DMS AI Governance Assessment

⏱ Estimated time: 15–20 minutes total

Section 1 of 10

Organizational Profile

Provide foundational information about your organization to contextualize the AI risk assessment.

GOVERN · MAP · MEASURE · MANAGE

How does your organization primarily use AI? *

Your selection tailors subsequent questions to your organization's AI context. Questions pertaining to model training will only appear where applicable.

Select the option that best describes your organization's relationship with AI systems.

Commercial AI Tools Third-party tools used as-is (ChatGPT, Microsoft Copilot, Google Gemini, and similar) Vendor-Deployed AI System A vendor-built AI product configured or integrated into your operations Proprietary AI Development Internally trained, fine-tuned, or developed AI models and systems Multiple AI Approaches A combination of the above applies to your organization

1.1 Organization Information GOVERN 1.1

Legal Organization Name *

Industry / Sector *

Organization Size (Headcount) *

Annual Revenue Range (Optional)

Primary Operating Jurisdiction(s)

Does the organization operate in regulated industries?

Yes No

Which regulations apply? (select all that apply)

HIPAA GLBA FERPA FFIEC FedRAMP Other

Please specify the regulation(s):

Does the organization have an existing enterprise risk management (ERM) program?

Yes Partial No

Cybersecurity policy framework in place?

Yes — NIST CSF Yes — ISO 27001 Yes — Other No

1.2 Primary Contact Internal

Contact Name

Title / Role

Email Address

Phone (Optional)

Section 2 of 10

AI System Inventory & Classification

Identify and classify the AI system being assessed. Complete one assessment per AI system, or provide consolidated answers for an organization-wide assessment.

MAP 1 — Context & Use Classification

2.1 AI System Identification MAP 1.1

AI System Name / Product Name *

Deployment Status *

Brief System Description *

3–5 sentences describing what the system does, its inputs, outputs, and primary function.

System Type (select all that apply)

Classifier

Assigns inputs to predefined categories. Examples: spam detection, content moderation, loan approval scoring, document routing. Generative Model

Produces new content — text, images, code, or audio. Examples: ChatGPT, Claude, Microsoft Copilot, DALL-E, GitHub Copilot. Recommender System

Suggests items or content based on user behavior or preferences. Examples: product recommendations, job matching, content feeds, next-best-action tools. Predictive Analytics

Forecasts future outcomes from historical data. Examples: demand forecasting, customer churn prediction, credit scoring, fraud risk scoring. Natural Language Processing

Understands, generates, or transforms human language. Examples: text summarization, translation, intent recognition, contract analysis, sentiment analysis. Computer Vision

Interprets visual input — images or video. Examples: document scanning and OCR, defect detection, facial recognition, video surveillance analytics. Autonomous Decision System

Makes and executes decisions without human review in the loop. Examples: algorithmic trading, real-time fraud blocking, automated insurance underwriting. Robotic Process Automation

Automates rule-based, repetitive tasks by mimicking human actions in software. Examples: data entry, invoice processing, report generation, system-to-system data transfer. Other

Development Source *

Date of Initial Deployment

Vendor Name

Product Name

Version

Has this system undergone a prior risk assessment?

Yes In Progress No

2.2 Purpose and Use Context MAP 1.1, 1.3, 1.4

Stated Business Purpose *

Decisions Supported or Automated

Intended Beneficial Outcomes

Decision-Making Role *

Identifies the degree of human oversight in the system's decision process. This classification directly informs your NIST AI RMF risk tier.

Fully autonomousNo human in the loop; system makes final decisions

Recommends to human decision-makerSystem output is advisory; human reviews and decides

Human makes final decision (AI provides input)Strong human oversight; AI is one input among many

Mixed or context-dependentRole varies by use case or deployment context

Does this system interact directly with end users or customers?

Yes No

Describe the end user population:

Does this system process or output information that directly affects individuals' rights, benefits, opportunities, or access to services?

Yes No Uncertain

Deployment Contexts / Environments

Describe the operational settings where this system is active. Include relevant workflow context, whether deployment is internal or customer-facing, and any integration points with other systems.

