Appendix C | Risk Framework Comparisons
In the 2024 AI Assurance Technology Market Report, we present an original framework to categorise and describe risks resulting from the development and deployment of AI.
That framework was developed with the purposes of the report in mind, but it was not cherry-picked to only correspond to existing AI Assurance Technology solutions; instead, it seeks to give a comprehensive overview of known and expected AI-related risks.
In order to validate the coverage and sensibility of our framework, we consulted the existing literature and compared risk categorisations from diverse sources with the categories we produced.
We relied on some of these sources in developing the framework and added others to the comparison afterwards. Table 1 gives an overview of the frameworks we encountered in the literature.
Table 2 compares a few selected frameworks with our framework, finding that our categorisation is able to capture the risks identified by other authors. Given the large volume of AI-related risk analyses and discussions published in recent years, we cannot claim that our overview below is completely exhaustive.
However, we would argue that its coverage of a decent sample of prominent AI risk frameworks is a decent basis for validating and cross-checking the comprehensiveness of our framework.
Table 1: Comparison of a few prominent AI Risk Frameworks
| Source | Categories | Main dimension for categorisation | Time period | Type of AI | Focus Area(s) |
|---|---|---|---|---|---|
| Our framework (2024) | Misuse of AI system - Physical harm - Digital harm - Informational harm Internal technical failure of AI system - Misalignment - Unreliability Vulnerability of AI system to exogenous interference - Natural hazard or accident - Adversarial attack (Socioeconomic disruption) (Drivers of risk and vulnerability) | Pathways to harm or loss | Now and prospective | All / Undefined | Comprehensive, with a bias towards business or economic risk |
| U.S. NIST (2023) | Valid and reliable Safe Secure and resilient Accountable and transparent Explainable and interpretable Privacy enhanced Fair with their harmful biases managed | AI characteristics to prevent harm | Now and prospective (with adaptations) | All / Undefined | Comprehensive (harms affecting “individuals, groups, organisations, communities, society, the environment, and the planet”) |
| UNSG (2023) | Individuals Groups Society Economy (Eco)systems Values and norms Technical limitations Inappropriate use Human-machine interaction Catastrophic risks | Primary: Targets of harm Secondary, for illustration: Pathways to harm and Severity of harm (inconsistent) | Now and prospective | All / Undefined | Comprehensive |
| EU AI Act (2024) | Unacceptable risk High risk (Systemic risk) Moderate risk No risk x | Severity | Now (current systems and areas of application are categorised) | All / Undefined | Comprehensive |
| Fjeld et al. (2020) | Privacy Accountability Safety and security Transparency and explainability Fairness and non-discrimination Human control of technology Professional responsibility Promotion of human values | AI characteristics to prevent harm | Now and prospective (with adaptations) | All / Undefined | Comprehensive (synthesis of AI principles documents released by governments as well as international, multi-stakeholder, civil society, and corporate actors) |
| Wirtz et al. (2022) | Technological, data, and analytical Informational and communicational Economic Social Ethical Legal and regulatory | Sector of harm | Now and prospective | All / Undefined | Comprehensive (systematic review and synthesis of academic AI risk frameworks) |
| Hendrycks (n.d.) | Malicious use AI Race Organizational Risks Rogue AIs | Pathways to harm? | Mainly prospective | Advanced ML-based AI | Catastrophic risks |
| Maham & Küspert (2023) | Unreliability Risks - Discrimination and Stereotype –Reproduction - Misinformation and Privacy –Violations - Accidents Misuse Risks - Cyber Crime - Biosecurity Threats - Politically Motivated Misuse Systemic Risks - Economic Power Centralisation and Inequality - Ideological Homogenization from Value Embedding - Disruptions from Outpaced Societal Adaptation | Pathways to harm? Relevance of specific hazards (for selection of subcategories) | Now and prospective | General-purpose AI | Comprehensive (?) Focus on societal risks (?) |
