Table of Contents

The Risk Manager’s AI Problem

Here is the uncomfortable reality facing most risk managers in 2026: AI is already embedded in your organization, and your existing enterprise risk management framework probably does not cover it.

Your team may be using AI for customer service chatbots, fraud detection, credit scoring, HR screening, or predictive maintenance. But if someone asked you to produce an AI risk register tomorrow, could you?

You are not alone. The Allianz Risk Barometer 2026 ranked artificial intelligence as the number two global business risk, jumping from number ten in just one year. That is the largest single-year climb in the survey’s history.

Meanwhile, Deloitte’s State of AI in the Enterprise 2026 report found that worker access to AI rose 50% in 2025, but only one in five companies has a mature governance model for autonomous AI agents. IAPP’s 2025 AI Governance survey found that 77% of organizations say they are building AI governance programs, yet most remain in early stages.

The gap between AI adoption speed and AI risk management maturity is where bad things happen. Italy fined OpenAI 15 million euros for GDPR violations. The FTC’s Operation AI Comply targeted deceptive AI marketing.

ISACA documented multiple cases in 2025 where AI hallucinations, bias incidents, and security vulnerabilities caused real organizational harm, not because the technology failed but because governance was weak, ownership was unclear, and nobody had assessed the risk properly.

This guide gives you a practical, framework-neutral AI risk assessment methodology you can implement immediately.

It is anchored to two standards that matter most for US-based multinationals: the NIST AI Risk Management Framework (AI RMF 1.0) and the EU AI Act. If your organization operates in Europe or sells to European customers, you need both.

Even if you are purely US-domestic, NIST AI RMF alignment will increasingly become table stakes as federal and state regulations catch up. California AB 2013 and SB 942 took effect in January 2026, and the SEC’s 2026 examination priorities explicitly elevated AI and cybersecurity concerns above cryptocurrency for the first time.

Regulatory Landscape: NIST AI RMF and EU AI Act Alignment

Before building your AI risk assessment framework, you need to understand the two regulatory anchors. The good news: they are more complementary than conflicting.

NIST AI RMF 1.0: The US Voluntary Standard

Released January 2023, the NIST AI Risk Management Framework is voluntary guidance built around four core functions: Govern, Map, Measure, and Manage.

NIST also released the Generative AI Profile (NIST-AI-600-1) in July 2024, specifically addressing risks from large language models and generative AI systems.

The framework is grounded in seven characteristics of trustworthy AI: valid and reliable, safe, secure and resilient, accountable and transparent, explainable and interpretable, privacy-enhanced, and fair with harmful bias managed.

In 2025, 12 frontier AI companies published or updated safety frameworks aligned to these principles (International AI Safety Report 2026).

For risk managers, the NIST AI RMF maps cleanly to ISO 31000. Govern corresponds to your risk governance and appetite structure. Map aligns with risk identification and context setting. Measure is your risk analysis and evaluation.

Manage covers risk treatment and monitoring. If you already run an ISO 31000-aligned ERM program, extending it to AI risks is a natural progression rather than a separate initiative.

EU AI Act: The Enforceable Regulation

The EU AI Act (Regulation EU 2024/1689) is the world’s first comprehensive AI law. It entered into force August 1, 2024, with phased enforcement. Prohibited AI practices became enforceable February 2, 2025. GPAI model obligations applied from August 2, 2025.

The critical deadline for most organizations is August 2, 2026, when requirements for Annex III high-risk AI systems become enforceable. These include AI used in employment decisions, credit scoring, education, law enforcement, and critical infrastructure.

The Act uses a four-tier risk classification: unacceptable (banned), high-risk (heavily regulated), limited risk (transparency obligations), and minimal risk (unregulated). Penalties are severe: up to 35 million euros or 7% of global annual turnover for prohibited AI violations; 15 million euros or 3% for high-risk non-compliance. For US multinationals with European customers or operations, this is not optional guidance. It is law.

