Output & Decision Safety
Block harmful or unsafe model outputs — hate, violence, self-harm, CSAM, illegal advice, hallucinations in high-impact decisions.
- EU AI Act: Art. 5 (prohibited practices)
- NIST AI RMF: MEASURE-2.6 / MEASURE-2.7
AI Safety
A reference, not a journey. Look up any AI harm and see who owns it, the controls that hold the fix, and the EU AI Act risk tier it lands at.
Ethical requirements it triggers
AICM control domains that hold the fix
3 harm classes · 7 safety control families · NIST AI 100-1
Harm to People: Harms to individuals and groups — rights, safety, access. The class with the widest ethical-requirement pipeline.
The harm classes · NIST AI 100-1
The National Institute of Standards and Technology (NIST) AI Risk Management Framework groups AI harms into three top-level classes. We anchor the safety lens to those classes so the controls we fit map cleanly to ethical requirements, AI Controls Matrix (AICM) domains, and the EU AI Act risk tier each class typically lands at.
Harm to People
Harms experienced by individuals, groups, communities, or society — civil liberties, rights, physical and psychological safety, economic opportunity, equal access. Includes group harms (discrimination, exclusion) and societal harms (erosion of democratic processes, harm to vulnerable populations).
AICM domains: MDS · DSP · GRC · HRS
EU AI Act tier: High risk
Harm to an Organization
Harms to an organization — operational disruption, reputational damage, security and financial loss — caused by AI systems behaving unexpectedly, leaking data, or being weaponised against the organization itself.
AICM domains: MDS · AIS · LOG · IAM · SEF
EU AI Act tier: Limited risk
Harm to an Ecosystem
Harms to the interconnected systems on which society depends — the global financial system, supply chains, critical infrastructure, the natural environment. Includes Environmental harm: AI training and inference are energy-intensive, and at scale they contribute to carbon and water footprint, e-waste, and resource depletion.
AICM domains: STA · BCR · CCC · TVM
EU AI Act tier: High risk
| Harm class | EU AI Act tier | Primary requirements |
|---|---|---|
| Harm to People | High risk | Fairness & bias testing · Human oversight · Transparency & explainability · Contestability |
| Harm to an Organization | Limited risk | Human oversight · Transparency & explainability |
| Harm to an Ecosystem | High risk | Human oversight · Transparency & explainability |
The safety control spine
A lens over the existing 18 AICM domains, not a new partition. Each family names where in the control stack a harm class is mitigated, the AICM domain its controls land in, and the standards hook a Chief Information Security Officer (CISO) is asked to evidence.
Block harmful or unsafe model outputs — hate, violence, self-harm, CSAM, illegal advice, hallucinations in high-impact decisions.
Detect and mitigate discriminatory or skewed model behaviour against groups defined by protected attributes.
Make model behaviour legible to operators, users, and regulators — model cards, attribution, AI-interaction disclosure.
Keep humans in the loop on high-impact decisions and give affected people a route to challenge an AI outcome.
Bound agent autonomy and tool scopes; gate irreversible actions; detect cascading or feedback-loop behaviour. The autonomy frontier — ties to the AI-CMM ladder.
Pre-deploy safety assurance — run a benchmark suite + harm-focused red-team and gate releases on the result.
Detect harm over time — behavioural and safety drift, guardrail efficacy in production, harm-incident response.
See also
The measured proof, the skills that power the fix, and where this sits on the maturity model each have their own home, so they are linked, not repeated:
Honesty & attribution
XL-SafetyBench by AIM Intelligence (with Microsoft, Korea AI Safety Institute, KT) — eval code Apache-2.0, dataset CC BY 4.0. Used with attribution. Guardian/RepBend licenses pending verification.
Harm-class taxonomy source — NIST AI Risk Management Framework 1.0 (NIST AI 100-1), 1.0 (January 2023).