Risk
Untested Model
Description
Model or major model-version undergoes insufficient or undocumented adversarial evaluation.
Example
Red team review is skipped; prompt injection or evasion vulnerabilities remain undiscovered
Assets Affected
Model files
Pipeline Job
AI Model
Mitigation
- Require formal adversarial testing and documented red-team evidence before approval
- Automate checks for test coverage in CI/CD
Standards Mapping
- ISO 42001: A.6.2.4, A.6.1.3
- NIST AI RMF: MEASURE 2.1, MEASURE 2.5
- DASF v2: PLATFORM 12.2