Agentic Risk Matrix (ARM): 42 Risks Across 8 Domains
The Protum Agentic Risk Matrix is the industry's first comprehensive risk taxonomy for agentic AI. Forty-two risks organised across eight domains, with fourteen risks exclusive to Protum's research. The ARM is the scoring backbone behind every Protum assessment.
Eight risk domains
Decision Risk (model reliability, hallucination, reasoning failures), Delegation Risk (tool permissions, privilege escalation, unauthorised actions), Execution Risk (sandbox escapes, side effects, resource exhaustion), Interaction Risk (prompt injection, jailbreak, social engineering), Memory Risk (context manipulation, persistence attacks, data leakage through memory), Identity Risk (impersonation, authentication bypass, trust chain attacks), Governance Risk (audit trail gaps, human oversight failures, policy drift), and Value Risk (misalignment, cost overruns, business objective drift).
How the ARM maps to standards
Every ARM risk is cross-referenced to OWASP Agentic AI Top 10, IMDA AI Verify criteria, MAS FEAT principles, ISO/IEC 42001 controls, and MITRE ATLAS techniques. When Protum finds a gap, you see immediately which regulatory controls it affects.
Exclusive Protum risks
Fourteen of the 42 ARM risks are original Protum research, covering attack vectors and governance gaps not yet captured in published standards. These include novel delegation chains, cross-agent trust propagation risks, and value drift in multi-agent systems.
Open methodology
The Agentic Risk Matrix is published openly. Vendors, researchers, and regulators can read the full risk taxonomy, scoring criteria, and evidence requirements. Protum welcomes submissions and corrections through the standard contribution process.
Run a free security assessment