Monitoring sources
The AI risk landscape changes rapidly. The following sources are used to maintain currency of this knowledge base. They are also recommended for practitioners maintaining their own AI risk programs.
Incident databases
| Source | URL | Cadence | Use |
|---|---|---|---|
| AI Incident Database (AIID) | incidentdatabase.ai | Weekly | Primary source for real-world AI incidents. Subscribe to monthly digest. |
| MIT AI Incident Tracker | airisk.mit.edu | Monthly | Severity-classified tracker with harm taxonomy linked to MIT Risk Repository. |
| OECD AI Incidents Monitor | oecd.ai/en/incidents | Monthly | Cross-jurisdiction incident monitoring with policy context. |
| Stanford HAI AI Index | aiindex.stanford.edu | Annually (March) | Comprehensive annual survey of AI incidents, regulation, and safety developments. |
Regulatory and standards bodies
| Source | URL | Cadence | Use |
|---|---|---|---|
| NIST AI RMF and AI 600-1 | nist.gov/itl/ai-risk-management-framework | As published | Foundational US voluntary framework. Monitor for profile updates and IR 8596 final release. |
| EU AI Office | digital-strategy.ec.europa.eu/ai-act | Monthly | Implementation guidance, GPAI Code of Practice, enforcement updates. Critical for EU AI Act tracking. |
| APRA | apra.gov.au | Monthly | CPS 230 guidance, AI-related speeches and supervisory statements. |
| ASIC Digital Finance | asic.gov.au/digital-finance | Monthly | AI governance reviews and enforcement actions in Australian financial services. |
| ISO/IEC JTC 1/SC 42 | iso.org/committee/6794475.html | As published | ISO 42001 (AI Management Systems), ISO 42005 (Impact Assessment), ISO 23894 (AI Risk). |
| DISR AI Safety | industry.gov.au/ai-safety | Monthly | Australian AI Safety Standards, VAISS guardrails, voluntary AI governance initiatives. |
Security and adversarial AI
| Source | URL | Cadence | Use |
|---|---|---|---|
| MITRE ATLAS | atlas.mitre.org | Quarterly | Adversarial threat landscape for AI/ML. Track new tactics and techniques. |
| OWASP LLM Top 10 | owasp.org/www-project-top-10-for-large-language-model-applications | Annually | LLM-specific vulnerability list. Current version: 2025. |
| NIST Cyber AI Profile IR 8596 | csrc.nist.gov | As published | AI-specific cybersecurity controls. December 2025 draft — monitor for final release. |
| SANS AI Security | sans.org | As published | Practical security guidance for AI systems. |
Academic and research
| Source | URL | Cadence | Use |
|---|---|---|---|
| MIT AI Risk Repository | airisk.mit.edu | Quarterly | Living database of 1,700+ categorised AI risks. Track version updates. |
| Anthropic / DeepMind / OpenAI Safety Research | Various | As published | Frontier AI safety research. Alignment Forum for broader community research. |
| ArXiv cs.AI / cs.LG | arxiv.org | Weekly (curated) | Pre-print research on AI risks, safety, alignment, and governance. |
Industry and professional bodies
| Source | URL | Cadence | Use |
|---|---|---|---|
| IAPP AI Governance Centre | iapp.org | Weekly | Privacy and AI governance practitioner community. Regulatory roundups. |
| ISACA AI Governance | isaca.org/topics/artificial-intelligence | Monthly | COBIT for AI, practitioner guidance, audit frameworks. |
| Partnership on AI | partnershiponai.org | Monthly | Multi-stakeholder responsible AI research and guidance. |
Australian-specific
| Source | URL | Cadence | Use |
|---|---|---|---|
| ACSC AI Security Guidance | cyber.gov.au | As published | ACSC guidance on AI security. Practical operational security. |
| OAIC AI and Privacy | oaic.gov.au | As published | OAIC guidance on AI and privacy obligations under the Privacy Act. |
| Tech Council of Australia | techcouncil.com.au | Monthly | Australian industry perspective on AI governance and workforce implications. |
Automation
The knowledge base automation engine checks these sources on a defined schedule and generates proposed content updates for human review. See the automation configuration for the full maintenance schedule.