Risk Register
:::info Source
Sourced from services/ai-gateway-service/SERVICE_RISK_REGISTER.md in the documentation repo.
:::
| ID | Risk | Sev | Impact | Mitigation | Owner |
|---|---|---|---|---|---|
| R-AI-01 | AI hallucination at learner surface | S1 | Wrong answers; regulatory exposure | RAG over context; refusal UX; quarterly accuracy eval; red-team corpus | AI Services + Delivery |
| R-AI-02 | AI cost runaway | S1 | Financial hit | Per-tenant budgets + soft-degrade + hard-stop + alerts | AI Services + Finance |
| R-AI-03 | PII exfil to provider | S1 | Privacy breach | Pre-call redaction; noTrain verified | AI + Security |
| R-AI-04 | Prompt injection hijacks AI output | S1 | Hijacked responses | Classifier + heuristic + system prompt isolation | AI + Security |
| R-AI-05 | Cross-tenant embeddings | S1 | Semantic leak | Partitioned vector index; mandatory tenant filter | AI |
| R-AI-06 | Bias in high-risk AI (grading, at-risk) | S1 | EU AI Act non-compliance | Quarterly bias eval; HITL; dispute | AI + Compliance |
| R-AI-07 | Prompt version rollout breaks consumers | S2 | Downstream failures | Regression eval; canary rollout; rollback path | AI + consumers |
| R-AI-08 | Budget bypass | S1 | Uncontrolled spend | Atomic debit; idempotent; reconciliation | AI |
| R-AI-09 | Provider API key leak | S1 | Abuse + cost | KMS + rotation; CI grep; alerts | AI + Security |
| R-AI-10 | Over-eager AI defaults reduce trust | S2 | Churn | Default OFF per-feature; opt-in; transparent provenance | AI + Product |
| R-AI-11 | Cache leak across tenants | S1 | Data leak | Cache key includes tenantId; isolation test | AI |
| R-AI-12 | Model deprecation without migration | S2 | Consumer breakage | Pin model; deprecation notice ≥ 1 milestone; fallback | AI |
| R-AI-13 | CSAM generation | S1 | Legal | Post-gen moderation; block + report; NCMEC | AI + Legal |
| R-AI-14 | HIPAA provider allowlist bypass | S1 | BAA breach | Tenant-tagged routing; CI gate; audit export | AI + Compliance |
| R-AI-15 | Prompt eval corpus stale | S2 | Regressions slip through | Monthly corpus review; adversarial additions | AI |
| R-AI-16 | Audit log tamper | S1 | Compliance breach | Append-only + Merkle anchor; detection job | AI + Security |
| R-AI-17 | Local model vulnerability | S2 | RCE via malicious input | Sandboxed inference; regular model updates | AI + Security |
| R-AI-18 | Refusal rate too high (false blocks) | S3 | UX friction | Admin review queue; threshold tuning | AI + Product |
| R-AI-19 | Latency degradation cascade | S2 | Tutor UX bad | Circuit breaker + fallback + local | AI + SRE |
| R-AI-20 | On-device model bias differs from cloud | S3 | Unequal UX | Parity eval local vs cloud | AI + Compliance |
Governance
- Weekly: AI + Security + Compliance review top S1/S2 items.
- Monthly: prompt eval corpus updates.
- Quarterly: bias scorecard reviewed by compliance board.
- Annual: EU AI Act compliance audit.