๐Ÿ”AI RiskAtlas
โ† Risk Taxonomy
#35

Unintentional inappropriate or illegal use

Risk taxonomy

Definition

Consumers or employees use Gen AI for inappropriate or illegal activities unintentionally, with liability remaining with the FI.

Controls & guardrails that address this

4

Grouped by control function, with the AI lifecycle stage(s) to apply each and the other risks it addresses. Filter by control category below.

Control category
Preventive ยท 2
Role-based access controls

Define RBAC architecture at design stage specifying permitted users, roles, and use contexts.

Lifecycle stages1 โ€“ Use Case Context & Design3 โ€“ Onboarding, Build & Review
Jailbreak detection

Develop and integrate jailbreak detection classifiers during build. Validate detection rates before deployment.

Lifecycle stages3 โ€“ Onboarding, Build & Review4 โ€“ Deployment5 โ€“ Usage, Monitoring & Change
Detective ยท 1
Vulnerability assessment

Conduct a misuse threat assessment at design stage. Identify misuse vectors and rate residual risk.

Corrective ยท 1
Red teaming

Conduct red team exercises covering misuse categories identified in S1 threat assessment.

Open these in the Control Library โ†’

Other risks in Cyber & Data Security

AI RiskAtlas is an educational model of how GenAI & agentic systems work and fail. Architectures and payloads are illustrative and simplified for learning โ€” not operational guidance. Real-world cases are summarised from public reporting.

Sources & further reading โ†’ยทBuilt by Shi Yuan โ†—