Colorado requires annual impact assessments retained for 3 years. The rebuttable presumption of reasonable care depends on assessment quality. Here are the 10 elements that determine whether the assessment is your shield or their evidence.
The assessment is a legal document: Colorado: annual impact assessments, 3-year retention, producible to AG within 90 days. Rebuttable presumption of reasonable care depends on NIST/ISO 42001 alignment. Texas TRAIGA: NIST compliance = affirmative defense. EU AI Act Art. 9: continuous risk management. In every enforcement action, the risk assessment is reviewed first.
Colorado requires annual impact assessments, three-year retention, and production to the Attorney General within 90 days. The rebuttable presumption of reasonable care depends on whether those assessments meet the statutory standard. Texas TRAIGA’s affirmative defense requires documented NIST compliance. The EU AI Act requires continuous risk management. In every enforcement proceeding, the risk assessment is the first document reviewed. It is either the evidence of reasonable care or the evidence of its absence.
Why Lawyers Must Review, Not Just Sign Off
It determines the safe harbor. Colorado’s presumption requires NIST/ISO 42001 alignment. If the assessment doesn’t actually map to these frameworks, the safe harbor is illusory.
It is discoverable. Producible to the AG within 90 days. Retained three years. In litigation, every gap becomes evidence for the opposing party.
It defines the standard of care. A risk assessment identifying bias but documenting no mitigation creates stronger liability than no assessment at all—it proves awareness without action.
The 10 Elements Lawyers Must Verify
1. Scope Completeness
All high-risk AI systems inventoried? Shadow AI addressed? Colorado covers consequential decisions in 8 domains. The EU AI Act Annex III lists specific categories. Incomplete inventory = incomplete assessment.
2. Risk Identification
“Bias risk” is insufficient. “Disparate impact on applicants over 40 due to training data demographic skew, identified through age-stratified testing” is defensible. Specific risks with factual basis, mapped to ISO 42001 Annex C or NIST.
3. Risk Evaluation
Each risk scored for likelihood and impact. ISO 42001 Clause 8.2 requires this. Risks listed without evaluation fail the legal standard.
4. Mitigation Documentation
For every risk: what control, when implemented, how verified. Colorado requires “details on mitigations.” Identifying risks without mitigations proves awareness without action.
5. Bias Testing Results
Disaggregated across protected categories. Specific fairness metrics (statistical parity, equalized odds). 95% aggregate accuracy is legally meaningless if it varies 20 points across demographic groups.
6. Data Governance
Sources, consent, quality, bias examination. FTC disgorgement targets improper data. The assessment must demonstrate lawful, documented provenance.
7. Transparency Measures
Consumer notification, AI content labeling, explainability for consequential decisions, documentation of capabilities and limitations.
8. Human Oversight Design
Named reviewers, qualifications, criteria, escalation. “Human review conducted” without specifics is legally insufficient.
9. Framework Alignment
Explicit mapping to NIST/ISO 42001 with documented outputs. Labeled “NIST-aligned” without actual mapping cannot activate safe harbors. This is the most important element.
10. Review Cadence
Date, next review date, update triggers, responsible individuals. Colorado: annual + 90 days after modifications. Static documents suggest one-time compliance.
Pass/Fail Criteria
| Element | Pass | Fail / Red Flag |
|---|---|---|
| 1. Scope | All high-risk systems inventoried. Shadow AI addressed. | Missing systems. No shadow AI scan. |
| 2. Risks | Specific risks with factual basis. Framework-mapped. | Generic categories. Template language. |
| 3. Evaluation | Likelihood + impact scored. Methodology documented. | Risks without scores. No methodology. |
| 4. Mitigation | Specific controls, dates, effectiveness evidence. | No implementation evidence. “Planned” only. |
| 5. Bias | Disaggregated results. Specific fairness metrics. | Aggregate only. No demographic breakdown. |
| 6. Data | Sources, consent, quality, provenance documented. | No training data docs. “Proprietary” without detail. |
| 7. Transparency | Notification, labeling, explainability documented. | No measures. “Future enhancement.” |
| 8. Oversight | Named reviewers, qualifications, escalation. | “Human review” without specifics. |
| 9. Framework | Explicit NIST/ISO mapping with outputs. | “NIST-aligned” label without mapping. |
| 10. Cadence | Date, next review, triggers, responsible persons. | No schedule. Static document. |
The five most common failures: Template assessments with no org-specific content. Awareness without action (risks identified, no mitigations). Aggregate-only bias testing. No framework mapping (cannot activate safe harbor). One-time assessment without ongoing monitoring.
The Assessment Is Either Your Shield or Their Evidence
Every enforcement action starts with “show me your risk assessment.” It either proves reasonable care and activates safe harbors, or proves awareness without action. The 10 elements determine which. Lawyers reviewing against these criteria before finalization protect clients from creating the evidence opponents use.
The practical first step: take your client’s most recent AI risk assessment and evaluate it against all 10 elements. Use the pass/fail table. Every element that fails is a gap that must be remediated before the assessment can serve its legal purpose.
GAICC offers ISO/IEC 42001 Lead Implementer training covering the risk assessment methodology (Clause 8.2), impact assessment requirements (Clause 8.4), and the documentation standards that make assessments legally defensible. The program provides the framework knowledge lawyers need to review, evaluate, and improve the AI risk assessments their clients produce. Explore the program to build your assessment review capability.
