BackEthical risk assessment

This page is still being polished. If you have thoughts, please share them via the feedback form.

Data on this page is preliminary and may change. Please do not share or cite these figures publicly.

Ethical risk assessment

Lu (2024)|LLM classified

Mitigation Taxonomy

2Organisation

2.2Risk & Assurance

2.2.1Risk Assessment

Structured analysis to identify, characterize, and prioritize potential harms and risks.

Also in Risk & Assurance

2.2.2 Testing & Evaluation2.2.3 Auditing & Compliance2.2.4 Assurance Documentation

Definitionp. 11

Although there are increasing concerns on AI ethics, RAI regulation is still at a very early stage. To assess the ethical risks associated with AI systems, an organization needs to extend the existing IT risk framework or design a new one to cover AI ethics

Additional Informationp. 11

The ISO/IEC JTC 1/SC 42 committee is developing ISO/IEC 23894 on Artificial Intelligence and Risk Management.39 NIST released the initial draft of the AI Risk Management Framework that provides a standard process for managing risks of AI systems.40 The Canadian government has released the Algorithmic Impact Assessment tool to identify the risks associated with automated decision-making systems.41 The Australian NSW government is mandating all of its agencies that are developing AI systems to go through the NSW AI Assurance Framework.42 Singapore launched the AI Verify Toolkit to test RAI.43 UK ICO released the AI and Data Protection Risk Toolkit,44 which is built up on their guidance for organizations using AI systems. Although ethical risk assessment has the potential to prevent the majority of incidents and increase awareness of RAI, it is often a one-off type of risk assessment with subjective judgment on measurement [

LLM Classification Details

Reasoning

Assesses ethical risks through framework extension to identify potential AI system harms.

Code: 2.2.1Version: v0.5Classified: Jan 22, 2026

Part of

Organization-level governance patterns

Other mitigations from Lu (2024) (68)

Governance Patterns

The governance for RAI systems can be defined as the structures and processes that are employed to ensure that the development and use of AI systems meet AI ethics principles. According to the structure of Shneiderman [104], governance can be built at three levels: industry level, organization level, and team level.

2.1 Oversight & Accountability

Lifecycle:Other (outside lifecycle)Actor:Governance ActorAIRM:Govern

Governance Patterns > Industry-level governance patterns

3.1 Legal & Regulatory

Lifecycle:Other (outside lifecycle)Actor:Governance ActorAIRM:Govern

Governance Patterns > Organization-level governance patterns

2.1 Oversight & Accountability

Lifecycle:Other (outside lifecycle)Actor:Governance ActorAIRM:Govern

Governance Patterns > Team-level governance patterns

2.1.2 Roles & Accountability

Lifecycle:Other (outside lifecycle)Actor:Other (multiple actors)AIRM:Govern

Process Patterns

The process patterns are reusable methods and best practices that can be used by the development team during the development process.

2.4.2 Design Standards

Lifecycle:Other (multiple stages)Actor:DeveloperAIRM:Other

Process Patterns > Requirement Engineering

2.4 Engineering & Development

Lifecycle:Plan and DesignActor:DeveloperAIRM:Map

View all 68 mitigations from this source →

Source Document

Responsible AI Pattern Catalogue: A Collection of Best Practices for AI Governance and Engineering

Lu, Qinghua; Zhu, Liming; Xu, Xiwei; Whittle, Jon; Zowghi, Didar; Jacquet, Aurelie (2024)

Responsible Artificial Intelligence (RAI) is widely considered as one of the greatest scientific challenges of our time and is key to increase the adoption of Artificial Intelligence (AI). Recently, a number of AI ethics principles frameworks have been published. However, without further guidance on best practices, practitioners are left with nothing much beyond truisms. In addition, significant efforts have been placed at algorithm level rather than system level, mainly focusing on a subset of mathematics-amenable ethical principles, such as fairness. Nevertheless, ethical issues can arise at any step of the development lifecycle, cutting across many AI and non-AI components of systems beyond AI algorithms and models. To operationalize RAI from a system perspective, in this article, we present an RAI Pattern Catalogue based on the results of a multivocal literature review. Rather than staying at the principle or algorithm level, we focus on patterns that AI system stakeholders can undertake in practice to ensure that the developed AI systems are responsible throughout the entire governance and engineering lifecycle. The RAI Pattern Catalogue classifies the patterns into three groups: multi-level governance patterns, trustworthy process patterns, and RAI-by-design product patterns. These patterns provide systematic and actionable guidance for stakeholders to implement RAI. ¬© 2024 Copyright held by the owner/author(s).

View source DOI: 10.1145/3626234

Classification

AI Lifecycle Stage

Plan and Design

Designing the AI system, defining requirements, and planning development

Responsible Actor

Governance Actor

Regulator, standards body, or oversight entity shaping AI policy

NIST AI RMF Function

Map

Identifying and documenting AI risks, contexts, and impacts

Govern

Risk Domains

Primary

6.5 Governance failure