The Eticas AI Risk Taxonomy is a unified, machine-readable vocabulary of AI risk categories developed for use across Eticas’ audit methodologies, assessment frameworks, and reporting outputs. It is maintained by Eticas and published with stable per-concept URIs and a SKOS representation, making it interoperable with knowledge graphs, linked data systems, and semantic web tools.
The taxonomy provides a canonical structured vocabulary for naming and locating AI risks, suitable for citation in audit reports, regulatory submissions, research publications, and external framework cross-walks. Each concept carries a definition, alternative labels, lifecycle stage applicability, and formal cross-references to equivalent or related concepts in fourteen external frameworks.
External frameworks are organised in three buckets:
The bucketing matters in practice: the compliance bucket lets auditors demonstrate adherence to specific obligations, while the reference and academic buckets establish conceptual interoperability with the wider AI-risk research and policy ecosystem.
The taxonomy is organised in three levels — categories, sub-groups, and subcategories — covering ten top-level risk areas:
Not every category has sub-groups; categories with few subcategories (Environmental Impact, Organisational Readiness) keep a flat structure. Concepts carry a maturity field — established or emerging — reflecting how settled their definition and assessment methods are.
A subset of the taxonomy is published on the public site — categories and sub-groups at established maturity, without match-type qualifiers on the external mappings. The full taxonomy, including all subcategories, emerging-maturity concepts, and match-type-qualified mappings, is retained internally as the source of truth and as a working surface for ongoing methodology development.
The boundary between public and internal content also marks the licensing boundary.
Public taxonomy — published under CC BY 4.0. What is covered by this open licence:
/risk/ — categories and sub-groups at established maturity./dist/taxonomy.ttl and /dist/taxonomy.jsonld — filtered to match the browsable public view.The SKOS distributions emit a dcterms:license triple pointing to the CC BY 4.0 deed, making the licence assertion machine-readable alongside the content.
Internal taxonomy — proprietary to Eticas. What sits on the internal side and is not covered by CC BY 4.0:
/risk-internal/ (Cloudflare Access required) — all subcategories, emerging-maturity concepts, retired concepts retained for institutional memory, match-type-qualified mappings, per-mapping citations./dist-internal/taxonomy.ttl and /dist-internal/taxonomy.jsonld (Cloudflare Access required). These distributions deliberately do not emit a dcterms:license triple — the absence is intentional, and consumers must not assume any open licence.The open-core split reflects how Eticas uses the taxonomy in practice. The public surface is the canonical structured vocabulary that external parties can cite and remix; the internal surface is a working source where ongoing methodology and assessment-practice development takes place.
Eticas. (2026). Eticas AI Risk Taxonomy, v1.4.0.
https://taxonomy.eticas.ai/risk/
The taxonomy follows Semantic Versioning: major for structural breaks affecting concept identifiers, minor for new categories or new framework mappings or schema additions, patch for definition refinements. Concept URIs (e.g., https://taxonomy.eticas.ai/risk/bias-fairness) are committed as stable for external citation from v1.0 onwards.
For corrections, alignment suggestions, or collaboration enquiries, contact Eticas at eticas.ai.