Risk
Policy-Violating Output
Description
Deployed model outputs violate organizational, industry, or regulatory policies (e.g., privacy, safety, ethics) due to lack of enforcement.
Example
LLM generates investment advice or medical diagnosis in violation of company policy/regulations.
Assets Affected
Model Response
AI App
Model Inference endpoint
Mitigation
- Output policy enforcement
- Output classification
- Restrict high-risk use cases
- Compliance monitoring
Standards Mapping
- ISO 42001: A.5.4, A.8.2
- OWASP Top 10 for LLM: LLM09
- NIST AI RMF: MEASURE 2.11, GOVERN 1.1