All Volumes/

AI Risk Management Framework

Systematic approach to identifying, classifying, and managing AI-related risks with matrices, controls, escalation procedures, and executive reporting.

3.1 AI Risk Identification

Systematic risk identification is the foundation of effective AI governance. This section establishes the methodology, tools, and responsibilities for identifying AI-related risks across the organisation.

Risk Identification Methodology

The organisation shall apply a structured, repeatable approach to AI risk identification that combines multiple techniques to ensure comprehensive coverage.

  1. Threat Modelling: Apply STRIDE and AI-specific threat models to identify security risks in AI architectures, data pipelines, and deployment environments.
  2. Scenario Analysis: Develop plausible scenarios of AI failure, misuse, and adversarial attack. Assess likelihood and impact of each scenario.
  3. Stakeholder Consultation: Engage with affected stakeholders — including employees, customers, regulators, and civil society — to identify risks that may not be visible to technical teams.
  4. Control Gap Analysis: Compare existing controls against the requirements of this framework, ISO/IEC 42001, and NIST AI RMF to identify control deficiencies.
  5. Historical Incident Review: Analyse past AI incidents, both internal and external, to identify recurring patterns and systemic vulnerabilities.
  6. Vendor & Supply Chain Assessment: Evaluate risks introduced by third-party AI components, APIs, training data, and cloud services.

Risk Register Requirement

All identified risks must be recorded in the AI Risk Register (Template 9.11) within 48 hours of identification. Risks without controls or treatment plans must be escalated to the AI Steering Committee within 5 business days.

3.2 Risk Classification & Taxonomy

AI risks shall be classified according to a standardised taxonomy that enables consistent assessment, reporting, and treatment prioritisation.

Risk Taxonomy

CategoryDescriptionExamples
StrategicRisks to organisational strategy, market position, or competitive advantageAI misalignment with business strategy, missed AI opportunities, strategic vendor dependency
OperationalRisks to day-to-day operations, service delivery, or business processesModel downtime, API failures, data pipeline breakage, capacity constraints
SecurityRisks to confidentiality, integrity, or availability of AI systems and dataPrompt injection, model poisoning, data leakage, adversarial evasion, supply chain compromise
ComplianceRisks of regulatory breach, legal liability, or contractual non-compliancePrivacy violations, discrimination claims, consumer protection breaches, sectoral regulation
ReputationalRisks to brand, customer trust, and stakeholder confidenceAI-generated misinformation, public bias incidents, executive accountability failures
FinancialRisks of direct or indirect financial lossFraud enabled by AI, incorrect financial decisions, regulatory fines, litigation costs
SafetyRisks to human life, health, or physical safetyAutonomous system failures, medical diagnosis errors, safety-critical decision failures
EthicalRisks of moral harm, unfairness, or societal damageDiscriminatory outcomes, exploitation of vulnerable groups, erosion of human agency

3.3 Risk Matrix & Assessment

All identified AI risks shall be assessed using the standardised risk matrix below. Assessment shall be performed by a qualified risk analyst with input from technical owners, legal counsel, and affected business stakeholders.

Impact Scoring

ScoreFinancialOperationalReputationalCompliance
1 - Negligible< $10,000Minor inconvenienceNo external awarenessNo regulatory interest
2 - Minor$10,000 - $100,000Temporary service degradationLimited internal awarenessInformal regulator query
3 - Moderate$100,000 - $1,000,000Significant service disruptionMedia coverage possibleFormal investigation
4 - Major$1,000,000 - $10,000,000Sustained operational failureNational media coverageEnforcement action likely
5 - Critical> $10,000,000Business continuity threatInternational crisisCriminal or severe regulatory action

Likelihood Scoring

  • 1 - Rare: May occur only in exceptional circumstances (< 1% annual probability)
  • 2 - Unlikely: Could occur but is not expected (1-10% annual probability)
  • 3 - Possible: Might occur at some time (10-50% annual probability)
  • 4 - Likely: Will probably occur in most circumstances (50-90% annual probability)
  • 5 - Almost Certain: Expected to occur in most circumstances (> 90% annual probability)

3.4 Risk Appetite Statement

The Board-approved Risk Appetite Statement defines the types and levels of AI risk that the organisation is willing to accept in pursuit of its strategic objectives.

Risk Appetite by Category

Risk CategoryAppetiteMaximum ToleranceTrigger for Board Escalation
StrategicCautiousMajor impact / Possible likelihoodAny strategic AI investment > $5M
OperationalModerateMajor impact / Likely likelihoodSustained service level breach > 4 hours
SecurityAverseModerate impact / Possible likelihoodAny confirmed security incident
ComplianceAverseMinor impact / Likely likelihoodAny regulatory breach or investigation
ReputationalCautiousMajor impact / Unlikely likelihoodAny external media coverage of AI incident
FinancialModerateMajor impact / Possible likelihoodActual or projected loss > $1M
SafetyAverseNegligible impact / Rare likelihoodAny safety-related AI incident
EthicalCautiousMinor impact / Possible likelihoodAny ethics panel finding of material concern

Appetite Breach Protocol

When a risk exceeds the defined appetite or maximum tolerance, the Accountable Executive must escalate to the AI Steering Committee within 24 hours. The Steering Committee shall convene within 48 hours to determine treatment, acceptance with Board approval, or termination of the activity.

3.5 Controls & Treatment

Risk treatment follows the standard hierarchy: Eliminate, Substitute, Engineer, Administer, and Personal Protective Equipment (ESAP). AI-specific controls shall be documented in the AI Control Register.

Control Categories

Control TypeExamplesResponsible Party
PreventiveInput validation, access controls, bias testing, ethics review, security scanningTechnical Owner, Security Team
DetectiveMonitoring, alerting, anomaly detection, audit logging, fairness metricsOperations Team, Data Team
CorrectiveIncident response, rollback procedures, model retraining, remediation plansIncident Manager, Technical Owner
DirectivePolicies, training, standards, guidelines, approval workflowsGovernance Team, HR
CompensatingInsurance, contractual indemnities, third-party assurancesRisk Manager, Legal
All high and critical risks have documented treatment plans with assigned owners.
Preventive controls are tested before AI system deployment.
Detective controls are operational before go-live.
Corrective procedures are documented, tested, and rehearsed at least annually.
Control effectiveness is reviewed quarterly and reported to the AI Steering Committee.

3.6 Executive Reporting

The AI Risk Report is a standing agenda item for the AI Steering Committee and Board Risk Committee. Reports shall be accurate, timely, and actionable.

Reporting Requirements

ReportFrequencyAudienceOwnerContent
AI Risk DashboardReal-timeC-Suite, CommitteeCRO / Risk ManagerOpen risks, heat map, trend indicators, control status
Steering Committee ReportMonthlyAI Steering CommitteeChief Governance OfficerNew risks, closed risks, incidents, maturity score
Board Risk ReportQuarterlyBoard Risk CommitteeCROMaterial risks, appetite breaches, strategic implications
Incident Flash ReportWithin 4 hoursC-Suite, BoardIncident ManagerIncident summary, impact, immediate actions, next steps
Annual Risk ReviewAnnualFull BoardCROComprehensive risk landscape, emerging threats, strategic recommendations