Current AI risk mitigation frameworks suffer from fragmentation, terminological ambiguity, and coverage gaps, hindering coordinated multistakeholder governance. To address this, we introduce the first cross-framework taxonomy for AI risk mitigation, systematically synthesizing 831 mitigation measures from 13 prominent frameworks published between 2023 and 2025. Our methodology combines rapid evidence scanning, iterative clustering-based coding, and structured knowledge modeling to develop a four-dimensional classification—governance & oversight, technical safety, operational processes, and transparency & accountability—with 23 granular subcategories. We explicitly resolve semantic inconsistencies in key terms (e.g., “red-teaming,” “risk management”) and deliver a scalable, role-aligned taxonomy alongside a dynamic, open-source database. The resulting resource enables comparative framework analysis and gap identification, supporting national policymaking and AI safety organizations worldwide. All artifacts are publicly released to advance global AI governance infrastructure.

Organizations and governments that develop, deploy, use, and govern AI must coordinate on effective risk mitigation. However, the landscape of AI risk mitigation frameworks is fragmented, uses inconsistent terminology, and has gaps in coverage. This paper introduces a preliminary AI Risk Mitigation Taxonomy to organize AI risk mitigations and provide a common frame of reference. The Taxonomy was developed through a rapid evidence scan of 13 AI risk mitigation frameworks published between 2023-2025, which were extracted into a living database of 831 AI risk mitigations. The mitigations were iteratively clustered & coded to create the Taxonomy. The preliminary AI Risk Mitigation Taxonomy organizes mitigations into four categories and 23 subcategories: (1) Governance & Oversight: Formal organizational structures and policy frameworks that establish human oversight mechanisms and decision protocols; (2) Technical & Security: Technical, physical, and engineering safeguards that secure AI systems and constrain model behaviors; (3) Operational Process: processes and management frameworks governing AI system deployment, usage, monitoring, incident handling, and validation; and (4) Transparency & Accountability: formal disclosure practices and verification mechanisms that communicate AI system information and enable external scrutiny. The rapid evidence scan and taxonomy construction also revealed several cases where terms like 'risk management' and 'red teaming' are used widely but refer to different responsible actors, actions, and mechanisms of action to reduce risk. This Taxonomy and associated mitigation database, while preliminary, offers a starting point for collation and synthesis of AI risk mitigations. It also offers an accessible, structured way for different actors in the AI ecosystem to discuss and coordinate action to reduce risks from AI.