Cyber Intelligence
using your browser's print dialog (Ctrl+P / Cmd+P)

Protego Security Resource

AI Security Risk Assessment Template

Evaluate LLM and AI system risks with this structured assessment

How to Use This Template

For each AI system or LLM deployment, work through all 6 risk domains. Rate each item as Low / Medium / High / Critical. Items rated High or Critical need a documented mitigation plan before production deployment. Review quarterly or when the model, data sources, or integration points change.

System Under Assessment

1. Data Security

Training data contains PII, credentials, or regulated data (HIPAA, PCI, GDPR)

What data was used for training or fine-tuning? Has it been classified?

Rating:

Sensitive data leaks through model outputs (memorization, prompt extraction)

Are output filters in place to detect and block PII/credential exposure?

Rating:

User prompts stored without retention policy or access controls

Where are prompts logged? Who has access? What is the retention period?

Rating:

RAG knowledge base contains data above the user's clearance level

Does the retrieval layer enforce per-user access controls on source documents?

Rating:

2. Prompt Security

Prompt injection: user input manipulates system instructions

Is there input validation and system/user prompt separation?

Rating:

Indirect prompt injection via retrieved documents or external data

Are external data sources sanitized before injection into the context window?

Rating:

Jailbreaking: users bypass safety guardrails through adversarial prompts

Is there a prompt firewall or classifier screening inputs before the model?

Rating:

System prompt leakage exposes internal instructions or business logic

Can users extract the system prompt through conversational tricks?

Rating:

3. Model and Supply Chain

Model provenance unknown: no verification of model integrity

Is the model from a trusted source? Is there a hash/signature to verify integrity?

Rating:

Dependency on a single AI provider with no fallback

What happens if the provider has an outage or changes terms/pricing?

Rating:

Model updates change behavior without notice (breaking downstream apps)

Are model versions pinned? Is there a testing pipeline for model updates?

Rating:

Fine-tuned models inherit vulnerabilities from base model or training data

Has the fine-tuning process been reviewed for data poisoning risks?

Rating:

4. Access Control and Authentication

API keys for AI services stored insecurely or over-permissioned

Are API keys rotated regularly? Are they scoped to minimum required permissions?

Rating:

No rate limiting on AI endpoints (cost explosion, abuse)

Are per-user and per-endpoint rate limits enforced? Are cost alerts configured?

Rating:

AI agents can take actions (tool use) without human approval for high-risk operations

Is there a human-in-the-loop for destructive actions (delete, send, purchase)?

Rating:

Shared AI accounts with no per-user audit trail

Can each user's interactions be attributed to their identity for audit purposes?

Rating:

5. Output Safety and Reliability

Hallucinated outputs presented as facts in customer-facing applications

Are outputs grounded in retrieved sources? Is there a confidence threshold?

Rating:

AI-generated content published without human review

Is there a review workflow before AI content is published externally?

Rating:

Model outputs used for decisions without bias testing (hiring, lending, moderation)

Has the model been tested for demographic bias in its outputs?

Rating:

No monitoring for model degradation or drift over time

Are output quality metrics tracked? Is there an alerting threshold?

Rating:

6. Compliance and Governance

No AI use policy defining approved models, use cases, and prohibited uses

Does the organization have an AI acceptable use policy? Is it enforced technically?

Rating:

Cross-border data transfer violations (EU data processed by US-hosted models)

Where is data processed? Are data residency requirements met?

Rating:

No incident response plan specific to AI failures (hallucination incident, data leak)

Is there a documented runbook for AI-specific incidents?

Rating:

Regulatory requirements (EU AI Act, NIST AI RMF) not mapped to controls

Which AI regulations apply? Are required controls documented and implemented?

Rating:

Assessment Summary

Critical

High

Medium

Low

protego.me | AI Security Risk Assessment Template