advanta

HomeModule LibraryGovernance

Module GOV-03 sigil: Governance pillar, Strategy layer, maturity bands 1 to 3.Deterministic sigil for Module GOV-03. The Pillar geometry encodes Governance (Pillar 4); the top-right marker S encodes the Strategy layer; the baseline meter encodes maturity bands 1 to 3.SGOV-03
P4· L-G· Bands OperationalIntegratedOptimisedDefensible

· GOV-03

AI Risk Register

The AI Risk Register is the canonical record of identified AI risks across the legal department's deployed and pipeline AI systems. The Module operationalises the AI Use Policy (GOV-02) and Defensible AI Governance Framework (GOV-01) into a live, classified, owned, and reviewed risk artefact. Each entry maps to Risk Taxonomy 2026 (nine canonical classes), carries a Likelihood × Impact score, named owner, mitigation status, and quarterly review cadence. The Register feeds the AI Incident Response Playbook (GOV-05) at escalation, the Defensibility Posture Statement quarterly governance section, and the Annual Legal AI OS Index. Methodology v2026.1.

strategic

·

Quarterly

·

Initial setup 4–6 weeks; 2–4 hours per quarterly review cycle

Methodology v2026.1·Verified 22 May 2026·Reviewed 22 May 2026

Executive Summary

This Module defines the AI Risk Register for legal departments adopting AI. It provides a structured, defensible way to identify, score, and mitigate AI-related risks across the nine-class Risk Taxonomy 2026, covering hallucination, privilege, bias, privacy, supply chain, shadow AI, regulatory drift, IP, and operational resilience. The Register is the primary operational instrument under the Defensible AI Governance Framework (GOV-01), working alongside the AI Use Policy (GOV-02) and AI Incident Response Playbook (GOV-05). It standardises likelihood and impact scoring, escalation thresholds, and Key Risk Indicators, and assigns clear ownership via the AI Risk Committee. The completed Register is a core evidence artefact for the Defensibility Posture Statement (DPS), demonstrating that AI risks are systematically catalogued, monitored, and remediated. Legal teams use this Module when onboarding AI vendors, conducting quarterly risk reviews, responding to regulatory inquiries, and updating DPS risk narratives after incidents.

Defensibility Evidence Produced

Completed AI Risk Register applying Risk Taxonomy 2026 (9 classes); risk score documentation for all AI systems in AI BoM; mitigation action tracking with owners and dates; KRI monitoring records; AI Risk Committee meeting minutes; escalation trigger documentation; regulatory compliance mapping per entry; DPS Risk section evidence package

Elements:

Decision traceabilityEvidence frameworkGovernance posture

GOV-03 — AI Risk Register

Purpose

The AI Risk Register is the operational risk management instrument for legal departments deploying AI. It provides a systematic framework for identifying, scoring, and mitigating AI-related risks organised around the canonical Risk Taxonomy 2026 — nine risk classes that define the legal AI risk landscape.

This Module operates within the Defensible AI Governance Framework (GOV-01), alongside the AI Use Policy (GOV-02) and AI Incident Response Playbook (GOV-05). The completed Risk Register is a primary evidence artefact for the Defensibility Posture Statement (DPS) Risk section.

When to use this Module

Use this Module when:

  • Establishing AI governance for the first time under GOV-01
  • Onboarding a new AI vendor or tool into the AI Bill of Materials (AI BoM)
  • Responding to a regulatory inquiry about AI risk management practices
  • Conducting the quarterly risk review mandated by GOV-01
  • Updating the DPS Risk section after a GOV-05 incident

Owner: AI Risk Committee (chair: General Counsel or Chief Risk Officer)

Duration: Initial setup 4–6 weeks; quarterly reviews ongoing

Operating cadence: Quarterly

Scope

This risk register covers all AI systems in the AI Bill of Materials (AI BoM) and all AI-related activities described in the AI Use Policy (GOV-02). It applies to:

  • All approved AI tools and platforms used by legal department personnel
  • Third-party AI-enabled services handling legal or client data
  • Agentic AI systems (autonomous multi-step task execution)
  • AI development or customisation work undertaken on behalf of clients