Crosswalk: NIST AI RMF to EU AI Act

NIST Function	NIST Requirements	EU AI Act Alignment	Your Action
GOVERN	AI governance structure, risk appetite for AI, policies, roles and responsibilities	Article 9: Risk management system. Article 17: Quality management system	Establish AI governance committee, define AI risk appetite, assign AI risk owners
MAP	Context setting, AI system inventory, stakeholder identification, risk categorization	Article 6: Risk classification (4 tiers). Annex III: High-risk use cases	Inventory all AI systems, classify by EU risk tier, document intended use and context
MEASURE	Risk measurement, testing, validation, bias assessment, performance monitoring	Article 9(2-8): Risk assessment and mitigation. Article 15: Accuracy, robustness, cybersecurity	Conduct risk assessments per AI system, test for bias and accuracy, document findings
MANAGE	Risk treatment, incident response, continuous monitoring, decommission planning	Article 9(9): Residual risk monitoring. Article 72: Incident reporting	Implement controls, establish AI incident response, monitor and report

AI Risk Categories: A Practitioner’s Taxonomy

Most risk managers know how to categorize operational, financial, and compliance risks. AI introduces risk categories that cut across traditional domains. Here is a taxonomy I use in practice, built to integrate with existing enterprise risk registers while capturing what is genuinely different about AI:

Risk Category	Description	Examples
Model Performance	Risks from AI systems producing inaccurate, unreliable, or degraded outputs that affect business decisions or customer outcomes	Hallucinations in LLM outputs used for customer advice; prediction model drift causing increased false positives in fraud detection; accuracy degradation after data distribution shift
Bias and Fairness	Risks from AI systems producing discriminatory outcomes across protected characteristics such as race, gender, age, or disability	Hiring algorithm scoring female candidates lower; credit model disproportionately denying applications from minority zip codes; facial recognition accuracy gaps across skin tones
Data Governance	Risks from training data quality, privacy violations, unauthorized data use, or data poisoning	Model trained on PII without consent; training data containing copyrighted material (EU AI Act Article 53 compliance); data poisoning attack corrupting model behavior
Security and Adversarial	Risks from prompt injection, model extraction, data exfiltration, jailbreaking, or adversarial manipulation of AI systems	Prompt injection causing chatbot to disclose internal system prompts; adversarial inputs causing misclassification in autonomous systems; model extraction by competitors
Transparency and Explainability	Risks from inability to explain AI decisions to stakeholders, regulators, or affected individuals	Black-box credit decision that cannot be explained to applicant (ECOA requirements); inability to document decision logic for EU AI Act conformity assessment
Operational Dependency	Risks from over-reliance on AI systems, single points of failure, vendor lock-in, or inadequate human oversight	Critical business process halted when AI vendor has outage; automation bias causing staff to stop checking AI outputs; shadow AI deployed without IT knowledge
Regulatory and Legal	Risks from non-compliance with AI-specific regulations, intellectual property disputes, or contractual liability	EU AI Act non-compliance for high-risk system (fines up to 7% of global turnover); IP infringement through AI-generated content; contractual liability for AI-driven advice
Ethical and Reputational	Risks from AI use cases that, while technically legal, cause stakeholder backlash or reputational harm	AI-generated deepfake content associated with brand; customer backlash over perceived surveillance; media coverage of biased AI outcomes

These eight categories are designed to slot into your existing risk control self-assessment (RCSA) methodology. Each AI system you assess should be evaluated against all eight categories using the likelihood-times-impact scoring you already use for other operational risks.

AI Risk Register Template

Here is a ready-to-use AI risk register structure. This template extends a standard risk register to capture the fields specific to AI risk assessment. You can adapt the scoring scales to match your organization’s existing risk appetite framework.

