Score
Designing and operating organizational policies, technical controls and evaluation practices that reduce harms and systemic risk from ML systems, including model risk assessment, incident response, documentation standards (model cards, datasheets), red‑teaming/adversarial testing, formal verification and safety testing, and legal/regulatory compliance across privacy, accountability and transparency frameworks.
Current AI risk mitigation frameworks suffer from fragmentation, terminological ambiguity, and coverage gaps, hindering coordinated multistakeholder governance. To address this, we introduce the first cross-framework taxonomy for AI risk mitigation, systematically synthesizing 831 mitigation measures from 13 prominent frameworks published between 2023 and 2025. Our methodology combines rapid evidence scanning, iterative clustering-based coding, and structured knowledge modeling to develop a four-dimensional classification—governance & oversight, technical safety, operational processes, and transparency & accountability—with 23 granular subcategories. We explicitly resolve semantic inconsistencies in key terms (e.g., “red-teaming,” “risk management”) and deliver a scalable, role-aligned taxonomy alongside a dynamic, open-source database. The resulting resource enables comparative framework analysis and gap identification, supporting national policymaking and AI safety organizations worldwide. All artifacts are publicly released to advance global AI governance infrastructure.
This study addresses the systemic risks posed by on-premises AI coding agents, whose autonomous modifications to code and infrastructure may lead to severe organizational or societal harm due to challenges in timely constraint, auditing, or reversal. For the first time, it systematically applies three systems safety methodologies—STECA, STPA, and FRAM—to model risks in cutting-edge laboratory settings from multiple perspectives. The analysis reveals critical blind spots in current AI governance frameworks, particularly concerning unverifiable accountability, control failure caused by intervention delays, and weakened safeguards due to operational drift. The work underscores the necessity of integrating model-level evaluations with system-level hazard analysis, offering a crucial complementary pathway for robust AI risk management.
This paper addresses the conceptual conflation of “oversight” and “control” in AI safety governance, systematically distinguishing their distinct objectives, operational mechanisms, and temporal scopes. Through a critical cross-disciplinary literature review—and integrating insights from Responsible AI maturity models and risk governance theory—it develops a theoretically rigorous yet policy-actionable analytical framework, introducing the first AI Oversight Maturity Model (AI-OMM). The model identifies critical boundary conditions for oversight failure and establishes a structured, conditional system for assessing the feasibility of meaningful human oversight. Key contributions include: (1) clarifying the normative distinction between oversight and control; (2) diagnosing design gaps and contextual limitations in current oversight mechanisms; and (3) providing regulators, auditors, and developers with a practical tool to evaluate oversight effectiveness, detect capability gaps, and guide technical alignment with governance requirements.
This study addresses the challenges of assessing compliance between organizational cybersecurity policies and abstract security control frameworks such as NIST SP 800-53, which are often time-consuming, difficult to standardize, and lack traceability. To overcome these limitations, the authors propose PROPAGATE, a novel framework that leverages large language models (LLMs) to automate control-level compliance evaluation for the first time. By integrating both open-source and closed-source LLMs, the framework automatically retrieves relevant policy text, evaluates coverage across 1,007 security controls, and generates interpretable gap analyses with actionable improvement recommendations. Experimental results on two real-world organizational policy corpora demonstrate high effectiveness, achieving F1 scores of 88.54 and 82.31, respectively, thereby enabling traceable and explainable compliance enhancement.
Enterprise AI governance suffers from fragmentation: isolated risk management practices, conflicting cross-jurisdictional regulations, and high-level principles lacking operational specificity—leading to inflated governance costs and a false dichotomy between innovation and accountability. This paper proposes the Unified Control Framework (UCF), introducing a novel three-layered, synergistic design: (1) a unified risk taxonomy integrating organizational and societal dimensions; (2) structured, semantically mapped policy representations across jurisdictions; and (3) 42 streamlined, scenario-agnostic control items. Leveraging risk modeling, regulatory alignment, and control abstraction, UCF is empirically validated against the Colorado AI Act. Results demonstrate substantial reduction in redundant effort, comprehensive compliance coverage, and support for automated implementation—thereby enhancing both governance rigor and innovation efficiency.
