Welcome To The SOAI Risk Tool

The AI Risk Intelligence Table — What It Is and How to Use It

Artificial intelligence is reshaping how organizations operate, make decisions, and deliver services. But with that power comes a new class of risks — and most organizations don't have a clear map of what those risks are, how serious they are, or what to do about them.

The AI Risk Intelligence Table changes that.

How to use it

Start by browsing the full table or use the category filters at the top to focus on the risk domain most relevant to your work. If you manage AI deployments, start with Agent and Security & Ops risks. If you're in compliance or legal, filter to Governance. If you're a data scientist or ML engineer, the Data and Model categories are your starting point.

Click any risk cell to open the intelligence panel. Each entry gives you:

• A likelihood and impact score so you can prioritize what deserves your attention first
• A risk score out of 25, calculated from those two dimensions
• Mitigation guidance — specific, actionable controls rather than vague recommendations
• Framework mappings showing exactly which NIST AI RMF subcategories, MITRE ATLAS techniques, and OWASP LLM Top 10 items apply
• Related risks that link to connected threats, helping you understand attack chains and cascading failures rather than treating each risk in isolation

Use the search bar to jump directly to a specific risk by name, code, or keyword.

Why it matters

AI failures rarely come from a single point of failure. Prompt Injection (IN) feeds Unintended Actions (UA), which creates a Rollback Gap (RG) that can't be safely reversed. Understanding those chains — not just individual risks — is what separates reactive incident response from proactive AI security.

This tool is grounded in the same three-pillar framework that drives all Security of AI™ content and advisory work: AI Governance, AI Security, and AI Assurance. It is designed to be useful whether you are conducting an AI risk assessment, building a control framework, preparing for a regulatory review, or simply trying to understand what responsible AI deployment looks like in practice.

This is a living reference. As frameworks evolve and new threat patterns emerge, the table will be updated to reflect the current threat landscape. Explore the table, bookmark it, and share it with your team. If you want to go deeper on any of these risks, the Security of AI™ YouTube channel and advisory resources are your next step.

** "Inspired by the AI risk management community. All framework mappings, scoring, and content are original works of Security of AI™ and AI-RMF LLC.®"