Intake & risk tiering
Intake captures the context an AI system needs to be governed. Risk tiering turns that context into a structured classification that decides how much governance the system needs and which frameworks apply. Together they are the routing engine at the front of the governance lifecycle.
What intake captures
Section titled “What intake captures”Intake is a structured record, not a free-text form. Alongside the descriptive context, purpose, users, owner, business unit, vendor, deployment type and environment, data sources and geographies, it captures a set of risk signals as explicit flags:
- Personal data and special-category data involvement.
- High-risk use and automated decision-making.
- Public-facing exposure.
- Retrieval characteristics: RAG, retrieval sources, vector store, long context and external retrieval.
- Context-specific signals such as cultural significance, heritage relevance, local language significance, creative-sector use and community impact.
Each flag is a routing input. They are what let Gamut decide, consistently, which frameworks and reviews a given system actually needs.
From intake to risk tier
Section titled “From intake to risk tier”Intake produces a risk tier (a system carries undetermined until classified, then low
through critical) and an initial risk rating. The risk tier is the pivot of the whole
lifecycle: it prioritises attention and routes the system to the controls and frameworks that
matter for its level of risk.
- Higher-risk systems attract deeper assessment and more demanding control expectations.
- Lower-risk systems are governed proportionately, without unnecessary overhead.
How signals become a tier is deterministic: a governance weighting profile of weighted dimensions and configurable thresholds does the mapping, so the same inputs always yield the same tier.
The ACRS pre-score and confirmation point
Section titled “The ACRS pre-score and confirmation point”For systems with agentic or capability-driven risk, intake derives an ACRS pre-score and a capability band from the signals captured. This is a prescore, a starting position, that you confirm at an explicit confirmation point rather than accept blindly. Gamut reconciles the system’s assigned risk tier against the confirmed ACRS band, so a mismatch between “how risky we called it” and “how capable it actually is” is surfaced rather than hidden.
Framework routing
Section titled “Framework routing”Intake does not just classify, it routes. From the captured signals it produces:
- Required frameworks: the frameworks this system must be assessed against.
- Required reviews: the specific reviews it must undergo.
- A routing profile and routed frameworks, with a routing status that moves from
not_routedto confirmed once a reviewer accepts the route.
This is what connects intake to the rest of the platform: a routed system arrives at assessment already pointed at the right frameworks.
Approval
Section titled “Approval”An intake record carries an approval status (draft through approved) with a named approver. Risk
classification is therefore an accountable decision, not an automatic one: a person signs off that
the system is classified and routed correctly before it moves into deeper governance work.
Why consistency matters
Section titled “Why consistency matters”The value of risk tiering is consistency. When every system is classified against the same signals and the same routing logic, risk decisions become comparable across the organisation and defensible to reviewers, who can trace each classification back to the intake that produced it. This is also the foundation for EU AI Act readiness, which is itself a risk-tiered regime.
- Registry & Discovery: where classified systems live.
- Assessments & control testing: assess the routed system.
- ACRS: the capability-risk model behind the pre-score.