AI System / Use Case	Risk Category	Risk Description	Inherent Risk (LxI)	Controls in Place	Residual Risk (LxI)	Risk Owner	NIST Function / EU Tier
Customer service chatbot (GPT-4)	Model Performance	Hallucinated responses providing incorrect product info to customers	4×4 = 16 (High)	Human review queue for flagged responses, disclaimer text, weekly accuracy audits	3×3 = 9 (Medium)	Head of CX	MEASURE / Limited Risk
Resume screening tool	Bias & Fairness	Gender or ethnic bias in candidate scoring	5×5 = 25 (Critical)	Bias testing quarterly, diverse training data, human override for all rejections	3×4 = 12 (High)	CHRO	MANAGE / High Risk (Annex III)
Fraud detection model	Model Performance	Model drift causing increased false positive rate	4×4 = 16 (High)	Monthly performance monitoring, retraining triggers at >5% FP increase, manual review	2×4 = 8 (Medium)	Head of Fraud	MEASURE / Limited Risk
Internal code generation (Copilot)	Security	Sensitive code or credentials leaked through prompts to external AI	4×5 = 20 (Critical)	DLP on AI prompts, approved tool list, no production data in prompts policy	2×4 = 8 (Medium)	CISO	MANAGE / Minimal Risk
Credit scoring AI	Regulatory	EU AI Act high-risk non-compliance, inability to explain decisions	5×5 = 25 (Critical)	Conformity assessment initiated, XAI module deployed, documentation maintained	3×4 = 12 (High)	CRO	GOVERN / High Risk (Annex III)

Scoring Guide: Use a 5×5 matrix (Likelihood 1-5, Impact 1-5). Critical: 20-25. High: 12-19. Medium: 6-11. Low: 1-5. Apply the same risk appetite thresholds your organization uses for other enterprise risks. The additional column mapping to NIST function and EU AI Act tier helps you track regulatory alignment alongside risk severity.

The register above is a starting point. In practice, you will also want fields for: treatment plan (with SMART actions), KRIs and monitoring frequency, last assessment date, next review date, and links to supporting evidence. For guidance on building effective key risk indicators for ongoing monitoring, see our detailed guide.

Step-by-Step: Conducting an AI Risk Assessment

Here is the process I follow when conducting AI risk assessments. It maps to the NIST AI RMF functions and produces the documentation needed for EU AI Act conformity.

Step 1: Inventory Your AI Systems (NIST: MAP)

You cannot assess what you do not know about. Start with a comprehensive inventory of every AI system in your organization, including shadow AI that business teams adopted without IT approval. Deloitte’s 2026 report found that worker access to AI rose 50% in just one year. That growth probably outpaced your procurement controls.

For each AI system, document: system name and vendor, intended purpose and business process, data inputs and outputs, user population (internal vs. customer-facing), deployment status (pilot, production, decommissioned), and the decision significance (advisory vs. autonomous). This inventory becomes your AI asset register, the foundation for every subsequent step.

Step 2: Classify by Risk Tier (NIST: MAP + EU AI Act Article 6)

Apply the EU AI Act’s four-tier classification to every system in your inventory. This is mandatory for organizations with EU exposure, and it is useful due diligence even for US-only companies. The classification determines your regulatory obligations:

Unacceptable Risk (Prohibited): Social scoring, manipulative subliminal techniques, certain biometric categorization, emotion recognition in workplace/education (except medical/safety). If any system falls here, decommission it immediately.
High Risk (Annex III): AI used in biometric identification, critical infrastructure management, education and vocational training, employment and worker management, access to essential services (credit, insurance), law enforcement, migration and border control, administration of justice. These require full conformity assessment, technical documentation, quality management, human oversight, and EU database registration by August 2026.
Limited Risk: Chatbots and systems that interact directly with users, deepfake generators, emotion recognition for non-prohibited purposes. Transparency obligations apply: users must know they are interacting with AI.
Minimal Risk: Spam filters, recommendation engines, AI-enabled video games, internal analytics without decision-making authority. No specific compliance obligations, but voluntary codes of conduct are encouraged.

Step 3: Assess Risks Across All Eight Categories (NIST: MEASURE)

For each AI system, conduct a structured risk assessment using the eight AI risk categories above. This is where your existing risk assessment skills translate directly. Run workshops with the business team that owns each AI system.

Walk through each risk category. Score inherent risk (before controls). Document existing controls. Score residual risk. Identify gaps.

Two assessments deserve special attention. First, bias testing. For any AI system that affects individuals (hiring, credit, insurance, service access), conduct fairness testing across protected characteristics. Document the methodology, results, and any disparate impact findings. Second, explainability assessment.

For high-risk systems under the EU AI Act, you must demonstrate that decisions can be meaningfully explained to affected individuals and to regulators. If your model is a black box, you need either an explainable AI (XAI) overlay or a different model architecture.

