01
Decision risk
The AI makes a call. A wrong call costs money, a customer, a relationship, or a regulatory finding. Sized by reversibility and blast radius.
Framework 01
Trust and Risk
AI risk is not a compliance checkbox. It is a portfolio of decisions about where the business absorbs uncertainty and where it does not.
The risk frame most teams use is wrong
Most AI risk conversations get stuck on hallucinations and bias. Those are real, but they are downstream symptoms. The CEO-level questions are where AI makes irreversible decisions, where a wrong answer can cost a customer, and where the business depends on the AI being right at scale.
The four risk surfaces
02
Data risk
The AI sees, stores, or transmits sensitive data. Sized by classification, retention, and who has access to model logs.
03
Action risk
The AI takes an action in the world: sends an email, places an order, updates a record. Sized by what is hardest to undo.
04
Reputation risk
The AI is customer-facing. A single bad output can become a screenshot. Sized by surface area and stakes.
The fastest way to misjudge AI risk is to evaluate the model in isolation. Risk lives where AI hands off to humans, systems, and customers.
How RSUA sizes risk before scoping
Before any AI project moves past Define, RSUA scores the proposed workflow on each surface. High scores do not kill projects. They change the architecture: more human gates, tighter confidence thresholds, smaller initial scope, and slower autonomy ramp.
Continue Reading
Framework 02