AI Agent Impact Assessment Template¶
Purpose: Structured template for assessing risks and impacts before deploying AI agents in high-risk environments. Aligns with Colorado AI Act (SB 21-169), EU AI Act Article 9, and NIST AI RMF MAP function.
Usage: Complete this template for each agent deployment. Store completed assessments alongside the agent's policy YAML in version control.
1. Agent Identification¶
| Field | Value |
|---|---|
| Agent Name | |
| Agent DID | did:agentmesh:... |
| Version | |
| Owner / Sponsor | |
| Deployment Environment | โ Development โ Staging โ Production |
| Assessment Date | |
| Assessor | |
| Review Due Date |
2. Purpose and Scope¶
2.1 Agent Purpose¶
Describe what the agent does, what decisions it makes, and what actions it takes.
2.2 Target Population¶
Who is affected by the agent's actions? Include both direct users and downstream affected parties.
2.3 Decision Types¶
| Decision | Consequential? | Reversible? |
|---|---|---|
| e.g., Loan approval | โ Yes โ No | โ Yes โ No |
| e.g., Content moderation | โ Yes โ No | โ Yes โ No |
Consequential decisions (Colorado AI Act): decisions that have a material legal or similarly significant effect on consumers in education, employment, financial services, healthcare, housing, insurance, or government services.
3. Risk Classification¶
3.1 Risk Level¶
| Framework | Classification | Justification |
|---|---|---|
| EU AI Act | โ Minimal โ Limited โ High โ Unacceptable | |
| NIST AI RMF | โ Low โ Moderate โ High โ Critical | |
| OWASP Agentic | Applicable risks: | |
| Organization | โ Tier 1 โ Tier 2 โ Tier 3 |
3.2 OWASP Agentic Top 10 Assessment¶
| # | Risk | Applicable? | AGT Mitigation |
|---|---|---|---|
| ASI-01 | Agent Hijacking | โ Yes โ No | Policy engine, prompt injection detection |
| ASI-02 | Tool Misuse & Exploitation | โ Yes โ No | Capability allow/deny lists |
| ASI-03 | Tool Poisoning | โ Yes โ No | MCP security scanner |
| ASI-04 | Insecure Data Handling | โ Yes โ No | Attribute ratchets, DLP |
| ASI-05 | Insecure Output | โ Yes โ No | Pre-output policy stage |
| ASI-06 | Confused Deputy | โ Yes โ No | Zero-trust identity, trust scoring |
| ASI-07 | Insecure Inter-Agent Communication | โ Yes โ No | E2E encryption (Signal protocol) |
| ASI-08 | Cascading Agent Failures | โ Yes โ No | Circuit breaker, kill switch |
| ASI-09 | Inadequate Logging | โ Yes โ No | Tamper-evident audit, OTel |
| ASI-10 | Resource Exhaustion | โ Yes โ No | Rate limiting, token budgets |
4. Data Assessment¶
4.1 Data Inputs¶
| Data Source | Contains PII? | Classification | Jurisdiction |
|---|---|---|---|
| โ Yes โ No | โ Public โ Internal โ Confidential โ Restricted |
4.2 Data Outputs¶
| Output Type | Contains PII? | External Recipients? |
|---|---|---|
| โ Yes โ No | โ Yes โ No |
4.3 Data Residency¶
- Storage locations:
- Cross-border transfers: โ Yes โ No
- If yes, legal basis:
5. Bias and Fairness¶
5.1 Protected Classes Potentially Affected¶
โ Race/Ethnicity โ Gender โ Age โ Disability โ Religion โ National Origin โ Other: ___
5.2 Fairness Testing¶
- Has the agent been tested for disparate impact? โ Yes โ No
- Testing methodology:
- Results summary:
5.3 Mitigation Measures¶
Describe controls to prevent discriminatory outcomes.
6. Governance Controls¶
6.1 AGT Policy Configuration¶
# Reference the agent's policy file
policy_file: policies/<agent-name>.yaml
extends:
- policies/org-baseline.yaml
6.2 Approval Gates¶
| Action | Requires Approval? | Approver |
|---|---|---|
| e.g., Financial transaction > $10K | โ Yes โ No |
6.3 Human Oversight¶
- Kill switch configured? โ Yes โ No
- Human-in-the-loop for consequential decisions? โ Yes โ No
- Escalation path defined? โ Yes โ No
7. Transparency and Explainability¶
- Can the agent explain its decisions to affected individuals? โ Yes โ No
- Is there a consumer-facing disclosure that AI is being used? โ Yes โ No
- Are audit logs accessible for review? โ Yes โ No
8. Incident Response¶
- Incident classification defined? โ Yes โ No (see incident-response-workflow.md)
- Rollback procedure documented? โ Yes โ No
- Notification process for affected individuals? โ Yes โ No
9. Sign-Off¶
| Role | Name | Date | Signature |
|---|---|---|---|
| Agent Owner | |||
| Security Review | |||
| Privacy Review | |||
| Legal/Compliance | |||
| Management Approval |
10. Review Schedule¶
- Next review date:
- Review trigger events: โ Major version change โ Policy update โ Incident โ Regulatory change โ Annual
Related: NIST AI RMF Alignment ยท EU AI Act Checklist ยท SOC 2 Mapping ยท Record Retention Policy