Protego Security Resource
AI Security Risk Assessment Template
Evaluate LLM and AI system risks with this structured assessment
How to Use This Template
For each AI system or LLM deployment, work through all 6 risk domains. Rate each item as Low / Medium / High / Critical. Items rated High or Critical need a documented mitigation plan before production deployment. Review quarterly or when the model, data sources, or integration points change.
System Under Assessment
1. Data Security
Training data contains PII, credentials, or regulated data (HIPAA, PCI, GDPR)
What data was used for training or fine-tuning? Has it been classified?
Sensitive data leaks through model outputs (memorization, prompt extraction)
Are output filters in place to detect and block PII/credential exposure?
User prompts stored without retention policy or access controls
Where are prompts logged? Who has access? What is the retention period?
RAG knowledge base contains data above the user's clearance level
Does the retrieval layer enforce per-user access controls on source documents?
2. Prompt Security
Prompt injection: user input manipulates system instructions
Is there input validation and system/user prompt separation?
Indirect prompt injection via retrieved documents or external data
Are external data sources sanitized before injection into the context window?
Jailbreaking: users bypass safety guardrails through adversarial prompts
Is there a prompt firewall or classifier screening inputs before the model?
System prompt leakage exposes internal instructions or business logic
Can users extract the system prompt through conversational tricks?
3. Model and Supply Chain
Model provenance unknown: no verification of model integrity
Is the model from a trusted source? Is there a hash/signature to verify integrity?
Dependency on a single AI provider with no fallback
What happens if the provider has an outage or changes terms/pricing?
Model updates change behavior without notice (breaking downstream apps)
Are model versions pinned? Is there a testing pipeline for model updates?
Fine-tuned models inherit vulnerabilities from base model or training data
Has the fine-tuning process been reviewed for data poisoning risks?
4. Access Control and Authentication
API keys for AI services stored insecurely or over-permissioned
Are API keys rotated regularly? Are they scoped to minimum required permissions?
No rate limiting on AI endpoints (cost explosion, abuse)
Are per-user and per-endpoint rate limits enforced? Are cost alerts configured?
AI agents can take actions (tool use) without human approval for high-risk operations
Is there a human-in-the-loop for destructive actions (delete, send, purchase)?
Shared AI accounts with no per-user audit trail
Can each user's interactions be attributed to their identity for audit purposes?
5. Output Safety and Reliability
Hallucinated outputs presented as facts in customer-facing applications
Are outputs grounded in retrieved sources? Is there a confidence threshold?
AI-generated content published without human review
Is there a review workflow before AI content is published externally?
Model outputs used for decisions without bias testing (hiring, lending, moderation)
Has the model been tested for demographic bias in its outputs?
No monitoring for model degradation or drift over time
Are output quality metrics tracked? Is there an alerting threshold?
6. Compliance and Governance
No AI use policy defining approved models, use cases, and prohibited uses
Does the organization have an AI acceptable use policy? Is it enforced technically?
Cross-border data transfer violations (EU data processed by US-hosted models)
Where is data processed? Are data residency requirements met?
No incident response plan specific to AI failures (hallucination incident, data leak)
Is there a documented runbook for AI-specific incidents?
Regulatory requirements (EU AI Act, NIST AI RMF) not mapped to controls
Which AI regulations apply? Are required controls documented and implemented?
Assessment Summary
Critical
High
Medium
Low
protego.me | AI Security Risk Assessment Template