SAMDAM Mission Partners — AI Workflow Risk Assessment Checklist
SAMDAMMission Partners
AI Workflow Risk Assessment · Governed AI for regulated operations
Risk Checklist
David McCaskill, Founder & Principal Architect
info@samdam.biz · 301.904.1660 samdam.biz
Before you point AI at a business workflow, answer six questions. If you
can’t answer one — or the honest answer is “we don’t know” —
that gap is your risk, and the workflow needs the mapped control before it ships. Each question
corresponds to a Sourcine control that makes the answer enforceable, not aspirational.
Q1
What approved source records support this workflow?
List the systems of record, documents, or datasets the output must be built from. If no approved source exists, the workflow is not ready for AI.
Control · Authoritative source binding
Q2
Which fields must never be changed by the model?
Names, dates, IDs, numbers, citations, control statements, and contract terms — the fields where a paraphrase is an error, not a style choice.
Control · Protected-field validation
Q3
What data may enter the model context?
Define what is allowed in — and what confidential, regulated, or customer data must be kept out of the model context entirely.
Control · Deterministic assembly / data boundary
Q4
What output requires human review?
Decide which outputs a named person must approve before they reach a customer, an auditor, or a contract.
Control · Fail-closed gate / review workflow
Q5
What evidence must be retained?
What source, version, and validation result must be recorded so the output can be defended to audit, legal, or a customer later.
Control · Audit commit
Q6
What system blocks unsupported output?
Name the mechanism — not the policy — that stops an unsupported or altered answer from being published.
Control · Fail-closed gate
Reading the results: every blank or “we don’t know” is an
unmanaged risk. A Commercial AI Assurance Assessment produces these answers — and the
controls behind them — for your highest-value workflows. Start at samdam.biz/commercial-ai-governance.