2.3 AI Lifecycle Responsibility GOVERN 1.4

Which lifecycle stages is the organization responsible for? (select all that apply)

Plan & Design Data Collection & Processing Model Build & Use Verify & Validate Deploy & Use Operate & Monitor

For third-party systems: which stages does the vendor control vs. the organization?

Section 3 of 10

Data Governance

Document the data inputs, training data characteristics, and quality controls for this AI system.

MAP 2 — Data Context & Risk

3.1 Training & Input Data MAP 1.1, 2.3, GOVERN 6.1

Your AI vendor controls model training. Respond to the questions below based on the data your organization provides as input. Where vendor-managed items are not applicable to your operations, select Not applicable / managed by vendor.

What types of data does this system use or process? (select all that apply)

Select all categories that apply to data this system processes. For commercial AI tools, consider the data categories you supply as input or prompts. For proprietary systems, include training and operational data.

Personally Identifiable Information (PII) Protected Health Information (PHI) Financial Records Behavioral / Usage Data Biometric Data Location Data Internal Business Communications (emails, messages, memos, documents) Public / Open Datasets Proprietary / Internal Business Data Third-party Licensed Data Other

Do user inputs to this system typically contain personally identifiable information — such as employee names, email addresses, client names, or contact details?

Even if PII is not the intended input, it may appear incidentally in emails, documents, or messages passed to the system as prompts. This answer directly affects your privacy policy and data handling requirements.

Yes No Sometimes / Depends on use Unknown

Does the data used include information about individuals from protected groups (race, sex, age, religion, national origin, disability)?

Protected classes are demographic attributes legally shielded from discriminatory treatment, including race, sex, age, national origin, religion, and disability status. Select "Not applicable" if you do not control the training data.

Yes No Unknown Not applicable / managed by vendor

Is the training dataset documented with a data card or model card?

A data card or model card is a standardized document describing a dataset's or model's intended use, known limitations, and provenance. Vendors of commercial AI systems often publish these as part of their documentation.

Yes Partial No Not applicable / managed by vendor

Training data refresh frequency

Is data sourced from third parties?

Yes Mixed No

Are data use agreements and licenses in place for third-party data?

Yes Partial No

Are there known gaps in data representativeness (e.g., underrepresentation of demographic groups)?

Yes No Unknown

Is data subject to data residency or sovereignty requirements?

Yes No

3.2 Data Quality Controls MEASURE 2.5

Are data validation and cleaning processes in place and documented?

Data validation confirms that inputs conform to expected formats, ranges, and completeness requirements. Data cleaning identifies and corrects erroneous, duplicate, or incomplete records prior to processing. Select "Not applicable" if your organization does not manage the data pipeline.

Yes Partial No Not applicable

Are processes in place to detect and address data drift or concept drift?

Data drift occurs when the statistical properties of input data shift relative to the training distribution, degrading model performance over time. Concept drift refers to a change in the underlying relationship between inputs and outputs the model was trained to predict. Select "Not applicable" if your organization does not manage the model.

Yes Partial No Not applicable / managed by vendor

Is a data lineage or provenance record maintained?

Data lineage is a documented record of a dataset's origin, movement, and transformations over time. Provenance refers to the verifiable source and chain of custody of data assets. Both are relevant to audit readiness and regulatory compliance. Select "Not applicable" if your organization does not manage the data pipeline.

Yes Partial No Not applicable

Section 4 of 10

Stakeholder & Impact Mapping

Identify affected populations and characterize the potential harms and benefits of this AI system.

MAP 1 · MAP 5 — Impact & Harm Assessment

4.1 Affected Populations MAP 5.1, 5.2, 1.2

Who are the primary users of this system? *

Who are the secondary or indirectly affected individuals? (select all that apply)

Individuals who are not direct system users but whose circumstances may be influenced by its outputs or the decisions it informs. Consider downstream recipients of AI-generated communications or decisions.

