๐Ÿ”AI RiskAtlas
โ† Risk Taxonomy
#9

Lack of use case, data and model governance

Risk taxonomy

Definition

Failure to implement and enforce principles, guidelines, protocols and controls to proactively manage risks, and ensure traceability and responsibility in cases of undesirable outcomes.

Controls & guardrails that address this

5

Grouped by control function, with the AI lifecycle stage(s) to apply each and the other risks it addresses. Filter by control category below.

Preventive ยท 5
Mandatory AI initiative registration before design

Register all AI initiatives in the enterprise inventory before design begins. Block unregistered projects from proceeding.

Lifecycle stage1 โ€“ Use Case Context & Design
Data stewardship and classification governance from collection

Enforce data stewardship and classification governance on all AI training data from point of collection.

Lifecycle stage2 โ€“ Data Acquisition & Processing
Governance stage-gates at each SDLC phase

Enforce governance stage-gates at each SDLC phase. Block progression to next stage until all checkpoints are cleared.

Lifecycle stage3 โ€“ Onboarding, Build & Review
Pre-deployment stage-gate clearance review

Conduct pre-deployment governance review confirming all lifecycle stage-gates are cleared before go-live.

Lifecycle stage4 โ€“ Deployment
Change management for model updates and retirements

Maintain AI inventory in current state. Apply formal change management for all model updates and retirements.

Lifecycle stage5 โ€“ Usage, Monitoring & Change
Open these in the Control Library โ†’

Other risks in Accountability & Governance

AI RiskAtlas is an educational model of how GenAI & agentic systems work and fail. Architectures and payloads are illustrative and simplified for learning โ€” not operational guidance. Real-world cases are summarised from public reporting.

Sources & further reading โ†’ยทBuilt by Shi Yuan โ†—