| Shelby et al. (2023) | Representational harms - Stereotyping social groups - Demeaning social groups - Erasing social groups - Alienating social groups - Denying people opportunity to self-identify - Reifying essentialist social categories Allocative harms - Opportunity loss - Economic loss Quality of service harms - Alienation - Increased labor - Service/benefit loss Interpersonal harms - Loss of agency - Tech-facilitated violence - Diminished health and well-being - Privacy violations Social system harms - Information harms - Cultural harms - Political and civic harms - Socio-economic harms - Environmental harms | Type of harm | Now | Algorithmic systems | Sociotechnical harms Focus on harms that arise directly from the interaction of humans with algorithmic systems |
| Miles et al. 2018 | Digital Security Physical Security Political Security | Sector of harm | Now and prospective | ML-based AI with (current or near-future capabilities) | Misuse risks |
| Katzman et al. 2023 | Reifying social groups Demeaning social groups Erasing social groups Stereotyping social groups Denying people the ability to self-identify | Types of harm | Now and prospective (?) | Imagine-tagging systems | Representational harms (bias, discrimination, etc) |
| Weidinger et al. 2022 | Discrimination, Hate speech and Exclusion Information Hazards Misinformation Harms Malicious Uses Human-Computer Interaction Harms Environmental and Socioeconomic harms | Pathways to harm | Now and prospective | Large Language Models | Ethical and social risks |
| Bommasani 2022 | Inequity and fairness Misuse Environment Legality Economics Ethics of scale | Sectors of harm/impact | Now and prospective | Foundation models | Societal impact (comprehensive) |
| Slaughter et al. 2021 | Design flaws - faulty inputs - faulty conclusions - failure to adequately test Systemic effects - by facilitating proxy discrimination - by enabling surveillance capitalism - by inhibiting competition in markets | Causes of harm | Now | Algorithmic decision-making in high-stakes spheres | Economic justice; focused on harms that can be addressed by FTC regulators |
| Smuha 2021 | Individual harm Collective harm Societal harm - Equality - Democracy - Rule of law | Targets of harm | Now and prospective | All / Undefined | Comprehensive, but analysis focuses on societal harms |
| Shevlane et al. 2023 (pdf) | Misuse Misalignment They also list a number of distinct risky capabilities, and give examples of risks resulting from each of those capabilities | Pathways to harm | Prospective | Frontier AI models | Focus on Extreme risks |
Table 2: Mapping existing AI Risk Frameworks to the framework developed for this report
| Categories in our framework | Hendrycks (n.d.) | Maham & Küspert (2023) | UNSG (2023) | U.S. NIST (2023) | Shelby et al. (2023) | Wirtz et al. (2022) |
|---|---|---|---|---|---|---|
| Misuse–Physical Harm | Malicious use | Misuse Risks–Biosecurity Threats | Inappropriate use (not explicitly discussed) Catastrophic risks (LAWS) | Secure and resilient Explainable and interpretable (requirement for mitigating this risk (??)) | Interpersonal harms–Diminished health and well-being (not mentioned explicitly) | Technological, data, and analytical Ethical (LAWS) |
| Misuse–Cyber Harm | Malicious use | Misuse Risks–Cyber Crime Misuse Risks–Politically Motivated Misuse | Inappropriate use (not explicitly discussed) | Secure and resilient Explainable and interpretable (requirement for mitigating this risk (??)) | Interpersonal harms–Tech-facilitated violence Interpersonal harms–Privacy violations Social system harms–Political and civic harms (surveillance) | Technological, data, and analytical Social (surveillance, privacy) Ethical (unethical use of data) |
| Misuse–Informational Harm | Malicious use | Misuse Risks–Politically Motivated Misuse | Inappropriate use (explicitly discussed) Catastrophic risks (mass surveillance) | Secure and resilient Accountable and transparent Explainable and interpretable (requirement for mitigating this risk (??)) | Interpersonal harms–Loss of agency (?) Interpersonal harms–Tech-facilitated violence Interpersonal harms–Diminished health and well-being Social system harms–Information harms Social system harms–Political and civic harms (propaganda, manipulation) | Technological, data, and analytical Informational and communicational |