Customers or clients receiving AI-generated communications Job applicants or candidates Employees subject to AI-assisted evaluation or monitoring General public or broader community Patients or healthcare recipients Students or learners Business partners or suppliers None — this AI tool only affects its direct users Other

Are any affected populations considered vulnerable (e.g., minors, individuals with disabilities, low-income communities, non-English speakers)?

Yes No Unknown

Could this system's outputs affect individuals who never directly interact with it?

Yes No Uncertain

Have affected communities or end users been consulted during design or development?

Yes Planned No

4.2 Impact Characterization MAP 5.1, 5.2

Rate the likelihood and severity of each harm category relative to your AI system's use case. Select N/A for categories that are not applicable to your deployment context.

Rate the likelihood and potential severity of each harm category. Select N/A where a category is not applicable to your deployment context. View harm type definitions ▾

Rights & Legal — Outcomes that may impair an individual's legal rights, entitlements, or access to services (lending, hiring, benefits eligibility).
Fairness — Differential outcomes across demographic groups that may constitute or approximate disparate impact under applicable law.
Financial — Direct or indirect monetary losses to individuals, customers, or the organization attributable to AI system outputs.
Safety — Physical harm arising from AI-driven decisions or system failures; most applicable in healthcare, manufacturing, or autonomous systems.
Wellbeing — Emotional distress, reputational injury to individuals, or loss of autonomy resulting from AI outputs or automated decisions.
Reputational — Damage to organizational trust or brand equity from AI behavior, inaccurate outputs, or incidents made public.
Operational — Disruptions to business continuity or service availability caused by AI system failures or degraded performance.
Societal — Broader negative externalities including environmental impact, contribution to misinformation, or systemic community effects.
Security — Unauthorized access to or exfiltration of sensitive data facilitated by AI system vulnerabilities, including inadvertent exposure through commercial tool inputs.

Harm Type

Likelihood

Severity

Unfair treatment or denial of rights Rights & Legal

Biased or unequal outcomes for different groups of people Fairness

Financial harm to individuals or the organization Financial

Physical safety risk to people Safety

Psychological or emotional harm to individuals Wellbeing

Harm to the organization's reputation or trust Reputational

Disruption to business operations Operational

Environmental or broader societal harm Societal

Data breach or privacy violation through the AI system Security

4.3 Benefits Characterization MAP 5.2

What measurable benefits does this system provide?

Are there established metrics or KPIs for demonstrating those benefits?

A Key Performance Indicator (KPI) is a quantifiable metric used to evaluate performance against defined objectives. Examples include processing time reduction, error rate, customer satisfaction score, or revenue impact attributable to AI system use.

Yes In Development No

Please list your KPIs or success metrics:

Section 5 of 10

Trustworthiness Characteristics Assessment

Rate the current implementation maturity of each trustworthiness characteristic for this AI system.

MEASURE 2 — Trustworthiness Evaluation

ⓘRate each item on a four-point scale. These ratings directly inform the risk posture sections of your generated policy.

5.1 Valid and Reliable Section 3.1

Are accuracy metrics defined and documented for this system?

Not Implemented Planned Partially Implemented Fully Implemented

Is the system tested against representative datasets that reflect real deployment conditions?

Not Implemented Planned Partially Implemented Fully Implemented

Are false positive/false negative rates tracked and reported?

Not Implemented Planned Partially Implemented Fully Implemented

Is there a defined acceptable performance threshold below which the system triggers a review?

Not Implemented Planned Partially Implemented Fully Implemented

Is model robustness tested across varied conditions and edge cases?

Not Implemented Planned Partially Implemented Fully Implemented

Is ongoing post-deployment performance monitoring in place?

Not Implemented Planned Partially Implemented Fully Implemented

5.2 Safe Section 3.2

Has a formal safety risk assessment been conducted for this system?

Not Implemented Planned Partially Implemented Fully Implemented

Are there defined conditions under which the system will be shut down or overridden?

Not Implemented Planned Partially Implemented Fully Implemented

Is there a human intervention mechanism for safety-critical outputs?

Not Implemented Planned Partially Implemented Fully Implemented

Are safety incidents documented and tracked?