Step 4: Implement Controls and Treatment Plans (NIST: MANAGE)

Translate your risk assessment findings into actionable treatment plans. Every risk rated High or Critical in your register needs a documented treatment plan with SMART actions. Common AI risk controls include:

Human-in-the-loop review for high-stakes AI decisions (hiring, credit, clinical)
Continuous performance monitoring with automated drift detection and retraining triggers
Bias testing on a quarterly cycle with documented methodology and remediation actions
DLP (data loss prevention) controls on AI prompts to prevent sensitive data leakage
Approved AI tool list with procurement controls to prevent shadow AI proliferation
AI incident response playbook integrated into your existing incident management process
Vendor risk assessments for third-party AI providers, covering model training data, security, and contractual liability
Documentation and audit trail for all AI decisions subject to regulatory scrutiny

For organizations that already run business continuity management programs, consider the BCM implications of AI dependency. What happens when your AI vendor has an outage? What is your RTO for AI-dependent processes? Build AI failure scenarios into your business impact analysis.

Step 5: Monitor, Report, and Iterate (NIST: GOVERN + MANAGE)

AI risk is not a one-time assessment. Models degrade, regulations evolve, threat landscapes shift. Establish ongoing monitoring through:

AI-specific KRIs: Model accuracy/F1 score trends, false positive/negative rates, bias metrics by protected class, prompt injection attempt frequency, time-to-detect model drift, shadow AI discovery rate
Board reporting: Include an AI risk section in your quarterly risk report. Use the same heatmap format your board already reads. Map AI risks alongside operational, financial, and compliance risks so the board sees AI risk in context, not as a separate technology topic
Incident tracking: Log AI-related incidents (hallucinations, bias events, security breaches) in your existing incident management system. Trend analysis over time reveals whether your controls are working
Regulatory watch: The regulatory landscape is shifting fast. California AB 2013 and SB 942 took effect January 2026. EU AI Act high-risk deadlines hit August 2026. ISO/IEC 42001 (AI management systems) is gaining traction as the certifiable governance standard. Assign someone to track and report on AI regulatory developments quarterly

AI Risk KRI Dashboard: What to Track

Here is a practical KRI framework for AI risk monitoring. These indicators should feed into your existing risk dashboard and board reporting structures:

KRI	Measurement	Frequency	Threshold Example
Model Accuracy Drift	Change in accuracy/F1 score vs. baseline	Weekly	Green: <2% \| Amber: 2-5% \| Red: >5%
Bias Score	Disparate impact ratio across protected classes	Quarterly	Green: 0.8-1.2 \| Amber: 0.6-0.8 \| Red: <0.6
Shadow AI Discovery Rate	New unapproved AI tools found per quarter	Quarterly	Green: 0-2 \| Amber: 3-5 \| Red: >5
AI Incident Count	Hallucination/bias/security incidents logged	Monthly	Green: 0-1 \| Amber: 2-4 \| Red: >4
Prompt Injection Attempts	Blocked adversarial prompt attempts	Weekly	Green: <10 \| Amber: 10-50 \| Red: >50
Regulatory Gap Count	Outstanding AI compliance actions overdue	Monthly	Green: 0 \| Amber: 1-2 \| Red: >2
AI Vendor Risk Score	Weighted risk rating of third-party AI providers	Quarterly	Green: Low \| Amber: Medium \| Red: High
Human Override Rate	Percentage of AI decisions overridden by humans	Monthly	Green: 5-15% \| Amber: <5% or >25% \| Red: 0%

The human override rate is worth explaining. If nobody is overriding AI decisions (0%), it signals automation bias: people are rubber-stamping AI outputs without scrutiny. If the override rate is too high (>25%), the model is probably underperforming and needs retraining. The sweet spot is typically 5-15%, indicating that humans are engaged, checking outputs, and catching errors without undermining the model’s value.

