https://taxonomy.eticas.ai/risk/governance
Maturity: established
The risk that an AI system lacks adequate structures, policies, or accountability mechanisms to oversee its design, deployment, and use. Weak governance can lead to unclear responsibilities, poor documentation, limited auditability, and failure to align with legal, ethical, or organizational standards.
Also known as: Accountability · Governance & Accountability
System type: ADM and LLM systems
Lifecycle stages: Pre Processing, In Processing, Post Processing
| Framework | Reference |
|---|---|
| ISO/IEC 42001:2023 — AI Management System | A.2 Policies + A.3 Internal organization |
| EU AI Act (Regulation 2024/1689) | Article 17 — Quality management system + Article 9 — Risk management |
| AIUC-1 — AI Underwriting Company Standard | Accountability domain |
| Council of Europe Framework Convention on AI (CETS No. 225) | Article 8 — Accountability and responsibility |
| NIST AI 600-1 — Generative AI Risk Profile | Value Chain & Component Integration |
| NIST AI Risk Management Framework (AI 100-1) | Accountable & Transparent |
| OECD AI Principles | Accountability |
| NIST AI Risk Management Framework (AI 100-1) | GOVERN function (entire) |
| Framework | Reference |
|---|---|
| MIT AI Risk Repository | Governance failure |
| W3C Data Privacy Vocabulary — AI Extension | dpv:OrganisationalMeasure (DPV core) |
| IBM AI Risk Atlas | Non-technical → Governance dimension |