Likelihood and magnitude of each identified impact based on expected use, past uses of AI systems in similar contexts, public incident reports, stakeholder feedback, or other data are identified and documented.
About
The likelihood of AI system impacts identified in Map 5.1 should be evaluated. Potential impacts should be documented and triaged.
Likelihood estimates may then be assessed and judged for go/no-go decisions about deploying an AI system. If an organization decides to proceed with deploying the system, the likelihood estimate can be used to assign oversight resources appropriate for the risk level.
Actions
Establish assessment scales for measuring AI system impact. Scales may be qualitative, such as red-amber-green (RAG), or may entail simulations or econometric approaches. Document and apply scales uniformly across the organization’s AI portfolio.
Apply impact assessments regularly at key stages in the AI lifecycle, connected to system impacts and frequency of system updates.
Assess system benefits and negative impacts in relation to trustworthy characteristics.
Transparency and Documentation
Organizations can document the following:
Which population(s) does the AI system impact?
What assessments has the entity conducted on data security and privacy impacts associated with the AI system?
Can the AI system be audited by independent third parties?
