Key terms and definitions used throughout the Modulos platform and documentation.

Use the filters to narrow to platform terms, general AI governance language, or framework-specific terminology.

77 terms
Categories
Frameworks

A

AI governance

AI Governance

The people, processes, and controls used to ensure AI is developed and used responsibly, safely, and in line with laws, standards, and organizational goals.

Related
AI systemFrameworkRisk quantification

AI management system

ISO 42001AI Governance

An organizational management system for governing AI across the lifecycle, including policies, roles, oversight, performance evaluation, and continuous improvement.

Also called
AIMS
Related
ISO 42001Policies and procedures

AI model

AI Governance

A mathematical or machine learning component that transforms inputs into outputs. A model is typically one component within a broader AI system.

Related
AI systemFoundation modelModel card

AI system

PlatformAI GovernanceEU AI Act

A machine-based system that, for a given set of objectives, produces outputs such as predictions, content, recommendations, or decisions.

In governance, an AI system is more than a model: it includes data, software components, infrastructure, people, and processes that shape real-world behavior.

Also called
AI application
In Modulos
Represented as a project, with lifecycle stage, frameworks, requirements, controls, evidence, assets, tests, and risk quantification.
Links
Projects overviewCreate a project
Related
AI modelProjectHigh-risk AI system

Annex III

EU AI Act

A section of the EU AI Act that lists high-risk use cases by intended purpose. Systems in these categories typically trigger high-risk obligations.

Related
High-risk AI systemProviderDeployer

API token

Platform

A personal credential used to authenticate API requests for automation and integrations. Treat API tokens like passwords.

In Modulos
Managed in User Settings under API Tokens.
Links
API tokens
Related
Modulos ClientSource

Asset

Platform

A structured record for governance artifacts such as model cards, dataset cards, policies, and assessments. Assets support collaboration, review, and audit readiness.

In Modulos
Managed under Assets. Many assets support review before being marked completed.
Links
Assets and documents
Related
EvidenceReview

Audit pack

PlatformAI Governance

An exportable package of requirements, controls, evidence, and supporting artifacts that you can share for internal review or external assurance.

In Modulos
Generated from the project via exports.
Links
Reports and exports
Related
EvidenceRequirementControl

Audit trail

PlatformAI Governance

A chronological record of changes and actions. In practice this is often implemented as comments, logs, and immutable change history.

Related
Comments and logsReview

Authorized representative

EU AI Act

Under the EU AI Act, an EU-based entity appointed by a non-EU provider to carry out specific compliance tasks and act as a contact point for authorities.

Related
ProviderDeployer

C

CE marking

EU AI Act

A marking that indicates a product meets applicable EU requirements. For some high-risk AI systems and regulated products, CE marking is part of the conformity route.

Related
Conformity assessmentHigh-risk AI system

Comments and logs

Platform

A shared activity feed attached to governance objects, used to document decisions, changes, and review discussions over time.

Related
Audit trailReview

Conformity assessment

AI GovernanceEU AI Act

A structured process to demonstrate that requirements have been met. Under the EU AI Act, the applicable conformity route depends on system type, role, and product context.

Related
CE markingTechnical documentationPost-market monitoring

Connector

Platform

A user account connection to an external tool or service. Connectors are tied to a person and are used to bring user-scoped data into Modulos and Scout.

In Modulos
Configured in User Settings under Connectors.
Links
Scout connectors
Related
SourceScout

Control

PlatformAI Governance

A measure that reduces risk or supports compliance. Controls can be technical, organizational, or procedural.

In Modulos
Controls are executed and supported by evidence. Execution feeds requirement readiness and fulfillment.
Links
Controls
Related
RequirementEvidenceRisk quantification

Control readiness

Platform

A progress signal for a control based on what has been documented and linked. Readiness helps teams prioritize what to execute next.

Related
ControlEvidenceRequirement readiness

D

Data Protection Impact Assessment

GDPR

A risk assessment required by GDPR for certain processing activities. A DPIA documents necessity, proportionality, risks, and mitigations.

Also called
DPIA
Related
ControllerProcessor

Deployer

EU AI Act

Under the EU AI Act, the entity that uses an AI system under its authority, for example by integrating it into a product or business process.

Related
ProviderHigh-risk AI system

Distributor

EU AI Act

Under the EU AI Act, an entity that makes an AI system available on the EU market without being the provider or importer.

Related
ImporterProvider

E

Evidence

PlatformAI Governance

Information that supports a claim of compliance or execution. Evidence can be files, links, logs, metrics, or structured records.

In Modulos
Stored in the Evidence library and linked to controls, requirements, and risks.
Links
Evidence
Related
ControlRequirementAudit pack

F

Fermi estimate

PlatformAI Governance

An order-of-magnitude estimate created by decomposing a complex question into explicit assumptions that can be challenged and refined.