Section 1 — Risk scoring methodology

Likelihood scale (1–5)

| Score | Level | Definition |

|—|—|—|

| 1 | Very Low | Less than 5% probability within 12 months |

| 2 | Low | 5–20% probability within 12 months |

| 3 | Medium | 21–50% probability within 12 months |

| 4 | High | 51–80% probability within 12 months |

| 5 | Very High | Greater than 80% probability within 12 months |

Impact scale (1–5)

| Score | Level | Definition |

|—|—|—|

| 1 | Very Low | Minimal impact; manageable with existing resources |

| 2 | Low | Minor disruption; limited additional resources required |

| 3 | Medium | Moderate impact; significant management attention required |

| 4 | High | Major impact; significant client, operational, or regulatory consequence |

| 5 | Very High | Severe impact; threatens regulatory standing or client relationships |

Risk score = Likelihood x Impact

| Score | Level | Response |

|—|—|—|

| 1–4 | Low | Routine monitoring; quarterly review |

| 5–9 | Medium | Active monitoring; monthly review |

| 10–16 | High | Intensive monitoring; weekly review; AI Risk Committee approval required |

| 17–25 | Very High | Immediate action; executive escalation; board notification within 24 hours |

Section 2 — Risk Taxonomy 2026

The Risk Taxonomy 2026 defines nine canonical risk classes for AI use in legal practice. All risks in this register are tagged to one primary class. Risks that span multiple classes are tagged as cross-class.

Class 1 — Hallucination and accuracy

AI systems generate plausible but factually incorrect outputs — fabricated case citations, incorrect statutory interpretations, or erroneous contract terms. Affects all generative AI use in legal practice.

Legal exposure: Malpractice liability; court sanctions for filing documents with fabricated citations; client harm from incorrect advice.

Canonical controls: Human verification of all AI outputs before reliance; attorney sign-off before delivery to clients or courts; flagging of AI-generated content in review workflows.

Class 2 — Privilege and confidentiality

Client confidential information is inadvertently disclosed through AI tools — by uploading privileged documents to unapproved platforms, through vendor data handling practices, or through insecure integrations.

Legal exposure: ABA Rule 1.6 violations; privilege waiver; professional discipline; client malpractice claims.

Canonical controls: AI BoM restricts tools to those with compliant data processing agreements; Shadow AI controls per GOV-02 Section 3; quarterly vendor compliance certification.

Class 3 — Bias and fairness

AI systems exhibit systematic bias that produces discriminatory outcomes in case strategy recommendations, contract risk flagging, or personnel-related legal advice. Bias may originate in training data, model design, or deployment context.

Legal exposure: Civil rights liability; professional ethics violations; regulatory scrutiny under emerging AI fairness laws.

Canonical controls: Bias testing on AI BoM tools before deployment; periodic re-testing; documented bias remediation procedures maintained by the AI Task Force.

Class 4 — Privacy and data protection

AI systems process personal data in ways that violate applicable privacy law — including GDPR, CCPA, and state-level AI transparency statutes. May arise through AI training on client data, inadequate data minimisation, or cross-border data flows.

Legal exposure: GDPR Article 83 regulatory fines; state enforcement actions; client contractual liability.

Canonical controls: Data minimisation requirements in vendor contracts; geographic data routing controls; Data Protection Impact Assessments (DPIAs) for high-risk AI processing activities.

Class 5 — Supply chain and vendor dependency

AI vendors cease operations, change terms, or fail to maintain security and compliance standards. Single-vendor dependency creates continuity risk. Vendor model updates may alter output quality without notice.

Legal exposure: Business continuity failures during active matters; undetected accuracy degradation; contractual liability for service gaps.

Canonical controls: AI BoM vendor evaluation includes continuity assessment; diversified vendor strategy; vendor-change notification requirements in contracts; model versioning controls.

Class 6 — Shadow AI and policy circumvention

Legal personnel use AI tools not listed in the AI BoM, or use approved tools in ways that circumvent the AI Use Policy. Shadow AI is the most prevalent vector for Class 2 (privilege) and Class 4 (privacy) incidents.

