Chapter 01 — Why this exists
Most hiring AI lives in a compliance grey zone.
The EU AI Act classifies most CV-screening, ranking and assessment tools as high-risk. GDPR Article 22 limits decisions made solely by automated processing. NYC Local Law 144 requires bias audits and notification. Most companies are exposed on at least one — and do not know it.
This scorecard is built from the actual statutory text. Sixty-two yes/no questions, mapped clause by clause. No legal advice — but a clear, evidenced map of where you stand and what to fix first, in the order regulators are likely to ask about it.
You can finish it in eight minutes. The PDF is shareable with legal, security, and the board. The remediation plan is sequenced by risk, not by alphabet.