AI governance / AI Governance Kits

AI Risk Register and Assessment Template

A structured AI risk register and assessment worksheet for ranking AI use cases by data exposure, impact, human review, vendor dependency, and control strength.

Who buys this

  • AI governance owners
  • risk teams
  • IT managers
  • operations leaders

Deliverables

  • AI use-case risk register
  • Risk scoring model
  • Control and mitigation worksheet
  • Management review summary template

Business outcomes

  • Rank AI use cases instead of treating all AI activity the same
  • Identify where sensitive data, automated decisions, or weak review creates risk
  • Give management a clearer view of the AI risks that need action

Proof points

  • Focuses on practical risk signals: data sensitivity, decision impact, user scope, vendor dependency, and human review.
  • Creates a record that can support policy review, management reporting, and future compliance work.
  • Helps small teams avoid overbuilding while still documenting real AI risks.

Preview

Risk fields: use case, owner, system, users, data category, output use, decision impact, human review, vendor, controls, residual risk.
High-risk signal: AI output affects employment, credit, health, access, legal rights, pricing, eligibility, or customer-impacting decisions.
Mitigation examples: restrict data, require review, add approval owner, document prompt rules, collect vendor evidence, or block use.

Public sample

Rank AI use cases by data exposure, decision impact, vendor dependency, human review, control strength, and residual risk.

Risk fields: use case, owner, system, users, data category, output use, decision impact, human review, vendor, controls, residual risk.
High-risk signal: AI output affects employment, credit, health, access, legal rights, pricing, eligibility, or customer-impacting decisions.
Mitigation examples: restrict data, require review, add approval owner, document prompt rules, collect vendor evidence, or block use.

Review full sample

Buyer FAQ

Is this only for regulated companies?

No. It is useful for any company that needs to understand which AI uses are low-risk and which need stronger controls.

Does it replace a full risk assessment?

No. It provides a structured starting point for internal assessment and management review.