Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Usage Governance Advisor: From Intent to AI Governance

Elizabeth M. Daly, Sean Rooney, Seshu Tirupathi, Luis Garces-Erice, Inge Vejsbjerg, Frank Bagehorn, Dhaval Salwala, Christopher Giblin, Mira L. Wolf-Bauwens, Ioana Giurgiu, Michael Hind, Peter Urbanetz

TL;DR

The paper addresses the challenge of safely governing AI systems by introducing the Usage Governance Advisor, an end-to-end framework that uses a Knowledge Graph and a risk taxonomy to connect use-cases, models, evaluations, and mitigations. It leverages LLM-based auto-assist for semi-structured data collection, an LLM-as-judge for risk prioritization, and a model recommender that grounds decisions in policy and empirical risk evaluations via the Unitxt framework. Key contributions include a LinkML-based AI governance ontology, cross-taxonomy risk mapping, automated risk evaluations, and actionable mitigation guidance with guardrails and manual actions, all enabling auditable deployment decisions. The framework targets regulatory alignment (e.g., EU AI Act) and practical governance needs, offering a scalable, semi-automated approach to continuously assess and improve AI safety across deployment lifecycles. The work demonstrates feasibility through knowledge-graph construction and auto-assist evaluation, while outlining future work on real-time monitoring, continuous auditing, and policy integration to refine governance as risks evolve.

Abstract

Evaluating the safety of AI Systems is a pressing concern for organizations deploying them. In addition to the societal damage done by the lack of fairness of those systems, deployers are concerned about the legal repercussions and the reputational damage incurred by the use of models that are unsafe. Safety covers both what a model does; e.g., can it be used to reveal personal information from its training set, and how a model was built; e.g., was it only trained on licensed data sets. Determining the safety of an AI system requires gathering information from a wide set of heterogeneous sources including safety benchmarks and technical documentation for the set of models used in that system. In addition, responsible use is encouraged through mechanisms that advise and help the user to take mitigating actions where safety risks are detected. We present Usage Governance Advisor which creates semi-structured governance information, identifies and prioritizes risks according to the intended use case, recommends appropriate benchmarks and risk assessments and importantly proposes mitigation strategies and actions.

Usage Governance Advisor: From Intent to AI Governance

TL;DR

The paper addresses the challenge of safely governing AI systems by introducing the Usage Governance Advisor, an end-to-end framework that uses a Knowledge Graph and a risk taxonomy to connect use-cases, models, evaluations, and mitigations. It leverages LLM-based auto-assist for semi-structured data collection, an LLM-as-judge for risk prioritization, and a model recommender that grounds decisions in policy and empirical risk evaluations via the Unitxt framework. Key contributions include a LinkML-based AI governance ontology, cross-taxonomy risk mapping, automated risk evaluations, and actionable mitigation guidance with guardrails and manual actions, all enabling auditable deployment decisions. The framework targets regulatory alignment (e.g., EU AI Act) and practical governance needs, offering a scalable, semi-automated approach to continuously assess and improve AI safety across deployment lifecycles. The work demonstrates feasibility through knowledge-graph construction and auto-assist evaluation, while outlining future work on real-time monitoring, continuous auditing, and policy integration to refine governance as risks evolve.

Abstract

Evaluating the safety of AI Systems is a pressing concern for organizations deploying them. In addition to the societal damage done by the lack of fairness of those systems, deployers are concerned about the legal repercussions and the reputational damage incurred by the use of models that are unsafe. Safety covers both what a model does; e.g., can it be used to reveal personal information from its training set, and how a model was built; e.g., was it only trained on licensed data sets. Determining the safety of an AI system requires gathering information from a wide set of heterogeneous sources including safety benchmarks and technical documentation for the set of models used in that system. In addition, responsible use is encouraged through mechanisms that advise and help the user to take mitigating actions where safety risks are detected. We present Usage Governance Advisor which creates semi-structured governance information, identifies and prioritizes risks according to the intended use case, recommends appropriate benchmarks and risk assessments and importantly proposes mitigation strategies and actions.

Paper Structure

This paper contains 19 sections, 8 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. User scenario
  4. System Overview
  5. AI Systems Knowledge Graph (KG)
  6. Ontology Definition
  7. Applying the Ontology to Risk Mapping
  8. KG Construction
  9. Auto-assist questionnaire
  10. Risk Prioritization
  11. Model Recommendation
  12. Automated Risk Evaluations
  13. Mitigation Recommender
  14. Guardrails
  15. Manual Curation of Recommended actions
  16. ...and 4 more sections

Figures (8)

  • Figure 1: Usage Governance Advisor pipeline
  • Figure 2: Risk Report
  • Figure 3: Risk Cards
  • Figure 4: AI Governance Ontology
  • Figure 5: Risk Taxonomy Mappings
  • ...and 3 more figures