ENG-2944: Add EU AI Act FRIA assessment template

[galvana]

Ticket ENG-2944

Description Of Changes

Adds an Alembic migration that seeds the EU AI Act Fundamental Rights Impact Assessment (FRIA) template with all sections, questions, and answer options.

Code Changes

• Added migration xx_2026_03_12_1200_baa6792fc3f7_add_eu_ai_act_fria_template.py that creates the FRIA assessment template with structured sections, questions, and answer options
• Added changelog entry

Steps to Confirm

1. Apply the migration and verify the FRIA template appears in assessment templates
2. Confirm template sections, questions, and answer options are populated correctly
3. Verify downgrade migration removes the template cleanly

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
• UX feedback:
  • All UX related changes have been reviewed by a designer
  • No UX review needed
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
fides-plus-nightly	Ignored	Preview	Mar 17, 2026 11:12pm
fides-privacy-center	Ignored		Mar 17, 2026 11:12pm

[greptile-apps]

Greptile Summary

This PR adds an Alembic data-only migration to seed the EU AI Act Fundamental Rights Impact Assessment (FRIA) template, along with supporting documentation (implementation plan and design spec).

• The migration inserts 1 assessment_template row and 17 assessment_question rows across 6 requirement groups (Process and Purpose, Duration and Frequency, Affected Populations, Risk Identification, Human Oversight, Mitigation and Governance)
• Follows the established pattern from existing assessment template migrations (xx_2026_02_12_1400_d4e5f6g7h8i9_add_remaining_prd_assessments.py), including idempotency checks, prefixed UUID generation, and proper downgrade logic
• No model, schema, API, or frontend changes are needed — the existing generic assessment infrastructure automatically picks up the new template
• The migration correctly chains from the current head (4ac4864180db) with no branching conflicts
• All 17 questions match the design spec with correct fides_sources mappings and expected_coverage values
• Note: The PR exceeds the 500-line change guideline (905 lines), though the majority is documentation (555 lines) and the remaining 350 lines are data definitions in the migration — the actual code logic is minimal

Confidence Score: 4/5

• This PR is safe to merge — it's a data-only migration following an established pattern with proper idempotency guards.
• Score of 4 reflects that this is a straightforward data-seeding migration that closely follows an existing, proven pattern. The migration includes idempotency checks (won't duplicate data on re-run), clean downgrade logic, and all question data matches the spec. The only reason it's not a 5 is the inherent risk of any database migration and the lack of automated test coverage for the seeded data.
• The migration file src/fides/api/alembic/migrations/versions/xx_2026_03_12_1200_baa6792fc3f7_add_eu_ai_act_fria_template.py should be verified by running the migration against a test database to confirm the template and all 17 questions are correctly inserted.

Important Files Changed

Filename	Overview
src/fides/api/alembic/migrations/versions/xx_2026_03_12_1200_baa6792fc3f7_add_eu_ai_act_fria_template.py	Data-only Alembic migration seeding EU AI Act FRIA assessment template (1 template, 17 questions across 6 groups). Follows existing migration patterns with proper idempotency checks and clean downgrade. No schema changes.
docs/superpowers/plans/2026-03-12-eu-ai-act-fria-template.md	Implementation plan documenting the template structure, migration approach, and design decisions for the FRIA template. Documentation-only, no code impact.
docs/superpowers/specs/2026-03-12-eu-ai-act-fria-template-design.md	Design specification defining the 17 FRIA questions, their groupings, fides_sources mappings, and expected coverage levels. Documentation-only, no code impact.

_{Last reviewed commit: c214085}

[JadeCara]