Related
Scenario analysisRisk quantification

Foundation model

AI GovernanceEU AI Act

A large, general model trained on broad data that can be adapted to many tasks. Foundation models are often a component of a broader AI system.

Related
General-purpose AI modelAI system

Framework version

Platform

A versioned release of a framework. Versions enable controlled updates as regulations and standards evolve.

In Modulos
Projects can update to the latest version or freeze updates for stability during reviews and audits.
Related
FrameworkRequirement

G

General-purpose AI model

AI GovernanceEU AI Act

A model designed for generality across tasks and domains, often provided as a reusable capability. In the EU AI Act this concept is referred to as GPAI.

Also called
GPAI model
Related
Foundation modelProvider

H

High-risk AI system

EU AI Act

An AI system that falls into a high-risk category under the EU AI Act, for example because of its intended purpose or because it is a safety component of a regulated product.

Related
Annex IIIConformity assessmentPost-market monitoring

Human oversight

AI GovernanceEU AI Act

Measures that enable people to understand, monitor, and intervene in AI system behavior so that risks can be detected and corrected in time.

In Modulos
Implemented through ownership, reviews, approvals, and clear accountability across controls, requirements, evidence, and assets.
Links
Human in the loop
Related
ReviewRequirementControl

I

Information security management system

ISO 27001

A management system for establishing, implementing, maintaining, and continually improving information security, typically aligned to ISO 27001.

Also called
ISMS
Related
ISO 27001Policies and procedures

ISO 27001

ISO 27001

An international standard for information security management systems, used for organizational security governance, risk management, and certification.

ISO 42001

ISO 42001

An international standard for AI management systems. It focuses on organizational processes and governance for AI across the lifecycle.

Also called
AIMS standard

L

Logging and record keeping

AI GovernanceEU AI Act

The practice of keeping records that support traceability, monitoring, and investigation, including inputs, outputs, decisions, and key lifecycle events.

Related
Post-market monitoringTechnical documentation

M

MAS FEAT

MAS FEAT

A set of principles and guidance from the Monetary Authority of Singapore focused on fairness, ethics, accountability, and transparency in AI and data analytics.

Related
AI governanceTransparency

Model card

PlatformAI Governance

A structured document describing a model’s intended use, performance, limitations, and key risks, designed to support responsible deployment.

Related
AssetAI modelTransparency

Modulos Client

Platform

A client library and tooling to integrate your systems with Modulos via API, typically used to automate governance data flows and evidence capture.

Links
Modulos Client
Related
API tokenSource

Monte Carlo simulation

PlatformAI Governance

A probabilistic method that uses random sampling to model uncertainty. In risk quantification, it produces a distribution of possible monetary losses.

Related
Risk quantificationExpected lossScenario analysis

N

NIST AI RMF

NIST AI RMF

A risk management framework from NIST that provides guidance and functions to govern, map, measure, and manage AI risks.

Related
AI governanceRisk management

NIST AI RMF functions

NIST AI RMF

The core functions of the NIST AI RMF: Govern, Map, Measure, and Manage. Teams use them to structure risk management work across the AI lifecycle.

Related
NIST AI RMFRisk management

O

Organization

Platform

The top-level entity in Modulos where global settings, users, and organization-level configuration are managed.

In Modulos
Organization admins can view and edit all organization configuration. Project access is managed separately.
Links
Organizations overview
Related
ProjectOrganization roles

Organization roles

Platform

Roles that apply across an organization, such as Organization Admin, Organization Member, and Organization Risk Manager. Roles shape what users can manage versus view.

In Modulos
Organization Admins can view and edit everything in the organization. Organization Risk Managers maintain organization-level risk quantification settings and budgets.
Links
User management
Related
Project rolesRisk manager

OWASP Top 10 for LLM

OWASP Top 10 for LLM

A community list of common security risks for large language model applications, including prompt injection and data leakage.

Also called
OWASP LLM Top 10
Related
Prompt injectionData leakage

P

Personal identifiable information

ISO 27701GDPR

Information that can identify a person, directly or indirectly. ISO 27701 uses the term PII and defines additional privacy management practices.

Also called
PII
Related
GDPRISO 27701

Policies and procedures

AI GovernanceISO 27001ISO 42001

Documented organizational rules and operating practices used to ensure consistent, auditable behavior across teams and systems.

Related
EvidenceAudit pack

Project

Platform

A scoped workspace for an AI system or organizational governance effort. Projects contain frameworks, requirements, controls, evidence, assets, testing, and risk quantification.

Links
Projects overview
Related
AI systemFrameworkProject roles

Project roles

Platform

Roles that control access within a project. Project roles are separate from organization roles so teams can limit access to sensitive workstreams.

