返回 Papers
AI 扩展计划 / Playbooks

ABPA 模板 05:AI Control Pack

52abpa/templates/05-ai-control-pack.md

AI Control Pack

Use this to turn AI risk into architecture, process, and monitoring controls.

1. Control Register

Control IDRiskScenarioPreventive controlDetective controlCorrective controlEvidenceOwner
C-001Hallucination

2. Risk Coverage

Risk classRequired?Control IDsResidual risk
Hallucination / unsupported claimyes / no
Prompt injectionyes / no
Privacy leakageyes / no
Bias / unfair outcomeyes / no
Over-relianceyes / no
Unsafe automationyes / no
Stale knowledgeyes / no
Tool / model outageyes / no
Audit failureyes / no
Cost runawayyes / no

3. Human Oversight

Decision / outputHuman roleRequired evidenceOverride ruleAudit field
review / approve / reject / escalate

4. Monitoring Signals

SignalSourceThresholdResponse
Invalid citation rate
Manual override rate
Escalation rate
Prompt injection block rate
Model error / timeout rate
Cost per case

5. Governance Cadence

ActivityFrequencyOwnerEvidence
Control review
Eval refresh
Prompt/tool change review
Model/provider review
Incident drill