This work addresses a critical gap in the safety evaluation of large language models (LLMs), which has predominantly focused on general risks while neglecting systematic assessment of compliance with organization-specific policies such as allowlists and blocklists. To bridge this gap, we propose COMPASS, the first evaluation framework tailored for organizational policy alignment. COMPASS encompasses 5,920 test queries spanning eight industries, integrating policy-driven query generation, adversarial edge cases, human validation, and multi-model benchmarking. Experiments across seven mainstream LLMs reveal that while models correctly fulfill over 95% of permissible requests, they fail to reject 60%–87% of prohibited adversarial queries, exposing significant vulnerabilities in high-stakes policy enforcement scenarios. This study thus fills a crucial void in enterprise-grade AI safety evaluation.
Large language model (LLM)-based agents introduce novel ethical and safety risks in autonomous planning, tool invocation, and dynamic interaction—risks inadequately addressed by current fragmented, non-end-to-end governance approaches. Method: We propose the first unified, full-lifecycle governance framework that maps identified risk categories to actionable design constraints, runtime controls, and audit mechanisms. The framework innovatively integrates semantic telemetry, dynamic authorization, cryptographic provenance tracking, and scenario-specific evaluation to establish a measurable and verifiable assurance system. Contribution/Results: Experimental evaluation demonstrates significant improvements in agent trustworthiness across safety, privacy preservation, fairness, and system resilience. The framework enables both pre-deployment multidimensional assessment and real-time operational governance, thereby closing the governance loop from design through deployment and runtime monitoring.
This work proposes an intelligent agent framework leveraging large language models to address the inefficiency and imprecision of expert-dependent cybersecurity incident retrospectives. By integrating system log analysis with security policy validation into an end-to-end pipeline, the approach employs GPT-4o for reasoning, LangGraph to orchestrate multi-agent workflows, and LlamaIndex for traceable policy retrieval. Crucially, it establishes an interpretable mapping from observed attack behaviors—structured using the MITRE ATT&CK framework—to underlying policy gaps. In simulated brute-force attack scenarios, the system automatically identifies missing or insufficient security controls and generates actionable, evidence-backed remediation recommendations. This significantly enhances both the efficiency of post-incident analysis and the transparency of security audits.
Conventional open-source risk management overrelies on technical tools, failing to address systemic risks—including upstream “silent fixes,” community conflicts, and sudden license changes—resulting in governance blind spots. Method: This paper proposes a strategic open-source risk governance framework centered on the interaction between external threats and internal vulnerabilities, shifting from tactical response to proactive, strategic prevention. It innovatively introduces a Strategic Objective Matrix and a dual-risk taxonomy, yielding an “Object–Threat–Vulnerability–Mitigation” decision model; integrates grounded theory, strategic mapping, and capability-building principles to support organization-level governance decisions. Contribution/Results: Validated by three domain experts and applied in real-world case studies, the framework significantly enhances risk analytical capability and enables enterprises to establish a systematic, immunizing mechanism against open-source risks.
AI system deployment faces three critical governance gaps: absence of use-case-level risk assessment, misalignment between high-level principles and operational controls, and lack of scalable mechanisms for governance integration. To address these, this paper introduces the Trust Integration Pillars (TIPS)—a structured governance framework that pioneers a four-dimensional closed-loop paradigm: risk profiling, control mapping, quantitative measurement, and role-based collaboration—achieving engineering-ready AI governance four years prior to the NIST AI Risk Management Framework (RMF). TIPS integrates Governance, Risk, and Compliance-as-Code (GRC-as-Code), risk-driven use-case classification matrices, multi-tier compliance dashboards, and role-specific governance dashboards to embed governance throughout the AI development lifecycle. Empirical evaluation demonstrates 100% governance coverage across cross-functional AI projects, a 47% improvement in critical risk identification accuracy, and 68% automation of governance actions—successfully deployed at scale in high-stakes domains including healthcare and finance.
The field lacks a unified, operationally defined framework for AI “Loss of Control” (LoC), hindering rigorous safety analysis and governance. Method: We propose the first tiered LoC taxonomy and a socio-vulnerability evolution model, systematically characterizing three LoC pathways—Deviation, Bounded LoC, and Strict LoC—arising from objective misalignment or system failure. Innovatively, we introduce the Deployment-context, Affordance, and Permissions (DAP) external regulation framework, shifting focus from internal capability interventions to context-aware, deployable controls. Our approach integrates risk/threat modeling, pre-deployment testing, runtime monitoring, and multi-layered governance across the AI lifecycle. Contributions: (1) Quantifiable LoC severity criteria; (2) an early-warning pathway for societal vulnerability; (3) an immediately applicable DAP intervention framework; and (4) a “permanent hover” techno-governance co-design strategy. Together, these deliver a systematic, implementable foundation for advanced AI safety governance.