The National Institute of Standards and Technology (NIST) is urging organizations to adopt a more calibrated approach to assessing the risks posed by artificial intelligence, moving away from broad, potentially paralyzing evaluations toward assessments proportionate to the specific context and potential impact of each AI system.
The call for proportionality comes as concerns mount over the potential for bias, security vulnerabilities, and other harms stemming from the rapid deployment of AI technologies. A recent report in Science highlights the need to operationalize the principle of proportionality – suitability, necessity, and balance – within concrete AI evaluation practices. This represents particularly relevant as regulatory bodies, including those in the European Union, increasingly emphasize these principles in their AI governance frameworks.
Currently, many organizations are struggling to navigate the complex landscape of AI risk assessment. According to a step-by-step guide published by SentinelOne, a cybersecurity firm, a comprehensive approach involves identifying and cataloging all AI systems, mapping stakeholders and potential impact areas, and analyzing the likelihood and impact of threats. Yet, the sheer scope of this undertaking can be daunting, leading to analysis paralysis and hindering innovation.
The NIST AI Risk Management Framework (AI RMF), released for voluntary use, aims to address this challenge by providing a structured approach to incorporating trustworthiness considerations into the entire lifecycle of AI systems – from design and development to deployment and evaluation. The framework encourages organizations to tailor their risk management strategies to the specific characteristics of each AI application.
Microsoft is also contributing to the development of tools and techniques for evaluating AI risks, particularly in the realm of generative AI. Through its Azure AI Foundry, Microsoft offers risk and safety evaluators designed to assess content safety, identify jailbreak vulnerabilities, and detect code security risks. These evaluators, built using a set of language models, provide severity scores for potential harms such as sexual or violent content. Microsoft notes that these evaluators draw on insights from projects like GitHub Copilot and Bing, aiming for a comprehensive approach to risk assessment.
However, challenges remain. SentinelOne points out that AI systems, unlike traditional IT infrastructure, are inherently unpredictable, introducing new categories of risk that require specialized evaluation approaches. These risks include bias and discrimination, where training data can perpetuate historical prejudices, and security vulnerabilities, such as model inversion and prompt injection attacks. The expanding AI security risk assessment landscape demands a shift from reactive firefighting to a repeatable, measurable, and auditable process.
The Azure AI Evaluation SDK and associated evaluators are currently in public preview, indicating ongoing development and refinement of these tools. The Microsoft Foundry SDK for evaluation and Foundry portal are also in preview, with APIs generally available for model and dataset evaluation, though agent evaluation remains in preview. As of October 27, 2025, SentinelOne’s guidance reflects best-practice standards like NIST AI RMF and ISO/IEC 42001.
Despite the availability of frameworks and tools, a clear consensus on how to effectively balance risk mitigation with innovation has yet to emerge. The principle of proportionality, while widely accepted in theory, requires further scientific methods to operationalize calibration within concrete evaluation practices, according to researchers.