Related
Organization rolesReview

Prompt injection

OWASP Top 10 for LLMAI Governance

An attack where an adversary manipulates a model’s instructions or context to produce unintended behavior, potentially bypassing safeguards.

Related
Data leakageRed teaming

R

Red teaming

AI GovernanceOWASP Top 10 for LLM

A structured practice for stress-testing an AI system by probing for failures, misuse, and adversarial behavior, often using realistic attacker mindsets.

Related
Prompt injectionTesting

Requirement

PlatformAI Governance

A statement of what must be satisfied, usually sourced from a framework. Requirements provide audit-ready structure for governance work.

In Modulos
Requirements are fulfilled when related controls are executed with supporting evidence. The requirement view also supports comments and ownership.
Links
Requirements
Related
ControlEvidenceFramework

Requirement readiness

Platform

A progress signal for a requirement based on the readiness and execution of mapped controls.

Related
RequirementControl readiness

Review

PlatformAI Governance

A workflow where a status change or completion is requested and then approved or rejected by designated reviewers to ensure accountability.

Related
Human oversightComments and logs

Risk appetite

PlatformAI Governance

The amount of risk an organization is willing to accept, expressed as a monetary budget or limit that guides prioritization and delegation.

Related
Risk limitRisk quantification

Risk category

Platform

A high-level grouping used to organize risks, for example technical, operational, legal and compliance, ethical and reputational, and governance risks.

Related
Risk taxonomyThreat vector

Risk limit

PlatformAI Governance

A monetary ceiling allocated to a project or category to keep aggregate exposure within the organization’s risk appetite.

Related
Risk appetiteRisk category

Risk management

AI GovernanceEU AI ActISO 27001NIST AI RMF

The ongoing process of identifying, analyzing, and treating risk. Effective risk management is continuous and tied to real operational decisions.

Related
Risk quantificationControlPost-market monitoring

Risk manager

PlatformAI Governance

A role responsible for maintaining risk methods, assumptions, and budgets, and supporting teams who quantify and manage risk in projects.

In Modulos
Often represented as an Organization Risk Manager role, focused on risk quantification methods, taxonomy, and budget governance.
Related
Organization rolesRisk quantificationRisk appetite

Risk matrix

AI Governance

A qualitative tool that maps likelihood and impact into buckets. Risk matrices are easy to produce but can be misleading for prioritization because they hide magnitude and uncertainty.

Related
Risk quantificationScenario analysis

Risk taxonomy

Platform

A structured library of risk categories and risk types used to keep risk identification and quantification consistent across teams.

Related
Risk categoryThreat vector

S

Scenario analysis

PlatformAI Governance

A method that decomposes risk into explicit scenarios and assumptions so teams can estimate frequency and monetary impact in a transparent way.

Related
Fermi estimateExpected lossRisk quantification

Scout

Platform

Modulos’ AI assistant that can reference and reason across governance data in the platform and across connected sources and connectors.

Links
Scout
Related
SourceConnectorEvidence

Source

Platform

A service account connection attached to a project. Sources are project-scoped and are used to bring system data such as code, logs, and metrics into Modulos.

In Modulos
Configured per project under Settings and Sources.
Links
Sources
Related
ConnectorModulos ClientTesting

Supplier data protection requirements

Microsoft Supplier DPRAI Governance

A structured set of requirements that suppliers must meet for handling, protecting, and processing customer or partner data.

Related
ISO 27001GDPRPolicies and procedures

T

Technical documentation

AI GovernanceEU AI Act

Documentation that describes how an AI system is built, how it behaves, and how it is controlled, so that others can assess compliance and risk.

Related
EvidenceModel cardLogging and record keeping

Testing

PlatformAI Governance

Automated or manual checks that evaluate system behavior, such as fairness, privacy, robustness, or safety checks. Testing produces governance signals over time.

Links
Testing
Related
SourcePost-market monitoring

Threat vector

PlatformAI Governance

A distinct pathway by which an AI system can cause harm. Threat vectors are used to decompose risk into quantifiable parts.

Related
Risk quantificationRisk taxonomy

Transparency

AI GovernanceEU AI Act

Clear communication about an AI system’s purpose, limitations, and appropriate use, so that affected users and operators can make informed decisions.

Related
Model cardHuman oversight

Trust Center

AI Governance

A central location where an organization publishes security, privacy, and compliance information and artifacts for customers and partners.

Related
Audit packPolicies and procedures

U

UAE AI Ethics

UAE AI Ethics

A set of ethical principles and guidance that promotes responsible AI, including fairness, accountability, transparency, safety, and human-centered outcomes.

Related
AI governanceHuman oversightTransparency

INFO

This glossary is informational. It does not constitute legal advice.