Not Implemented Planned Partially Implemented Fully Implemented

Does the system have a graceful degradation mode if it exceeds its knowledge limits?

Not Implemented Planned Partially Implemented Fully Implemented

5.3 Secure and Resilient Section 3.3

Has the AI system been assessed for adversarial attack vulnerabilities (data poisoning, model evasion, model extraction)?

Not Implemented Planned Partially Implemented Fully Implemented

Are access controls in place to prevent unauthorized use or modification of the model?

Not Implemented Planned Partially Implemented Fully Implemented

Is the system included in the organization's incident response plan?

Not Implemented Planned Partially Implemented Fully Implemented

Are the model, training data, and outputs protected against exfiltration?

Not Implemented Planned Partially Implemented Fully Implemented

Has a threat model specific to this AI system been developed?

Not Implemented Planned Partially Implemented Fully Implemented

Is the system subject to penetration testing or red-teaming?

Not Implemented Planned Partially Implemented Fully Implemented

Security assessment frequency

Continuous Annual Ad hoc Never

5.4 Accountable and Transparent Section 3.4

Is documentation available describing how the system works, what data it uses, and how outputs are generated?

Not Implemented Planned Partially Implemented Fully Implemented

Are end users or affected individuals informed that an AI system is involved in decisions that affect them?

Not Implemented Planned Partially Implemented Fully Implemented

Is there a mechanism for individuals to understand why a specific decision was made?

Not Implemented Planned Partially Implemented Fully Implemented

Are audit logs maintained for system inputs, outputs, and decision events?

Not Implemented Planned Partially Implemented Fully Implemented

Is there a designated accountable owner for this AI system?

Not Implemented Planned Partially Implemented Fully Implemented

Are there documented escalation paths when the system produces disputed or harmful outputs?

Not Implemented Planned Partially Implemented Fully Implemented

5.5 Explainable and Interpretable Section 3.5

Can the system produce explanations of its outputs in terms understandable to non-technical users?

Not Implemented Planned Partially Implemented Fully Implemented

Are explanation methods (e.g., SHAP, LIME, rule extraction) in place?

Not Implemented Planned Partially Implemented Fully Implemented

Are explanations provided to decision-makers using the system's outputs?

Not Implemented Planned Partially Implemented Fully Implemented

Is there documentation mapping system outputs to the inputs or features that drove them?

Not Implemented Planned Partially Implemented Fully Implemented

Does the organization distinguish between explainability (how the system works) and interpretability (what the output means in context)?

Not Implemented Planned Partially Implemented Fully Implemented

5.6 Privacy-Enhanced Section 3.6

Has a Privacy Impact Assessment (PIA) been conducted for this system?

Not Implemented Planned Partially Implemented Fully Implemented

Are data minimization practices in place (only collecting data necessary for the system's purpose)?

Not Implemented Planned Partially Implemented Fully Implemented

Are de-identification or anonymization techniques applied where applicable?

Not Implemented Planned Partially Implemented Fully Implemented

Are privacy-enhancing technologies (PETs) employed (e.g., differential privacy, federated learning)?

Not Implemented Planned Partially Implemented Fully Implemented

Does the system comply with applicable privacy regulations (GDPR, CCPA, HIPAA, etc.)?

Not Implemented Planned Partially Implemented Fully Implemented

Are individuals provided with rights to access, correct, or opt out of AI-driven decisions about them?

Not Implemented Planned Partially Implemented Fully Implemented

5.7 Fair — With Harmful Bias Managed Section 3.7

For commercial AI tools, bias responsibility is shared. Answer these questions based on steps your organization has taken to evaluate and mitigate bias in how the tool is used — not solely on what the vendor has implemented.

Has bias in this system been evaluated or tested?

For commercial AI tools: includes reviewing the vendor's published bias and fairness documentation, or assessing outputs in your own use context for unequal treatment. For proprietary systems: includes formal disparity analysis or fairness testing.

