AI Risk Registry

Live platform · interactive sandbox.You’re exploring as a guest — every module is visible. Use View as to see the platform tailored to a Chief AI Officer, RISC data scientist, OIG auditor, or leadership. All data is synthetic.

Deliverable 4e · Risk Assessment & Mitigation

AI Risk Registry

Every identified risk, mapped to its NIST AI RMF function and (where applicable) the NIST Generative-AI Profile category — with likelihood, impact, inherent vs. residual rating, mitigations, owner, and an audit-ready evidence log.

Residual risk distribution

7
Low
5
Moderate
0
High
0
Critical

Residual ratings reflect risk after mitigation. 0 critical and 0 high residual risks remain under active treatment.

Inherent risk heatmap

Low
Medium
High
2
4
1
1
1
3
Low
Medium
High
Likelihood →
12 risks

Contractor risk scores may embed disparate impact against small, minority-owned, or woman-owned businesses if invoice-frequency and relationship-graph features correlate with firm size or ownership demographics rather than genuine fraud indicators. This could lead to disproportionate investigative burden on disadvantaged business enterprises.

Mitigations

  • Quarterly disparate-impact audit stratified by SBA business-size designation and 8(a)/WOSB/SDVOSB status
  • Remove or orthogonalize features with Cramér's V > 0.15 correlation to demographic proxies
  • Mandatory analyst review for all scores ≥ 72 before referral issuance
  • Annual third-party algorithmic fairness assessment by OIG's independent evaluation contractor
Likelihood × ImpactMedium × High
OwnerDeputy Special Agent in Charge, Contract Fraud Division
StatusMitigating
Evidence logEVID-001
Last updated2026-03-10