Common Mistakes and How to Avoid Them

Treating AI risk as a technology problem. It is a business risk. The CIO should not own AI risk management alone. Your AI governance committee needs representation from risk, compliance, legal, HR, and the business lines that actually use AI. Deloitte’s 2026 research found that enterprises where senior leadership actively shapes AI governance achieve significantly greater business value.
Assessing AI risk once and filing it away. AI systems change. Models are retrained, data distributions shift, new capabilities emerge. The International AI Safety Report 2026 documented cases of AI models detecting when they were being evaluated and altering their behavior, which fundamentally undermines one-time testing. Build continuous monitoring into your framework from day one.
Ignoring shadow AI. Your employees are using ChatGPT, Copilot, and dozens of other AI tools, whether you approved them or not. Deloitte found worker access to AI rose 50% in 2025. You need a shadow AI discovery process, an approved tools list, and an acceptable use policy. Pretending shadow AI does not exist does not reduce your risk.
Copying another organization’s framework without adaptation. Your AI risk assessment framework must reflect your specific AI use cases, your risk appetite, your regulatory obligations, and your organizational culture. The NIST AI RMF and EU AI Act provide the structure, but the content must be yours.
Separating AI risk from your existing ERM program. AI risk belongs in your existing risk register, your existing board reporting, your existing control framework. Creating a parallel “AI risk program” fragments governance and creates blind spots. Integrate AI risk into your enterprise risk management program as a new risk category, not a new program.

The Bottom Line

AI risk assessment is not a new discipline. It is an extension of what risk managers already do. The core skills, such as risk identification, inherent and residual scoring, control assessment, KRI monitoring, and board reporting, transfer directly. What is new is the speed at which AI risks emerge and mutate, the technical complexity of some failure modes, and the regulatory landscape that is forming in real time.

The framework in this guide gives you a starting point you can implement this quarter. Inventory your AI systems. Classify them by risk tier. Assess each against the eight AI risk categories. Build your AI risk register. Implement controls. Monitor with KRIs. Report to the board. And iterate, because this landscape will look different six months from now.

As the ISACA authors put it after reviewing the biggest AI failures of 2025: in 2026, competitive advantage will not come from using more AI, but from governing it well. That governance starts with a solid risk assessment framework, and now you have one.

Building your AI governance program? Explore our library at riskpublishing.com, including guides on enterprise risk management technology practices, cybersecurity and ERM integration, how to audit a business continuity plan, ERM in cloud computing, and regulatory compliance KRI best practices.

Sources and Further Reading

NIST AI RMF 1.0: AI Risk Management Framework (January 2023) and Generative AI Profile NIST-AI-600-1 (July 2024) — https://www.nist.gov/itl/ai-risk-management-framework
EU AI Act: Regulation (EU) 2024/1689. Full text and compliance timeline — https://artificialintelligenceact.eu/
Allianz Risk Barometer 2026: AI ranked #2 global business risk, up from #10 in 2025 — https://commercial.allianz.com/news-and-insights/expert-risk-articles/allianz-risk-barometer-2026-ai.html
Deloitte: State of AI in the Enterprise 2026: 3,235 leaders surveyed, worker AI access up 50% — https://www.deloitte.com/us/en/what-we-do/capabilities/applied-artificial-intelligence/content/state-of-ai-in-the-enterprise.html
International AI Safety Report 2026: 12 companies published AI safety frameworks in 2025; evaluation gap documented — https://internationalaisafetyreport.org/publication/international-ai-safety-report-2026
IAPP: AI Governance Profession Report 2025: 77% of organizations building AI governance — https://iapp.org
ISACA: Avoiding AI Pitfalls in 2026: Lessons Learned from Top 2025 Incidents — https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2025/avoiding-ai-pitfalls-in-2026-lessons-learned-from-top-2025-incidents
Knostic.ai: The 20 Biggest AI Governance Statistics and Trends of 2025 — https://www.knostic.ai/blog/ai-governance-statistics
Secure Privacy: EU AI Act 2026 Compliance Guide and AI Risk & Compliance 2026 Overview — https://secureprivacy.ai/blog/eu-ai-act-2026-compliance
ISO/IEC 42001: AI Management Systems standard. Certifiable AI governance framework — https://www.iso.org/standard/81230.html

Chris Ekai

Chris Ekai is a Risk Management expert with over 10 years of experience in the field. He has a Master’s(MSc) degree in Risk Management from University of Portsmouth and is a CPA and Finance professional. He currently works as a Content Manager at Risk Publishing, writing about Enterprise Risk Management, Business Continuity Management and Project Management.

AI Risk Assessment Framework: A Practical Guide for Risk Managers