Search

AI Inherent Risk

AI Risk Feature Overview

The AI Risk feature in TrustArc's platform enables organizations to:

Automatically calculate AI inherent risk scores for business processes, systems, and third parties.
Trigger appropriate AI risk assessments based on identified risk levels. There are three out-of-the-box AI risk assessments available:
EU AI Risk Assessment
AI Risk Assessment
AI Use Questionnaire
Calculate residual risk scores after assessments are completed.
Export results in PDF or CSV format for audits, reporting, or compliance documentation.
AI Inherent Risk Calculation
AI inherent risk score banner graphic
AI inherent risk score panel in the Data Inventory record showing the Needs Review state and Review Score button
An AI inherent risk score is automatically assigned to each Data Inventory and Business Process record.
The score appears in muted colour with the label Needs Review until the user confirms or updates it.
To review the score, click Review Score in the Inherent Risk box. A pop-up opens where you can:
View the current score and risk indicators
Manually adjust the score if needed
Add notes or comments for context
Risk Factors
Risk factor fields banner graphic

System and business process record inherent risk is calculated using the following risk factor fields, together with the AI usage indicator field.

Processing purposes — including processing purposes related to AI and those not related to AI
Data elements
Data subjects
Volume of data subjects
Data volume
Screenshot showing the AI usage indicator and risk factor fields on a Data Inventory record
Score Matrix
AI inherent risk score matrix banner graphic
AI processing purposes selected & AI usage indicator: Yes
High AI Risk — 2 or more risk factors
Severity: High
Likelihood: Possible (can be adjusted by the reviewer)
Recommendation: Complete the EU AI Risk Assessment (EEA location)
Medium AI Risk — 1 risk factor
Severity: Medium-High
Likelihood: Possible (can be adjusted by the reviewer)
Recommendation: Complete the AI Risk Assessment
Low AI Risk — 0 risk factors
Severity: Low
Likelihood: Unlikely (can be adjusted by the reviewer)
Recommendation: Complete the AI Use Questionnaire
AI processing purposes selected & AI usage indicator: No
Low AI Risk — 2 or more, 1, or 0 risk factors
Severity: Low
Likelihood: Rare (can be adjusted by the reviewer)
Recommendation: No AI-related assessment is required.
📋 Note: Data processing risk is still assessed according to data processing rules, which may trigger a DPIA/PIA depending on the number of risk factors identified.
AI processing purposes selected & AI usage indicator: Unknown
High AI Risk — 2 or more risk factors
Severity: High
Likelihood: Possible (can be adjusted by the reviewer)
Recommendation: Complete the AI Use Questionnaire
Medium AI Risk — 1 risk factor
Severity: Medium-Low
Likelihood: Possible (can be adjusted by the reviewer)
Recommendation: Complete the AI Use Questionnaire
Low AI Risk — 0 risk factors
Severity: Low
Likelihood: Unlikely (can be adjusted by the reviewer)
Recommendation: Complete the AI Use Questionnaire
AI processing purposes selected & AI usage indicator: Not selected
Incomplete. A selection on the AI Use question is required to determine possible AI risk.
No AI processing purposes selected & AI usage indicator: Yes or Unknown
Medium AI Risk — 2 or more risk factors (AI use = Yes)
Severity: Medium-High
Likelihood: Possible (can be adjusted by the reviewer)
Recommendation: Complete the AI Risk Assessment
Medium AI Risk — 1 risk factor (AI use = Yes)
Severity: Medium
Likelihood: Unlikely (can be adjusted by the reviewer)
Recommendation: Complete the AI Use Questionnaire
Low AI Risk — 0 risk factors (AI use = Yes)
Severity: Low
Likelihood: Rare (can be adjusted by the reviewer)
Recommendation: Complete the AI Use Questionnaire
No AI processing purposes selected & AI usage indicator: No
No AI risk. No assessment is required.
No AI processing purposes selected & AI usage indicator: Not selected
No AI risk. No assessment is required.
TrustArc  ·  AI Risk Feature Overview  ·  support.trustarc.com