This page is still being polished. If you have thoughts, please share them via the feedback form.
Data on this page is preliminary and may change. Please do not share or cite these figures publicly.
Output attribution, content watermarking, and AI detection mechanisms.
Also in Non-Model
Reasoning
Watermarking marks synthetic outputs for attribution and AI detection, operating on system provenance tracking without modifying model weights.
Perception-level output
[Not a mitigation] Key risk metric/focus: Authenticity and consent. (Preventing deceptive or harmful manipulations of media; ensuring subjects’ rights are respected in generated content.)
99.9 OtherPerception-level output > Implement content filters
1.2.1 Guardrails & FilteringPerception-level output > Detection of deepfakes
1.2.5 Provenance & WatermarkingPerception-level output > Enforce usage policies
No non-consensual image generation, user identity verification for sensitive uses
2.3.2 Access & Security ControlsPerception-level output > Refrain from malicious use or unwarranted trust in unverified media
99.9 OtherKnowledge-level output
[Not a mitigation] Key risk metric/focus: Accuracy and veracity. (Maximizing truthfulness of outputs; minimizing false or misleading information.)
99.9 OtherA First-Principles Based Risk Assessment Framework and the IEEE P3396 Standard
Tong, Richard J.; Cortês, Marina; DeFalco, Jeanine A.; Underwood, Mark; Zalewski, Janusz (2025)
Generative Artificial Intelligence (AI) is enabling unprecedented automation in content creation and decision support, but it also raises novel risks. This paper presents a first-principles risk assessment framework underlying the IEEE P3396 Recommended Practice for AI Risk, Safety, Trustworthiness, and Responsibility. We distinguish between process risks (risks arising from how AI systems are built or operated) and outcome risks (risks manifest in the AI system's outputs and their real-world effects), arguing that generative AI governance should prioritize outcome risks. Central to our approach is an information-centric ontology that classifies AI-generated outputs into four fundamen-tal categories: (1) Perception-level information, (2) Knowledge-level information, (3) Decision/Action plan information, and (4) Control tokens (access or resource directives). This classification allows systematic identification of harms and more precise attribution of responsibility to stakeholders (developers, deployers, users, regulators) based on the nature of the information produced. We illustrate how each information type entails distinct outcome risks (e.g, deception, misinformation, unsafe recommendations, security breaches) and requires tailored risk metrics and mitigations. By grounding the framework in the essence of information, human agency, and cognition, we align risk evaluation with how AI outputs influence human understanding and action. The result is a principled approach to AI risk that supports clear accountability and targeted safeguards, in contrast to broad application-based risk categorizations. We include example tables mapping information types to risks and responsibilities. This work aims to inform the IEEE P3396 Recommended Practice and broader AI governance with a rigorous, first-principles foundation for assessing generative AI risks while enabling responsible innovation. © 2025 IEEE.
Verify and Validate
Testing, evaluating, auditing, and red-teaming the AI system
Developer
Entity that creates, trains, or modifies the AI system
Manage
Prioritising, responding to, and mitigating AI risks
