For organisations.
Article 4 of the EU AI Act obliges every organisation that uses or provides AI to ensure a demonstrable level of AI literacy among its staff. This overview shows what the law requires, how SAIG certification aligns with the Dutch Data Protection Authority's four-step plan, and how to arrive at a workable approach.
What Article 4 requires
The legal text, in one paragraph.
Providers and deployers of AI systems take measures to ensure, to their best extent, a sufficient level of AI literacy among their staff and other persons dealing with the operation and use of AI systems on their behalf, taking into account their technical knowledge, experience, education and training and the context the AI systems are to be used in.
The Dutch DPA four-step plan
Identify, set goals, implement, evaluate.
Identify
Map every AI system in use, including shadow AI. Document who works with it, in what context and at what risk.
Set goals
Define measurable, role-specific learning objectives, prioritising the highest risks. Secure executive ownership and budget.
Implement
Roll out training, communicate policy and embed AI policy in onboarding and recurring mandatory modules.
Evaluate
Measure knowledge, behaviour and outcomes through assessments, audits and management reporting. Schedule an annual review.
Procurement and HR policy
From learning outcome to procurement criterion.
SAIG certification is not only a learning outcome — it is a procurement criterion. In their HR policy, onboarding requirements and supplier contracts, organisations can set out which SAIG level applies per function or role. In tenders, a verifiable SAIG certificate provides demonstrable evidence to clients and supervisors that staff meet Article 4. The public register enables two-step verification — without making personal data public. AI literacy is therefore not only trained but also assured and made auditable throughout the procurement chain.
Which SAIG level for which role
Level per role — a starting point.
A role-specific approach calls for differentiation. The table below offers a starting point — the final choice depends on risk class, sector and the substance of the role.
| Role group | SAIG level | Rationale |
|---|---|---|
| Broad group of staff administrative, support | Awareness Badge or Basis | Awareness and safe basic use in low-risk contexts. |
| Frequent AI users knowledge workers, consultants | SAIG-Practitioner | Structural application in work processes, with attention to verification and risk. |
| Deployers responsible users | Practitioner or Advanced | Responsibility for system deployment under the AI Act. |
| Developers and procurers providers | SAIG-Advanced | Deeper technical and legal knowledge for lifecycle responsibility. |
| Executives, AI Officers, compliance, lawyers | SAIG-Advanced | Governance and assurance responsibility at organisational level. |
| HR and trainers | Practitioner or Advanced | Guiding and training others requires an overview of all levels. |
Sectoral approach
Ten main sectors, one horizontal foundation.
Article 4 applies to every sector, but risk profile and supervision differ. For each main sector there is a separate page covering what is at play, the relevant legislation and the appropriate level per role.
Healthcare & wellbeing
GDPR art. 9, MDR/IVDR and IGJ supervision; AI in diagnostics and reporting.
Lees meer →Construction, energy & utilities
Critical infrastructure high-risk; NIS2 and smart grid management.
Lees meer →Next step
Schedule an orientation call.
SAIG offers exploratory orientation calls for organisations seeking to implement Article 4. In the call we discuss your context, the scale of your AI use, and the appropriate SAIG route.