Advanced

AI Risk Assessment and Mitigation

Lesson 2 of 4 Estimated Time 50 min

AI Risk Assessment and Mitigation

Understanding AI-Specific Risks

AI systems fail in ways traditional software doesn’t. Model performance degrades gradually. Biases emerge after deployment. Users build inappropriate trust. Your risk framework needs to account for these.

AI Risk Taxonomy

Model Performance Risks

Accuracy degradation:

  • Risk: Model accuracy decreases over time
  • Cause: Data distribution changed (world changed)
  • Impact: System providing worse decisions
  • Mitigation: Continuous monitoring, automatic retraining, alert on accuracy drops

Overfitting:

  • Risk: Model works in lab but not in production
  • Cause: Training data doesn’t match real-world
  • Impact: High accuracy in testing; low in production
  • Mitigation: Test on held-out data, validate in pilot before scale

Insufficient accuracy:

  • Risk: Model doesn’t reach acceptable accuracy
  • Cause: Insufficient training data, hard problem, poor approach
  • Impact: Users distrust or ignore system
  • Mitigation: Don’t launch until accuracy meets targets; use humans for accuracy-critical decisions

Edge cases:

  • Risk: System fails on unusual inputs
  • Cause: Training data didn’t include enough edge cases
  • Impact: System breaks when it encounters new scenario
  • Mitigation: Collect edge case data, test thoroughly, have human fallback

Fairness and Bias Risks

Discriminatory outcomes:

  • Risk: System treats groups differently (unfairly)
  • Cause: Training data biased, real-world disparities learned, protected attribute correlated with decision
  • Impact: Legal liability, ethical harm, user backlash
  • Mitigation: Fairness evaluation, bias monitoring, human oversight for sensitive decisions

Perpetuating systemic bias:

  • Risk: System learns and amplifies real-world bias
  • Cause: Training data reflects historical discrimination
  • Impact: Harm to already-disadvantaged groups
  • Mitigation: Audit for bias, collect representative data, conscious design

Proxy discrimination:

  • Risk: Using protected attributes indirectly
  • Cause: Using correlated variables (zip code as proxy for race)
  • Impact: Discriminatory even if not intentional
  • Mitigation: Understand correlation, test for disparate impact

Reliability and Safety Risks

System downtime:

  • Risk: AI service unavailable
  • Cause: Infrastructure failure, API outage, bug
  • Impact: Can’t process requests, users switch to manual
  • Mitigation: SLA monitoring, failover to manual, redundancy

Latency:

  • Risk: AI takes too long to respond
  • Cause: Complex model, large context, infrastructure constraints
  • Impact: Users experience slowness, abandon feature
  • Mitigation: Performance testing, model optimization, caching

Cascading failures:

  • Risk: Failure of AI system causes problems downstream
  • Cause: Systems built on top of AI output without safeguards
  • Impact: Bad decisions propagate
  • Mitigation: Treat AI as unreliable, always have fallback, don’t cascade critical decisions

Data and Privacy Risks

Data breach:

  • Risk: Training data or predictions exposed
  • Cause: Security vulnerability, insider threat, poor data handling
  • Impact: Privacy violation, user distrust, regulatory fines
  • Mitigation: Data security, access controls, encryption, audit logs

Unintended data retention:

  • Risk: System retains data longer than necessary
  • Cause: Data used for retraining, debugging, monitoring
  • Impact: User privacy violation, regulatory non-compliance
  • Mitigation: Data deletion policies, minimal data retention, privacy-by-design

Model inversion:

  • Risk: Sensitive information reconstructed from model outputs
  • Cause: Model memorizes training data
  • Impact: Privacy violation
  • Mitigation: Differential privacy, regular auditing, don’t use sensitive training data

Trust and Transparency Risks

Inappropriate trust:

  • Risk: Users over-rely on AI
  • Cause: AI output presented as authoritative, high confidence shown
  • Impact: Users don’t verify; bad decisions happen
  • Mitigation: Confidence indicators, require human review of important decisions, user education

Explainability failures:

  • Risk: System decisions unexplainable
  • Cause: Complex model, insufficient transparency
  • Impact: Users can’t understand why decision was made
  • Mitigation: Simpler models when possible, explanation systems, human-in-the-loop

Liability ambiguity:

  • Risk: Unclear who’s responsible when AI is wrong
  • Cause: No clear accountability framework
  • Impact: Legal disputes, inability to fix issues
  • Mitigation: Clear responsibility assignment, incident response procedures, documentation

Competitive and Strategic Risks

Model obsolescence:

  • Risk: Your model becomes outdated compared to competitors
  • Cause: Better models developed, training approaches improved
  • Impact: Competitive disadvantage
  • Mitigation: Technology monitoring, regular re-evaluation, upgrade path planned

Vendor lock-in:

  • Risk: Dependent on single model provider (OpenAI, Google, etc.)
  • Cause: Built system around specific API
  • Impact: Can’t change if pricing increases, quality decreases, provider changes direction
  • Mitigation: Multi-model strategy, build on APIs with alternatives, own critical models

Data moat erosion:

  • Risk: Data advantage disappears
  • Cause: Data becomes public, competitors get access to same data
  • Impact: Unique advantage gone
  • Mitigation: Continuous data collection, unique dataset development, data quality focus

Building a Risk Assessment Matrix

Map probability × impact to prioritize risks.

