Skip to content

Saudi AI Risk Management

Saudi AI Risk Management illustration

The National Artificial Intelligence Risk Management Framework is the Kingdom of Saudi Arabia's national methodology for managing the risks of AI systems. It was published by the Saudi Data and Artificial Intelligence Authority (SDAIA) in April 2026 (document SDAIA-P145, version 1.0). The framework gives government and private-sector entities a practical, staged method for identifying, assessing, treating, and monitoring AI risks, anchored in four reference pillars and a five-stage risk cycle built around a 4×4 likelihood-impact matrix.

Modulos models the framework as two paired templates: OFF-23 for the organization-level foundations and MFF-23 for per-system execution of the risk cycle. This page orients you on what the framework covers, how the templates are structured, and where to go next.

Quick decision — is this framework for you?

  • You are a Saudi government entity or private-sector company using or planning AI → this is your national reference for AI risk management. Start with Reference pillars and context scoping.
  • You already run ISO/IEC 42001, NIST AI RMF, or an EU AI Act programme → treat Saudi AI Risk Management as the national methodology layer. Much of its control substance reuses controls you may already operate; what is new is the framework's own scales, matrix, pillars, and taxonomy discipline.
  • You need a defensible per-risk method → the framework works risk by risk: every entry in the register gets its own likelihood, impact, level, strategy, and residual reassessment, and periodic reviews also revisit the system's overall classification. See Risk identification and assessment.
  • You have no structured AI governance yet → the framework is designed to be a first methodology, applied in proportion to your size and maturity. The operationalizing playbook is the fastest route in.

TL;DR

  • SDAIA-P145 (April 2026, version 1.0) is an advisory national framework for AI risk management in Saudi government and private-sector entities. It creates no new obligations; the regulations its pillars point to remain binding on their own terms.
  • Structure: four reference pillars (general principles and AI ethics, AI regulations, data regulations, sector regulations) plus a five-stage cycle — context and scope, risk identification, risk assessment, risk treatment, and monitoring and review.
  • Assessment method: per-risk likelihood (4 levels) × impact (4 levels) on a 4×4 matrix, producing a risk level of 1–16 in four bands: low (1–2), medium (3–6), high (8–12), catastrophic (16).
  • Modulos models it as two templates: OFF-23 (org, 8 requirements, ORF-448ORF-455) and MFF-23 (app, 17 requirements, MRF-414MRF-430, one per named framework activity) — 25 requirements in total, with 20 new controls and broad reuse of the shared control estate.
  • The Arabic text is authoritative; SDAIA has published an official English executive summary only. Modulos requirements quote the Arabic verbatim with unofficial English translations.

Primary source

SDAIA, الإطار الوطني لإدارة مخاطر الذكاء الاصطناعي (National Artificial Intelligence Risk Management Framework), SDAIA-P145, version 1.0, April 2026, Saudi Data and Artificial Intelligence Authority. English executive summary: SDAIA-P145EN. Published via sdaia.gov.sa. Always verify claims against the current published edition; the Arabic text is authoritative.

Key facts
Publisher
SDAIA (Saudi Data and Artificial Intelligence Authority)
Published
April 2026 (SDAIA-P145, version 1.0)
Type
Advisory national framework (guidance)
Scope
Government and private-sector entities in Saudi Arabia using AI
Structure
4 reference pillars + 5-stage risk cycle with a 4×4 matrix
Modulos templates
OFF-23 (org) + MFF-23 (app)

What is the National AI Risk Management Framework?

SDAIA issues the framework in its capacity as the national reference for all matters related to data and AI, under Council of Ministers Resolution No. 292 (dated 27/4/1441H). The stated aim is a unified national methodology: entities across sectors should identify, assess, treat, and monitor AI risks with the same stages, the same scales, and comparable registers, in support of Saudi Vision 2030 and the National Strategy for Data and AI.

The framework is deliberately practical. It does not set detailed technical standards for model performance; it gives entities guiding lines, methodologies, and tools to build their own internal policies and procedures. It concentrates on AI systems with high impact on individuals, assets, and operations — naming predictive models, natural language processing, image and video analysis, intelligent automation, and general-purpose models — and it grants flexibility to apply the method in proportion to the entity's sector, size, usage patterns, and digital maturity.

Three audiences are addressed directly: system developers (integrate risk considerations into design, training, and testing), system operators (run, monitor, and respond to incidents), and policymakers (assess regulatory readiness and develop graduated, risk-based rules).

The framework is candid about why AI risk management differs from classic software risk: systems depend on data that may not represent the real context of use, performance changes over time, behavior is harder to predict and test, and results are harder to reproduce. It also names the practical challenges — third-party dependencies, limited reliable metrics, risks that shift across the lifecycle, and the gap between test environments and live operation.

