Risk Taxonomy, Mitigation, and Assessment Benchmarks of Large Language Model Systems
Structured LLM risk taxonomies inform how agencies categorise and assess AI risks - useful input to internal risk frameworks and procurement due diligence.
Key points
- A module-oriented LLM risk taxonomy covering 12 risks and 44 sub-categories across input, model, toolchain, and output layers.
- Included in the MIT AI Risk Repository, making it a reference point for agencies surveying structured AI risk frameworks.
- Primarily an academic arXiv paper summarised for practitioners - useful as background reading rather than actionable guidance.
Implications for Australian agencies
- Consider Agencies developing or updating AI risk registers could consider whether this module-oriented taxonomy offers a useful structural lens for categorising LLM-specific risks.
- Monitor Policy teams tracking international AI risk frameworks may want to note this paper's inclusion in the MIT AI Risk Repository as a reference resource.
Implications are AI-generated. Starting points, not advice — see methodology for how they're framed.
View original source
Copied.
"Risk Taxonomy, Mitigation, and Assessment Benchmarks of Large Language Model Systems"
Source: MIT AI Risk Repository – Blog
Published: 4 September 2024
URL: https://airisk.mit.edu/blog/risk-taxonomy-mitigation-and-assessment-benchmarks-of-large-language-model-systems
This MIT AI Risk Repository blog entry summarises a 2024 academic paper by Cui and colleagues proposing a module-oriented risk taxonomy for large language model systems. The taxonomy organises LLM risks across four functional modules - input, language model, toolchain, and output - identifying 12 distinct risks and 44 sub-categories including adversarial prompts, privacy leakage, hallucinations, harmful content, and software security vulnerabilities. For each module, the paper outlines corresponding mitigation strategies and reviews assessment benchmarks. Its structured, modular framing may assist APS practitioners developing or refining internal AI risk registers and procurement evaluation criteria.
Implications for Australian agencies:
- [Consider] Agencies developing or updating AI risk registers could consider whether this module-oriented taxonomy offers a useful structural lens for categorising LLM-specific risks.
- [Monitor] Policy teams tracking international AI risk frameworks may want to note this paper's inclusion in the MIT AI Risk Repository as a reference resource.
Retrieved from SIMS, 18 July 2026.