IBM Risk Atlas Nexus
Open-source AI risk governance toolkit unifying IBM AI Risk Atlas, NIST AI RMF, OWASP Top 10, MIT AI Risk Repository, and more into a knowledge graph with actionable workflows.
What it does
Open-source toolkit from IBM Research (Apache 2.0) that unifies multiple AI risk taxonomies into a single knowledge graph. Aggregates risks from IBM AI Risk Atlas, Granite Guardian, MIT AI Risk Repository, NIST AI RMF GenAI Profile, AIR 2024, AILuminate Benchmark, Credo's Unified Control Framework, and OWASP LLM Top 10. Includes Python library for risk exploration, use-case risk detection, compliance questionnaire assistance, and graph database export. Presented at AAAI 2026. HuggingFace demo available.
Security relevance
Provides cross-framework risk mappings that connect abstract regulatory requirements to concrete technical controls, benchmarks, and mitigations. Enables automated risk identification from use-case descriptions and supports compliance questionnaire workflows.
When to use it
Use during AI governance setup to map your AI use cases to relevant risks across multiple frameworks simultaneously. Ideal for organisations needing to demonstrate compliance across NIST, OWASP, and EU AI Act requirements.
OWASP coverage
Risks addressed — mapped to both OWASP Top 10 standards. 10 in LLM, 0 in Agentic.
The raw record
What Yuntona stores. Single source of truth — fork it on GitHub.
name: IBM Risk Atlas Nexus slug: ibm-risk-atlas-nexus type: Generative category: AI Governance & Standards url: https://github.com/IBM/risk-atlas-nexus reviewed: 2026-04 added: 2026-04 updated: 2026-04 risks: llm: [LLM01, LLM02, LLM03, LLM04, LLM05, LLM06, LLM07, LLM08, LLM09, LLM10] asi: [] complexity: Plug & Play pricing: — audience: CISO · GRC lifecycle: [build] tags: [EU AI Act, Governance, Knowledge Graph, NIST, Open Source, OWASP, Risk Taxonomy]