AI Risk Profiles: A Standards Proposal for Pre-deployment AI Risk Disclosures
A structured pre-deployment risk disclosure taxonomy could inform how Australian agencies assess and document AI risks before procurement or deployment.
Key points
- A nine-category AI risk taxonomy proposes a standardised pre-deployment risk disclosure format for AI systems.
- The framework was applied to Claude, GPT APIs, Microsoft Copilot, GitHub Copilot, and Midjourney - tools common in APS contexts.
- Published in 2024 and spotlighted now via MIT AI Risk Repository; not a new standard but a peer-reviewed proposal.
Summary
Sherman and Eisenberg (2024) propose a standardised AI risk profiling framework built on nine high-level risk categories - covering abuse and misuse, compliance, fairness, privacy, security, performance, explainability, environmental impact, and long-term risks. The framework is designed to support procurement decisions, triage further risk assessment, and inform regulatory frameworks, and is positioned as a 'lingua franca' bridging technical and non-technical stakeholders. Practical application to well-known commercial AI systems makes it immediately usable by practitioners. The MIT AI Risk Repository is spotlighting it as one of eleven frameworks in its curated collection.
Implications for Australian agencies
- Consider Agencies developing AI risk assessment or pre-deployment documentation processes could compare this nine-category taxonomy against existing APS frameworks such as the Responsible AI framework and DTA guidance.
- Monitor Risk and governance teams may want to monitor whether this or similar pre-deployment disclosure proposals gain traction in international standards bodies or influence future Australian procurement requirements.
Implications are AI-generated. Starting points, not advice.
"AI Risk Profiles: A Standards Proposal for Pre-deployment AI Risk Disclosures" Source: MIT AI Risk Repository – Blog Published: 16 January 2025 URL: https://airisk.mit.edu/blog/ai-risk-profiles-a-standards-proposal-for-pre-deployment-ai-risk-disclosures Sherman and Eisenberg (2024) propose a standardised AI risk profiling framework built on nine high-level risk categories - covering abuse and misuse, compliance, fairness, privacy, security, performance, explainability, environmental impact, and long-term risks. The framework is designed to support procurement decisions, triage further risk assessment, and inform regulatory frameworks, and is positioned as a 'lingua franca' bridging technical and non-technical stakeholders. Practical application to well-known commercial AI systems makes it immediately usable by practitioners. The MIT AI Risk Repository is spotlighting it as one of eleven frameworks in its curated collection. Implications for Australian agencies: - [Consider] Agencies developing AI risk assessment or pre-deployment documentation processes could compare this nine-category taxonomy against existing APS frameworks such as the Responsible AI framework and DTA guidance. - [Monitor] Risk and governance teams may want to monitor whether this or similar pre-deployment disclosure proposals gain traction in international standards bodies or influence future Australian procurement requirements. Retrieved from SIMS, 18 May 2026.