Legal exposure: Privilege waiver; professional discipline; regulatory non-compliance; potential voiding of cyber insurance coverage.

Canonical controls: Network monitoring for unauthorised AI endpoints; annual attestation by all personnel; Shadow AI incident protocol under GOV-05; AI Use Policy enforcement per GOV-02 Section 3.

Class 7 — Regulatory compliance drift

The legal and regulatory landscape for AI use changes faster than internal AI governance. Obligations under the EU AI Act, ABA guidelines, state bar ethics opinions, and state AI transparency statutes may impose new requirements not reflected in current practice.

Legal exposure: Regulatory sanctions; professional discipline; reputational damage from publicised non-compliance.

Canonical controls: Quarterly regulatory scan included in AI Risk Committee agenda; GOV-01 annual review updated for regulatory changes; methodology version tracking (current: v2026.1).

Class 8 — IP and licensing exposure

AI tools trained on third-party materials may expose the firm or clients to intellectual property infringement claims. AI-generated work product may lack copyright protection. Vendor licensing terms may restrict commercial use of AI outputs.

Legal exposure: IP infringement liability; loss of copyright protection in AI-assisted work product; licensing breach and vendor disputes.

Canonical controls: IP terms reviewed in AI BoM vendor evaluation; disclosure to clients of AI-generated elements where copyright status is uncertain; periodic IP counsel review of AI tool output licensing.

Class 9 — Operational resilience

AI system failures, service outages, or degraded performance disrupt matter work and client service delivery. Agentic AI systems introduce additional risk of unexpected autonomous actions that create operational or legal consequences without human intervention.

Legal exposure: Missed deadlines; breach of service agreements; professional liability for failure to supervise agentic AI systems.

Canonical controls: AI system uptime SLAs in vendor contracts; business continuity procedures for AI system failures; agentic AI checkpoint controls per GOV-02 Section 3; incident classification under GOV-05.

Section 3 — Risk register format

Each risk entry in this register uses the following standard format:

  • Risk ID: [Format: YYYY-C#-###, e.g. 2026-C1-001]
  • Risk class: [Class 1–9 or cross-class per Risk Taxonomy 2026]
  • Risk title: Concise description (10 words or fewer)
  • Description: How the risk manifests in this organisation
  • Likelihood: 1–5
  • Impact: 1–5
  • Risk score: Likelihood x Impact

Operational Signals

gov-03.register-coverage

Defensibility Posture Statement

Proportion of AI BoM entries with current Risk Register entries — DE-3 Evidence framework record.

Quarterly

gov-03.risk-escalation-rate

Annual Legal AI OS Index

Rate of risks escalating to GOV-05 incident response feeds the Annual Legal AI OS Index governance signal.

monthly

gov-03.mitigation-closure

Console

Mitigation actions closed against open risks for Console intelligence substrate.

On change

Recommended Stakeholders

Owner

  • Risk & Compliance

Approvers

  • General Counsel
  • Risk & Compliance
  • CIO / CISO

Contributors

  • Head of Legal Operations
  • Engineering / IT
  • Procurement

Informed

  • Board
  • Audit Committee
  • AI Task Force

Inputs · Outputs

Inputs

  • · AI Bill of Materials (AI BoM) — inventory of all AI systems in use
  • · GOV-01 Governance Charter authorising the risk register
  • · GOV-02 AI Use Policy defining permitted and prohibited use
  • · Existing vendor contracts and data processing agreements
  • · Prior incident data from GOV-05 Incident Response Playbook
  • · Regulatory requirements (EU AI Act, ABA Model Rules, GDPR, state AI laws)

Outputs

  • · Completed AI Risk Register with scored entries across all 9 risk classes
  • · KRI monitoring dashboard for AI Risk Committee
  • · Escalation triggers and incident hand-off protocols to GOV-05
  • · Risk evidence contribution to Defensibility Posture Statement (DPS)
  • · Mitigation action plans with owners and target dates

Framework Crosswalk

NIST AI Risk Management Framework

NIST

GOV-03 operationalises NIST AI RMF risk identification, analysis, and monitoring functions for legal departments.