| Internal technical Failure–Unreliability | Organizational Risks Rogue AIs | Unreliability Risks–Discrimination and Stereotype Reproduction Unreliability Risks–Misinformation and Privacy Violations Unreliability Risks–Accidents | Technical limitations | Valid and reliable Safe Accountable and transparent Explainable and interpretable (requirement for mitigating this risk (?)) Privacy enhanced (prevent accidental data leak) Fair with their harmful biases managed (prevent unfair outcomes due to imbalanced or insufficient data) | Representational harms (all subcategories) Allocative harms (all subcategories) Quality of service harms (all subcategories) Interpersonal harms–Diminished health and well-being Interpersonal harms–Privacy violations Social system harms–Information harms (unintended hallucinations) Social system harms–Cultural harms (bias against non-majority cultures) Social system harms–Socio-economic harms (financial crash due to unreliability in AI-powered financial traders) | Technological, data, and analytical Social (discrimination) Ethical (discrimination, harmful accidents) |
| Internal technical Failure–Misalignment | Rogue AIs | Unreliability Risks–Accidents Systemic Risks–Ideological Homogenization from Value Embedding Systemic Risks–Disruptions from Outpaced Societal Adaptation | Catastrophic risks (uncontrollable AI) | Safe Accountable and transparent Explainable and interpretable (requirement for mitigating this risk (?)) Fair with their harmful biases managed (prevent unfair outcomes due to misspecified reward functions) | Interpersonal harms–Loss of agency Interpersonal harms–Diminished health and well-being Social system harms–Information harms (unintended homogenization of the information environment as a side-result of algorithms pursuing some other goal) Social system harms–Cultural harms (unintended marginalisation of some cultures as a side-result of algorithms pursuing some other goal) | Technological, data, and analytical Informational and communicational (filter bubbles as an unintentioned side-effect of misaligned recommender algorithms) Ethical (omitted values; difficulty of encoding human values) |
| Vulnerability to exogenous interference–Accident | N/A | N/A | N/A | Secure and resilient | N/A | N/A |
| Vulnerability to exogenous interference–Attack | N/A | Unreliability Risks–Accidents Unreliability Risks–Misinformation and Privacy Violations | N/A | Secure and resilient Privacy enhanced (prevent data theft) | N/A | Technological, data, and analytical Social (privacy) |
| (Socioeconomic disruption) | Malicious use AI Race | Systemic Risks–Economic Power Centralisation and Inequality Systemic Risks–Disruptions from Outpaced Societal Adaptation | Human-machine interaction | Privacy enhanced (prevent excessive data collection by AI developers) Fair with their harmful biases managed (prevent unfair disparities in access to AI services) | Interpersonal harms–Loss of agency (??) Interpersonal harms–Privacy violations (excessive data collection by AI developers) Social system harms–Socio-economic harms Social system harms–Environmental harms | Economic (e.g., inequality) Social (e.g., unemployment) Ethical (meaning crisis) Legal and regulatory (copyright issues) |
| (Drivers of risk) | AI Race Organizational Risks | Systemic Risks–Disruptions from Outpaced Societal Adaptation Mentioned throughout | Human-machine interaction | Accountable and transparent Explainable and interpretable Fair with their harmful biases managed (prevent unfair outcomes due to how humans interact with AI-generated information) | Representational harms (those harms are made worse because of automation bias and system opacity) | Technological, data, and analytical (opacity, oversight) Social (human-machine interaction, opacity and lack of public understanding) Ethical (difficulty of encoding human values) Legal and regulatory (accountability, unpredictability, opacity) |
| No match | N/A | N/A | N/A | N/A | N/A | N/A |
| Note | Categories serve mostly illustrative purposes; the authors’ primary approach to categorisation separates hazards by target / vulnerability (individuals, groups, society, economy, (eco)system, norms and values) | Categories describe characteristics to ensure trustworthy AI; we matched them with hazard categories by asking which type of hazard each characteristic is aiming to address. | Categories are broad, encompassing several risks, hence the many-to-many matching. |