🔍AI RiskAtlas
← Risk Taxonomy
#33

Unmet architectural requirements

Risk taxonomy

Definition

Inadequate architectural requirements due to technology, cost or people constraints, leading to technical debt and hindering scalability, robustness and long-term viability of the Gen AI system.

Controls & guardrails that address this

4

Grouped by control function, with the AI lifecycle stage(s) to apply each and the other risks it addresses. Filter by control category below.

Control category
Preventive · 3
Non-functional performance requirements at design

Define non-functional requirements (latency, throughput, scalability) for the AI system at design stage.

Lifecycle stage1 – Use Case Context & Design
Modular architecture

Design and implement a modular AI architecture meeting all S1-defined NFRs. Validate against each requirement before deployment.

Lifecycle stage3 – Onboarding, Build & Review
Small model selection

Select a model architecture sized appropriately for platform constraints (memory, compute, latency).

Lifecycle stage3 – Onboarding, Build & Review
Also addressesHallucination
Detective · 1
Robustness testing

Perform final NFR compliance tests in the production environment before go-live. Block deployment if any NFR is unmet.

Corrective · 1
Robustness testing

Monitor production NFR compliance continuously. Conduct periodic architecture health checks and escalate when SLAs are breached.

Lifecycle stage5 – Usage, Monitoring & Change
Open these in the Control Library →

Other risks in Robustness & Stability

AI RiskAtlas is an educational model of how GenAI & agentic systems work and fail. Architectures and payloads are illustrative and simplified for learning — not operational guidance. Real-world cases are summarised from public reporting.

Sources & further reading →·Built by Shi Yuan ↗