Not Evaluated Planned Partially Evaluated Fully Evaluated

Which bias evaluation approaches have been applied? (select all that apply)

Systemic / historical bias in training data Computational / statistical bias in algorithm Human-cognitive bias in system design or use Reviewed vendor's published bias and fairness documentation Assessed outputs for unequal treatment in our specific use context No bias evaluation has been conducted

Are fairness metrics defined and tracked (e.g., demographic parity, equalized odds)?

Not Implemented Planned Partially Implemented Fully Implemented

Are outputs disaggregated by demographic group to assess disparate impact?

Not Implemented Planned Partially Implemented Fully Implemented

Is there a process for surfacing and addressing bias complaints from users or affected individuals?

Not Implemented Planned Partially Implemented Fully Implemented

Has a disparity analysis been conducted comparing system performance across protected classes?

Not Implemented Planned Partially Implemented Fully Implemented

Section 6 of 10

Governance Structure

Assess the organizational policies, roles, risk tolerance, and workforce practices governing AI risk management.

GOVERN 1 · GOVERN 2 · GOVERN 6

6.1 Policies and Procedures GOVERN 1–6

Does the organization have a formal AI governance policy?

YesIn DevelopmentNo

Are AI risk management responsibilities documented in job descriptions or RACIs?

YesPartialNo

Is there a formal process for approving AI systems before deployment?

YesPartialNo

Are there documented criteria for when an AI system requires a risk assessment?

YesNo

Is there a formal process for decommissioning AI systems?

YesPartialNo

Is there an AI system inventory or register maintained?

YesPartialNo

6.2 Roles and Accountability GOVERN 2

Who holds executive accountability for AI risk decisions?

Is there a designated AI Risk Owner or AI Program Lead?

YesNo

Is there a cross-functional AI governance committee or working group?

YesPlannedNo

Which teams are represented in AI risk management decisions? (select all that apply)

Legal Compliance IT / Security Data Science / ML Business Unit HR Privacy External Auditor Ethics / DEI Other

Have personnel involved in AI design, development, or deployment received AI risk management training?

YesPartialNo

6.3 Risk Tolerance MAP 1.5

Has the organization formally defined its AI risk tolerance?

YesInformalNo

What is the organization's general risk posture for AI systems?

Risk-averseModerateRisk-tolerant

Are there categories of AI use cases the organization has explicitly prohibited?

YesNo

Are there categories of AI use cases that require board or executive approval?

YesNo

At what risk level does the organization require independent review before deployment?

6.4 Third-Party and Supply Chain Risk GOVERN 6

Does the organization use third-party AI tools, APIs, or pre-trained models?

YesNo

Are third-party AI vendors subject to security and risk assessments before onboarding?

YesPartialNo

Are contractual obligations around AI risk, data handling, and transparency in place with AI vendors?

YesPartialNo

Are third-party AI systems included in the organization's ongoing monitoring program?

YesPartialNo

If a third-party AI system fails or causes harm, is there a documented incident response procedure?

YesNo

6.5 Workforce and Culture GOVERN 3, 4

Does the organization have documented human-AI interaction policies (when humans must review AI outputs)?

YesPartialNo

Are employees required to disclose use of AI tools in their work?

YesDept-dependentNo

Are there policies governing employee use of generative AI tools (e.g., ChatGPT, Copilot)?

YesIn DevelopmentNo

Is AI ethics or responsible AI included in employee training?

YesPlannedNo

Is there a process for employees to raise concerns about AI system outputs without retaliation?

YesNo

Section 7 of 10

Testing, Evaluation, Verification & Validation

Document pre-deployment testing practices and ongoing production monitoring for this AI system.

MEASURE 2 · MEASURE 4 — TEVV & Monitoring

7.1 Pre-Deployment Testing MEASURE 1

Was the system tested on data representative of the real-world deployment population?

YesPartialNo

Were test results documented and reviewed before deployment approval?

YesNo

Were test sets defined independently from training sets?

YesNoUnknown

Were independent reviewers or external assessors involved in pre-deployment evaluation?

YesNo

Were TEVV results used to make a formal go/no-go deployment decision?