Risk Matrix Template

IMPACT (How bad if it happens?)
5: Catastrophic (company-threatening)
4: Major (significant business impact)
3: Moderate (noteworthy impact)
2: Minor (manageable)
1: Negligible (barely noticeable)

PROBABILITY (How likely?)
5: Very likely (happens regularly)
4: Likely (could happen in next 12 months)
3: Possible (could happen in next 2-3 years)
2: Unlikely (could happen but rare)
1: Very unlikely (almost won't happen)

Risk Score = Impact × Probability
15-25: Critical (act immediately)
10-12: Major (plan mitigation)
6-9: Moderate (monitor, mitigate where easy)
2-5: Low (accept, monitor)

Example Risk Assessment: Customer Service Chatbot

RiskImpactProbabilityScoreMitigation
Accuracy drops below 80%339Monitor daily, alert, retraining plan
Biased against non-English speakers428Test with diverse users, fairness audit
System downtime (API outage)326Fallback to human queue
Privacy breach (email data)515Encryption, access controls
Users trust too much, skip human review339Explicit “this is AI” messaging, easy override

Mitigation Strategies

For High-Probability, High-Impact Risks

Strategy 1: Prevention

  • Make it impossible to happen (if possible)
  • Example: Risk of using protected attributes → Don’t include in training data

Strategy 2: Reduction

  • Reduce likelihood or impact
  • Example: Accuracy risk → Monitor continuously, retrain frequently

Strategy 3: Human Oversight

  • Require human review before action taken
  • Example: Hiring decision risk → Human final decision, AI just scores

Strategy 4: Monitoring and Response

  • Accept risk exists; detect it quickly if it occurs
  • Example: Bias → Monitor fairness metrics quarterly; investigate if flagged

Strategy 5: Incident Response

  • Plan for how to respond when risk realizes
  • Example: Security breach → Notification plan, incident team, remediation steps

Layered Mitigations

Best approach: multiple layers of protection.

Example: Fraud Detection Risk

  • Layer 1 (Prevention): Audit training data for bias
  • Layer 2 (Reduction): Monitor for fairness issues monthly
  • Layer 3 (Oversight): Manual review of high-impact decisions
  • Layer 4 (Detection): Fraud escapes detection; alerts and monitoring catch unusual patterns
  • Layer 5 (Response): Incident response team investigates, system adjusted

If layer 1 fails, layer 2 catches it. If layer 2 fails, layer 3, etc.

Risk Acceptance Framework

Not all risks can be eliminated. When do you accept risk?

Conditions for risk acceptance:

  1. Risk is understood (not hidden)
  2. Impact is acceptable (or mitigations sufficient)
  3. Benefits outweigh risks
  4. Stakeholders aware and approved
  5. Monitoring in place to detect if risk realizes

Example risk acceptance:

Risk: Email spam filter may incorrectly mark legitimate email as spam

  • Impact: Users miss important emails (bad but not catastrophic)
  • Mitigation: Users can correct misclassifications; system learns
  • Benefit: Reduces spam load significantly
  • User communication: “Some legitimate email may be marked spam; check spam folder”
  • Decision: Accept with monitoring

What NOT to accept:

  • Unknown risks (you haven’t assessed them)
  • Unmitigated high-impact risks (even if low probability)
  • Risks users aren’t aware of
  • Risks you can easily eliminate

Continuous Risk Monitoring

Risks don’t go away post-launch. Monitor continuously.

Monthly Monitoring Checklist

  • Accuracy: Is model meeting target? Any concerning trend?
  • Fairness: Any group with notably different accuracy?
  • Security: Any unauthorized access attempts? Data access logs clean?
  • Performance: Latency within target? Any outages?
  • User trust: Feedback positive? Overrides reasonable?
  • Bias complaints: Any issues reported? Patterns?

Quarterly Risk Review

  • Deep dive on flagged risks
  • Re-assessment of probability/impact
  • Update mitigation strategies
  • Identify new risks

Annual Risk Reassessment

  • Full risk matrix review
  • New risks in environment?
  • Did any risks become reality? Learnings?
  • Update governance and policies

Documentation for Audits

Keep records for audits and investigations.

Document:

  • Risk assessments (completed before launch)
  • Mitigation strategies (what you’re doing about each risk)
  • Monitoring results (weekly/monthly checks)
  • Incidents (what went wrong and how you responded)
  • Changes (when you updated approach, why)

Why it matters:

  • Shows you took risks seriously
  • Demonstrates you have process
  • Helps if incident occurs (shows good faith effort)
  • Informs future decisions

Strategic Questions

  1. What’s your biggest AI risk? Be specific (not just “accuracy risk”)
  2. How will you detect it if it happens? Do you have monitoring?
  3. What would you do about it? Incident response plan?
  4. Which risks will you accept? Why?
  5. How will you keep monitoring it? (Not just at launch)

Key Takeaway: Identify AI-specific risks across model, fairness, reliability, data, trust, and strategic dimensions. Assess probability and impact. Develop layered mitigations. Accept only well-understood, monitored risks. Monitor continuously post-launch. Document everything for audits and future learning.

Discussion Prompt

For your AI system: What’s the highest-impact risk? How will you detect it? When would you stop using the system?

Previous Designing AI Governance Frameworks Next Navigating AI Regulations