**Article 9**

### Established Risk Management Framework and Iterative Process

Meridian Educational Technologies has implemented a comprehensive risk management system specific to Insight Proctor Analytics, documented under internal Quality Management Document QMD-IPA-0924. This system operates as a continuous, iterative lifecycle process from initial development through deployment and post-market phases. The process includes periodic reviews on a bi-annual basis or sooner upon significant software updates, incorporating evidence from ongoing post-market monitoring to ensure that risk identification and mitigation remain current and effective.

The risk management lifecycle integrates cross-functional teams including AI specialists, data protection officers, academic assessment experts, and legal advisors to holistically address evolving risks. This alignment ensures systematic, multi-perspective risk oversight tailored to the AI system’s application in high-stakes academic exam monitoring.

### Identification and Analysis of Known and Foreseeable Risks

In accordance with the intended purpose, Insight Proctor Analytics was subjected to an extensive risk identification exercise focusing primarily on health, safety, and fundamental rights. The process engaged documented threat modeling and hazard analysis methodologies (per ISO 14971:2019 adapted for AI) that identified risks such as inaccurate detection of behaviors leading to wrongful flagging, potential privacy rights infringements, and psychological effects of surveillance.

Known risks incorporate possible misclassification of student gestures due to cultural and individual diversity, leading to false positives. Reasonably foreseeable risks include scenarios of adversarial evasion (e.g., subtle behavior changes to avoid detection) and contextual misinterpretations during dynamic exam conditions. These risks were captured and formally analyzed through interdisciplinary workshops and review of empirical studies on exam surveillance impacts (summarized in Risk Register RSK-IPA-2024-v3).

### Risk Estimation and Assessment Under Intended and Misuse Conditions

Risk estimation was quantitatively supported by performance testing on a validation dataset of 10,000 anonymized video segments matched with test metadata from pilot institutions, representing diverse geographic and cultural contexts across the EU. The system demonstrates a balanced precision of 92% and recall of 89% in behavior anomaly detection calibrated to minimize false positives, as validated against ground-truth expert annotations.

Estimation extended to reasonably foreseeable misuse cases, such as unauthorized system manipulation and context circumvention attempts, evaluated via adversarial robustness testing protocols. Failure mode and effects analyses (FMEA) assessed the severity and likelihood of residual risks with modeled mitigation efficacy. Statistical risk scores were assigned, with the highest residual risk being low to moderate impact false accusations, judged mitigatable through layered control measures.

### Post-Market Data Integration for Emerging Risk Evaluation

Insight Proctor Analytics incorporates a post-market monitoring system aligned with Article 72 requirements, channeling live anonymized operational data and user feedback into an advanced analytics dashboard updated monthly. This system facilitates real-time risk surveillance with trigger thresholds configured to detect shifts in false positive rates, algorithmic biases, or emergent contextual anomalies.

Outputs from the monitoring accumulate into quarterly risk re-assessments, enabling dynamic recalibration of risk management measures. A dedicated Data Governance Committee reviews these findings and authorizes timely updates to the system and associated documentation, ensuring responsiveness to new or evolving risks in operational environments.

### Design and Development Measures to Eliminate or Minimize Risks

Design decisions emphasize minimizing risks at source through technical architecture and algorithmic features. The system’s transformer-based Vision Language Models (VLMs) have incorporated domain-adaptive training on ethically sourced, diverse datasets encompassing 500,000 anonymized instances to reduce bias and improve cultural sensitivity in behavior recognition.

Multi-modal cross-validation procedures fuse visual and semantic data streams to contextualize detections, substantially reducing false alarms. Privacy-preserving techniques, such as edge processing of video data without external transmission and cryptographic safeguarding of test metadata, are embedded to respect fundamental rights and personal data protection.

Where total elimination of risks is unfeasible, layered mitigation mechanisms include confidence score thresholds, human-in-the-loop review workflows for flagged cases, and configurable alert sensitivity tailored for institution-specific deployment contexts.

### Mitigation, Control Measures, and Information Provision to Deployers

Mitigation extends to operational procedures governing deployer interaction with the system. The provider supplies comprehensive deployment manuals outlining technical operation, risk factors, and mitigations, consistent with Article 13 information obligations.

Tailored training modules accompany product delivery, addressing expected deployer technical competence and emphasizing proper interpretation of system outputs and anomaly classifications. Training scenarios cover potential misuse patterns and ethical handling of flagged incidents to support fair and transparent use.

Furthermore, system interfaces incorporate user-friendly risk indicators calibrated to avoid alarm fatigue while ensuring actionable insights. Support channels remain available for deployer inquiries and incident response facilitation.

### Testing Across Development and Deployment Lifecycle

Insight Proctor Analytics underwent rigorous and staged testing protocols starting from component unit tests through system integration and acceptance testing in simulated and real-world educational environments. Testing was performed continuously throughout the development lifecycle to verify stability, accuracy, and adherence to regulatory requirements.

Performance metrics were mapped against pre-defined benchmarks, including a probabilistic threshold of at least 90% specificity and sensitivity for behavior anomaly detection. Testing encompassed synthetic adversarial attack simulations and controlled user trials involving over 1,000 students across four pilot sites, confirming consistent and replicable system behavior aligned with intended purpose.

Pre-market final system validation included real-exam monitoring trials with live proctor oversight, satisfying requirements for deployment readiness prior to market placement.

### Consideration of Vulnerable Groups, Including Minors

Given the exclusive use case involving examination of persons under 18 years and young adults, the risk management system prioritizes sensitivity to potential adverse impacts on minors. Ethical guidelines and pediatric data handling protocols conform to relevant child protection standards and GDPR provisions.

Data minimization principles restrict captured information to essential elements only, explicitly excluding biometric identification, thereby reducing risk of stigmatization or direct intrusion. Psychological risk assessments included potential anxiety effects from monitoring, with system design avoiding intrusive alert mechanisms and favoring discretion.

Risk evaluation and mitigation documentation explicitly address specific safeguards for vulnerable groups, such as optional anonymization layers and configurable alert timing to reduce undue stress during exam conditions.

### Integration with Other Regulatory Risk Management Requirements

The risk management system of Insight Proctor Analytics aligns and interoperates with internal risk governance processes established under EU product safety legislation applicable to digital education tools. Documented linkages demonstrate how identified risks and mitigation measures relating to AI-specific concerns integrate with broader organizational risk frameworks—ensuring consistency, efficiency, and regulatory traceability.

This unified approach enables consolidated audit trails and comprehensive compliance reporting, supporting robust oversight across intersecting legal requirements.