Risk Dashboard
The Risk Dashboard is the executive view of AI risk posture. It scores every agent across four dimensions, plots them on a likelihood × impact heatmap, tracks drift between what an agent was declared to do and what it actually does, and shows compliance coverage per regulatory framework.
Enterprise feature. Requires the Owner or AI Steward role. Open it from AI Governance → Risk Dashboard.
Summary cards
At the top, the dashboard summarizes your estate:
| Card | Meaning |
|---|---|
| High-Risk Agents | Agents at Critical or High risk level |
| Medium-Risk Agents | Agents that require monitoring |
| Low-Risk Agents | Well-governed agents |
| Active Drift Alerts | Unresolved policy / model / data drift |
| Compliance Coverage | Evidence coverage across all frameworks |
Risk levels
Each agent is assigned an overall risk level from the blend of its likelihood and business impact scores:
| Level | Color |
|---|---|
| Critical | Red |
| High | Orange |
| Medium | Yellow |
| Low | Green |
- Likelihood (0–100) weighs detections most heavily, then compliance violations, then error rate.
- Business impact (0–100) weighs sensitive-data exposure most heavily (PII/PHI, then PCI), then safety (jailbreak), ethics/bias, and operational errors.
The four risk dimensions
Select an agent to see its risk broken out across four dimensions (each scored 0–100, shown as a radar/diamond chart):
| Dimension | Captures |
|---|---|
| Compliance | Gaps against the EU AI Act, NIST AI RMF, and ISO 42001 |
| Security & Privacy | PII / PCI / PHI exposure and jailbreak risk |
| Model Risk | Bias, drift, ethics, and jailbreak signals |
| Operational | Latency-SLA violations and error rates |
The risk heatmap
Agents are plotted on a likelihood × impact grid, color-coded by risk level. The top-right (high likelihood, high impact) is where your most urgent agents sit. Click any agent on the heatmap to open its detail panel with the dimension chart, compliance status per framework, and drift history.
Drift alerts
Drift is a gap between an agent's declared governance profile and its observed runtime behavior. The dashboard tracks five drift types:
| Drift type | Triggered when… |
|---|---|
| Control Drift | A stated security control is disabled at runtime |
| Scope Drift | The agent operates outside its documented use cases |
| Data Drift | An unexpected data source or handling deviation appears |
| Risk Drift | The actual risk profile differs from the declared classification |
| Performance/Safety Drift | Latency, error, or accuracy exceeds documented thresholds |
Each alert carries a severity, the declared vs. observed values, the framework(s) it impacts, an SLA deadline, and an owner. From an alert you can escalate (Slack / Jira), assign an owner, and mark it resolved. The full list lives in Compliance → Drift Alerts.
Framework coverage
The dashboard shows compliance coverage per framework — EU AI Act, NIST AI RMF, ISO 42001 — as a percentage of completed controls, with the gaps that remain. Filter the whole dashboard to a single framework, or view All Frameworks. Detail lives in Compliance → Framework Coverage.
Filters
- Framework — All / EU AI Act / NIST AI RMF / ISO 42001
- Time range — last 24 hours / 2 days / 3 days / 7 days
Typical workflow
Read the posture
Start with the summary cards and the heatmap. Anything in the top-right quadrant is high-likelihood, high-impact — your priority list.
Diagnose an agent
Click an agent to see which of the four dimensions is driving its risk, its per-framework compliance status, and its drift history.
Remediate drift
Open the relevant drift alert, assign an owner, escalate if needed, and close it once the gap is fixed.
Next steps
- Compliance → Drift Alerts — work the drift queue.
- Compliance → Framework Coverage — close control gaps.
- AI Command Center — the operational counterpart to this risk view.