ISO/IEC 42001 AI Management System

ISO

Supports ISO 42001 requirements on AI risk assessment, controls, and continual improvement within a legal function.

EU AI Act Governance and Risk Requirements

European Union

Provides a structured register to evidence risk management, monitoring, and incident handling for AI systems in scope of the EU AI Act.

ABA Model Rules of Professional Conduct (incl. tech competence)

American Bar Association

Helps document how the legal department manages AI-related risks to confidentiality, competence, supervision, and fairness.

Operational Artefacts

  • AI Risk Register Template (aligned to Risk Taxonomy 2026)

    xlsx · v2026.1

    Gated
  • AI Risk Scoring and Escalation Playbook

    docx · v2026.1

    Gated
  • Quarterly AI Risk Committee Review Checklist

    checklist · v2026.1

Diagnostic Relevance

Running the AI Risk Register strengthens the Defensibility lens — expected Band progression: Operational → Integrated.

Confidence: high

Key Takeaways

  • Establish a single, standardised AI risk register across all legal AI systems.

  • Score risks consistently using defined likelihood, impact, and escalation thresholds.

  • Map every risk to the nine-class Risk Taxonomy 2026 for completeness.

  • Assign clear risk ownership via the AI Risk Committee and role table.

  • Track mitigation actions with owners, dates, and target residual risk scores.

  • Use KRIs and automatic triggers to drive timely escalation and review.

  • Provide DPS-grade evidence of AI risk management to regulators and clients.

Run this Module

Operational artefacts available to Practitioner Membership members. Methodology v2026.1.

View Membership

Targeting

Audience

GC / CLORisk & ComplianceLegal Operations

Strengthens

Defensibility lensAdoption lens

Module Details

Format
Module
Difficulty
Operational
Pillar
P4
Owner
Risk & Compliance
Access
Practitioner Membership
Certification
Practitioner

Maturity Bands

OperationalIntegratedOptimisedDefensible

Canonical Vocabulary

Terms this Module anchors

Risk Taxonomy 2026

The canonical nine-class AI risk classification system for legal functions, versioned at 2026.1. The nine classes are: (1) Hallucination, (2) Data leakage, (3) Model drift, (4) Vendor lock-in, (5) Regulatory non-compliance, (6) Professional conduct exposure, (7) Client confidentiality breach, (8) Shadow AI proliferation, and (9) Accountability dilution. Every AI use case in the legal function is assessed and registered against this taxonomy; every Risk Register entry maps to one of the nine classes. 'Risk framework', 'Risk model', and 'Risk register taxonomy' are forbidden synonyms.

Defensible AI

The practice of designing, deploying, and governing AI systems that withstand regulatory scrutiny, board challenge, and client examination. Defensible AI requires documented evidence of governance, not stated intent alone. Advanta operationalises defensibility for legal AI: it builds on and extends compliance- and responsible-AI approaches by making governance testable and audit-ready.

Risk Register

The operational artefact in which every AI-related entry in the legal function maps to one of the nine classes of the Risk Taxonomy 2026. Paired with the Evidence Register, the Risk Register constitutes the minimum governance posture for institutional AI use: the Taxonomy is the inventory, and the Risk Register is the function's working record of exposure against it.

Evidence Register

The catalogue maintained per AI system in use that records contemporaneous proof of governance: evaluation results, security attestations, data residency confirmations, model upgrade notices, and customer-impact assessments. The Evidence Register is updated on a quarterly cadence and on every material change, and is distinct from the Risk Register.

Where this Module lives

The Risk Register is the connective tissue between the governance framework (GOV-01) and live incident response (GOV-05). It produces DE-1 (Decision traceability) and DE-3 (Evidence framework) records that anchor the DPS quarterly governance section. Vendor evaluations (VEN-01) introduce new risk entries; Pilot Programs (USE-02) generate operational signals that test register completeness. Without this Module, the AI Task Force cannot demonstrate active risk discipline to Board or regulators.

Advisory

When this Module sits inside a Programme.

Modules are operated in-house by GC and Legal Operations teams. When the capability transformation is multi-Pillar — or when the regulator timeline tightens — Advanta operates the canonical Module sequence as a Programme.