Back to AI Research

AI Research

TrustX Agent Risk Classification Framework (ARC): R... | AI Research

Key Takeaways

  • TrustX Agent Risk Classification Framework (ARC): Risk-Tiering Internally Created Agentic AI Systems The rapid rise of agentic AI—systems capable of autonomo...
  • The proliferation of agentic AI systems across enterprise and public-sector contexts has outpaced the capacity of general-purpose AI risk frameworks to classify and govern them.
  • At the core of the framework is a twelve-dimension scoring rubric that robustly quantifies the risk.
  • This rubric is combined with other components, such as the GPA + IAT classification model and the five-level autonomy framework derived from existing literature.
  • These inputs produce a three-tier governance output with mapped control recommendations.
Paper AbstractExpand

The proliferation of agentic AI systems across enterprise and public-sector contexts has outpaced the capacity of general-purpose AI risk frameworks to classify and govern them. In this paper, we introduce the TrustX Agent Risk Classification Framework, a structured, repeatable instrument that can be applied to seven types of agentic AI systems and is grounded in foundational pre-existing AI governance frameworks. At the core of the framework is a twelve-dimension scoring rubric that robustly quantifies the risk. This rubric is combined with other components, such as the GPA + IAT classification model and the five-level autonomy framework derived from existing literature. These inputs produce a three-tier governance output with mapped control recommendations. A specialised Coding Assistant extension is also included to account for nuances specific to this type of agentic AI system. We then use an illustrative example to show our framework in practice. ARC is intended for AI governance practitioners, risk officers, developers, and regulators, and it will regularly undergo iteration as we continue to expand it and make it more robust. The community can access the interactive framework here: this https URL

TrustX Agent Risk Classification Framework (ARC): Risk-Tiering Internally Created Agentic AI Systems
The rapid rise of agentic AI—systems capable of autonomous planning, tool use, and decision-making—has outpaced existing governance frameworks, which were largely designed for simpler, non-agentic models. This paper introduces the TrustX Agent Risk Classification Framework (ARC), a structured, repeatable tool designed to help organizations assess and categorize the risks associated with these advanced systems. By providing a clear methodology for risk-tiering, the framework aims to help developers, risk officers, and regulators implement appropriate safety controls before these agents are deployed.

Assessing Risk Through a Structured Rubric

At the heart of the ARC framework is a twelve-dimension scoring rubric that quantifies risk across factors such as autonomy, decision scope, system reach, and data sensitivity. Each dimension is scored on a scale of one to three. To ensure that high-risk factors are not hidden by averaging, the framework uses a "critical dimension" approach: if any single dimension is flagged as high-risk, or if the agent operates at the highest level of autonomy, the entire system is automatically classified as a High-Risk (Tier 3) system. This ensures that the most dangerous potential behaviors are not overlooked.

Integrating Agency and Autonomy

The framework incorporates two established models to help users understand the nature of their AI. First, it uses the "GPA + IAT" model to determine if a system is truly agentic by checking for properties like goal-pursuit, perception, action, iteration, adaptation, and termination. Second, it applies a five-level autonomy scale—ranging from a human-directed operator to a fully autonomous observer—to gauge how much freedom the agent has. These inputs, combined with the twelve-dimension rubric, produce a final risk tier (Low, Medium, or High) that dictates the level of governance required.

Specialized Guidance for Coding Assistants

Because AI coding assistants have unique risks—such as the ability to generate executable code, access sensitive repositories, and manipulate software supply chains—the framework includes a dedicated extension. This extension replaces the standard agency checklist with a 20-point capabilities assessment. This allows organizations to specifically evaluate functions like bug detection, security scanning, and CI/CD pipeline integration. By accounting for these nuances, the framework ensures that coding assistants are governed with the specific security threats they pose in mind.

Mapping Controls to Risk Tiers

Once an agent is assigned a risk tier, the framework provides mapped control recommendations to mitigate potential harm. Tier 1 (Low Risk) systems require standard practices like basic documentation and audit logs. Tier 2 (Medium Risk) systems call for enhanced measures, such as implementing "kill switches" and behavior boundaries. Tier 3 (High Risk) systems demand rigorous oversight, including continuous monitoring, third-party validation, and, in some cases, board-level approval. The framework is designed to be iterative, meaning it will continue to evolve as new agentic capabilities and risks emerge.

Comments (0)

No comments yet

Be the first to share your thoughts!