YesInformalNo

7.2 Ongoing Monitoring MEASURE 2.4, MANAGE 4.1

Is the system monitored in production for performance degradation?

YesPartialNo

Are alerts or thresholds defined that trigger review or intervention?

YesNo

How frequently are monitoring reports reviewed?

Is there a mechanism for end users to report errors or unexpected outputs?

YesNo

Are reported issues tracked, investigated, and resolved through a formal process?

YesPartialNo

7.3 Metrics in Use MEASURE 2

Which metrics are currently tracked for this AI system? (select all that apply)

Accuracy / F1 score / AUC False positive / false negative rates Fairness / disparity metrics by demographic group Model drift indicators Data quality scores User satisfaction or error report rates Security event counts related to the AI system Environmental / compute cost metrics None currently tracked

Section 8 of 10

Incident History and Risk Response

Document any known adverse outcomes and the organization's risk treatment approach for this AI system.

MANAGE 2 · MANAGE 3 — Incident & Risk Response

8.1 Known Incidents MANAGE 1–4

Has this system caused or contributed to any adverse outcomes, errors, or complaints since deployment?

YesNoUnknown

Describe nature, scope, and resolution:

Have any incidents been reported to regulators, customers, or the public?

YesNo

Are post-incident reviews conducted and documented?

YesPartialNo

8.2 Risk Treatment MANAGE 1.2, 1.3

For identified risks, which treatment strategies does the organization apply? (select all that apply)

Mitigate (technical controls) Transfer (insurance or contractual) Avoid (prohibit the use case) Accept (documented residual risk) No formal treatment in place

Are residual risks formally documented and communicated to system operators and end users?

YesPartialNo

Is there a process for deciding when to suspend or decommission an AI system due to unacceptable risk?

YesNo

Section 9 of 10

Legal and Regulatory Compliance

Identify applicable legal requirements and document your organization's compliance posture for this AI system.

GOVERN 1 · GOVERN 4 — Legal & Regulatory

Applicable legal or regulatory requirements (select all that apply)

Select federal, international, and sector-specific frameworks that apply to your organization and this AI system.

Federal — Privacy & Consumer Protection

HIPAA GLBA FCRA ECOA / Fair Lending COPPA FTC Act Section 5

Federal — Government & Security

FedRAMP Executive Order 14110 (AI) FISMA NYDFS Cybersecurity Regulation SOC 2

International

GDPR (EU) EU AI Act PIPEDA (Canada) UK GDPR

State AI & Privacy Laws

CCPA / CPRA (California) NYC Local Law 144 — AEDT Colorado AI Act (SB 24-205) Illinois BIPA Texas DSATA Virginia CDPA

Additional state or local laws not listed above

Other / Specify

Other

Please specify:

Is the organization subject to sector-specific AI guidance or rules (e.g., OCC model risk SR 11-7, FDA SaMD guidance)?

YesNo

Has legal counsel reviewed this AI system for compliance?

YesPlannedNo

Are disclosures about AI-driven decision-making provided to affected individuals as required by applicable law?

YesPartialNoNot Required

Are there documented processes for responding to individual rights requests (access, correction, opt-out) related to AI decisions?

YesNoNot Applicable

Section 10 of 10

Open-Ended Supplemental Questions

These questions capture nuances not covered by the structured assessment. Your responses directly shape the custom policy provisions generated for your organization.

All RMF Functions — Supplemental Context

Describe any risks specific to this AI system that you believe are not adequately addressed by your current controls.

Include emerging risks, novel use cases, or gaps you have identified.

Describe any known limitations of this AI system that operators or users should be aware of.

Are there any planned changes to this AI system in the next 12 months? (new use cases, data sources, or model updates)

Is there anything about your organization's AI risk posture that you want the policy to specifically address or reflect?

This is your opportunity to add context, priorities, or specific policy language requirements.

✓ You have completed all 10 assessment sections. Click Submit Assessment below to save your responses and begin policy generation.

Section 1 of 10

Analyzing responses…

Changes saved automatically