Skip to main content

How AIApplication Risk Classifier evaluates metadata
Partner built app

The AI Application Risk Classifier evaluates your AIApplication metadata to identify potential regulatory and governance risks. This classification helps your compliance and governance teams understand which AI systems may require additional oversight.

The classification framework

The Tavro AI Agent assesses risk based on the EU AI Act framework, which categorizes AI systems by their potential impact in three critical areas:

  • Safety: How the application might affect user safety or system reliability
  • Fundamental rights: Whether the application processes data affecting privacy, non-discrimination, or other rights
  • Ethical and regulatory compliance: Whether the application meets legal obligations and ethical standards

What gets classified

The classifier analyzes two pieces of metadata from each AIApplication asset:

  • Application name: The identifier and title of the AI application
  • Application description: Context about the application's purpose and function

Both fields are needed to provide the AI Agent with sufficient context for accurate risk assessment.

The classification process

When you run the AI Application Risk Classifier workflow:

  1. The app reads the name and description from AIApplication assets in your Atlan environment
  2. This metadata is sent securely to Tavro's AI Agent (HTTPS, TLS 1.2 or higher)
  3. The agent evaluates the metadata based on the EU AI Act framework
  4. A risk classification is assigned to the asset
  5. The classification is written back to Atlan as custom metadata on the AIApplication

Why metadata classification matters

Metadata-based risk classification provides a starting point for governance without requiring intrusive data analysis. Your compliance teams can:

  • Quickly identify AI applications that may require additional documentation or governance controls
  • Prioritize regulatory compliance efforts
  • Maintain an audit trail of risk assessments
  • Make informed decisions about AI system governance

Data security and privacy

Atlan instance data isn't used for training or fine-tuning the LLMs powering the Tavro AI Agent. All analysis performed by the agent is consistent with EU AI Act principles, ensuring your metadata evaluation respects privacy and compliance standards.

See also