AI Risk Taxonomy
A risk taxonomy is a structured classification system that gives teams a shared vocabulary for identifying, categorising, and communicating AI risks. Without a taxonomy, teams use inconsistent language — one team calls something a "hallucination risk", another calls it a "reliability issue", and risk registers become incomparable across the organisation. This page provides a practical taxonomy spanning five risk domains, with examples and severity guidance.
Why Taxonomy Matters
Benefits of a shared taxonomy
- Consistent risk language across teams (legal, engineering, product)
- Comparable risk registers — aggregate and prioritise across the portfolio
- Faster intake process — map new AI proposals to known risk categories
- Audit-ready documentation — regulators expect structured risk identification
What goes wrong without one
- Same risk documented three different ways across three teams
- No way to roll up AI risk to board-level reporting
- Regulatory audits find gaps because risk categories don't match requirements
- Teams focus on technical risks only, missing ethical and legal categories
Domain 1: Technical Risks
Risks arising from model behaviour, data quality, system architecture, and engineering failures.
| Risk | Description | Severity indicator |
|---|---|---|
| Hallucination | Model generates confident but false information | High if used in high-stakes decisions |
| Distribution shift | Real-world inputs diverge from training data over time | High if unmonitored; degrades silently |
| Adversarial vulnerability | Model manipulated by crafted inputs (injection, evasion) | Critical if externally facing with tool access |
| Data quality failure | Training data is incomplete, mislabelled, or unrepresentative | High — affects all downstream outputs |
| Dependency failure | Third-party API, vector store, or retrieval system unavailable | Medium to High depending on fallback |
Domain 2: Operational Risks
Risks arising from deployment processes, human-AI interaction, and operational failures.
Human-AI handoff errors
Human operators over-trust AI outputs and fail to apply judgment at review points. AI assists with a decision that the human rubber-stamps without verification.
Scope creep in production
AI system used for tasks beyond its validated scope — either by users or by feature expansion without re-validation. High-risk tasks done by a system only validated for low-risk ones.
Monitoring gaps
No continuous monitoring of AI output quality in production. Drift, bias amplification, or error patterns go undetected for weeks or months.
Retraining failure
Model retraining introduces regressions or new biases. Changes not tracked in a model registry; rollback not possible because previous model version was not preserved.
Domain 3: Ethical Risks
Risks arising from AI systems that cause harm, discriminate, or violate human values — even when technically functioning correctly.
Discriminatory outputs
AI makes decisions that disproportionately harm protected groups — in hiring, lending, healthcare triage, or content moderation. May be invisible in aggregate metrics.
Privacy violation
AI system processes, exposes, or enables inference of personal data without appropriate consent or legal basis. Includes re-identification from supposedly anonymised data.
Manipulation or deception
AI used to generate persuasive but misleading content, deepfakes, or synthetic media designed to deceive. Includes undisclosed AI in contexts where disclosure is required.
Dignity and autonomy
AI systems that treat people as objects to be processed rather than individuals with rights — for example, systems that deny services without meaningful explanation or recourse.
Domain 4: Legal & Regulatory Risks
- Regulatory non-compliance: Failure to meet requirements of EU AI Act, GDPR, CCPA, sector-specific law (HIPAA, SR 11-7, ABA ethics rules). Fines, enforcement action, mandatory remediation.
- IP and copyright infringement: AI trained on or reproducing copyrighted content without licence. Particularly relevant for code generation, image generation, and music generation.
- Liability exposure: AI causes harm and the question of who is liable is unclear — developer, deployer, or operator. Especially acute in healthcare, legal, and financial advice contexts.
- Contract breach: Vendor AI terms prohibit certain uses (e.g., medical diagnosis, legal advice) but product uses it for those purposes. Voided indemnity; potential breach of DPA.
Domain 5: Reputational Risks
Public trust incidents
AI system makes a high-profile error (biased decision, hallucinated advice, privacy breach) that becomes a media story. Customer trust and brand damage often exceed the direct cost of the incident.
Ethics washing exposure
Organisation makes public commitments to responsible AI but internal practices do not match the public position. Exposure by journalists, researchers, or whistleblowers causes significant reputational damage.
Severity Framework
| Severity | Definition | Required response |
|---|---|---|
| Critical | Imminent risk of serious physical, financial, or rights harm to individuals or groups | Stop deployment; mandatory escalation; immediate mitigation |
| High | Significant potential harm; likely regulatory exposure; reputational risk | Executive awareness; mitigations within agreed timeline; residual risk acceptance required |
| Medium | Moderate harm potential; manageable with compensating controls | Owner assigned; mitigation plan; monitored quarterly |
| Low | Minimal harm potential; unlikely to affect individuals materially | Documented; accepted; monitored annually |
Checklist: Do You Understand This?
- Name the five domains in a comprehensive AI risk taxonomy.
- Give one example each of a Technical, Operational, and Ethical AI risk.
- What is distribution shift risk and why is it classified as Technical rather than Operational?
- What is the difference between an Ethical risk and a Legal risk — can a system be ethical but non-compliant?
- At what severity level must residual risk be formally accepted by an accountable owner?
- Why does a shared taxonomy improve audit readiness?