How the framework is structured

Two layers make up the framework's own architecture, and the Modulos template pair follows them.

The four reference pillars are the governing reference for designing, developing, and operating AI systems:

PillarWhat it holds
General principlesThe general principles and Islamic values the framework names (justice, transparency, preservation of rights, safeguarding human dignity, not harming others) and their practical embodiment: the seven AI ethics principles
AI regulationsThe policies, legislation, and regulatory frameworks governing AI development and operation
Data regulationsThe controls and requirements governing data collection, processing, storage, and use within AI systems
Sector regulationsSector-specific requirements, policies, and guidance (health, finance, and education are the framework's examples)

The five-stage risk cycle runs per AI system:

  1. Context and scope — describe the system and its use boundaries, its data and input/output points, its automation level and the human role in decisions, and its lifecycle stage and change plan.
  2. Risk identification — build a comprehensive risk inventory against a unified taxonomy, then characterize each risk by source, intent, and timing.
  3. Risk assessment — estimate likelihood and impact on the framework's four-level scales and compute the risk level through the 4×4 matrix.
  4. Risk treatment — select a strategy per risk (avoidance, mitigation, transfer, or acceptance), design and implement controls, reassess residual risk, and take the acceptance or escalation decision.
  5. Monitoring and review — monitor performance continuously, run periodic reviews that update the risk register, and manage incidents with root-cause analysis.

How the framework is structured in Modulos

Modulos splits the framework into organization-level foundations (OFF-23) and per-system execution (MFF-23).

TemplateProject typeHoldsRequirements
OFF-23 — Saudi AI Risk Management (org)OrganisationInternal AI risk policies and procedures, alignment with each of the four reference pillars, risk governance with decision rights and an approved risk tolerance, documentation standards, and awareness and capability building8 (ORF-448ORF-455)
MFF-23 — Saudi AI Risk Management (app)AI applicationPer-system execution of the risk cycle, one requirement per named framework activity: pillar alignment, the four context activities, the two identification activities, the three assessment activities, the four treatment activities, and the three monitoring activities17 (MRF-414MRF-430)

The 25 requirements group into four coverage domains, each with its own topic page.

1. Reference pillars and context scoping

The pillars as the organization's registers and commitments (ORF-449ORF-452), their per-system application (MRF-414), and the four context-and-scope activities: system description and use boundaries (MRF-415), data and input/output points (MRF-416), automation level and the human role (MRF-417), and lifecycle stage and change plan (MRF-418).

→ Deep dive: Reference pillars and context scoping.

2. Risk identification and assessment

The comprehensive risk inventory with the seven-category taxonomy (MRF-419), causal characterization by source, intent, and timing (MRF-420), and the three assessment activities: likelihood estimation (MRF-421), impact estimation with the reserved catastrophic level (MRF-422), and risk-level determination through the 4×4 matrix (MRF-423).

→ Deep dive: Risk identification and assessment.

3. Risk treatment, monitoring, and incidents

Treatment strategy selection across the four options (MRF-424), control design and implementation (MRF-425), residual-risk reassessment (MRF-426), the acceptance or escalation decision (MRF-427), continuous performance monitoring (MRF-428), periodic reviews and risk register updates (MRF-429), and incident monitoring and response (MRF-430).

→ Deep dive: Risk treatment, monitoring, and incidents.

4. Governance, documentation standards, and capability

The organization-level machinery the per-system cycle consumes: internal AI risk policies and procedures (ORF-448), risk governance, decision rights, and the approved risk tolerance (ORF-453), organization-wide risk documentation standards (ORF-454), and awareness and capability development (ORF-455).

→ Deep dive: Governance, documentation standards, and capability.

How Saudi AI Risk Management compares to other frameworks

Cross-framework mapping (preview)

At a high level, the framework sits alongside the programmes entities in the region commonly run:

  • NIST AI RMF — closest in intent: both are voluntary, methodology-first risk frameworks. The SDAIA framework is more prescriptive about the assessment mechanics (fixed four-level scales, the 4×4 matrix and its bands) and adds the national reference pillars, including the general principles and AI ethics pillar. See NIST AI RMF.
  • ISO/IEC 42001 — a certifiable AI management system. The SDAIA framework's organization-level foundations (policy, governance, tolerance, competence) correspond to management-system clauses, and Modulos realises much of that overlap through shared controls. See ISO 42001.
  • EU AI Act — a binding product-safety regulation with a fixed statutory risk tiering. The SDAIA framework is advisory; its matrix scores individual register entries, and the system-level classification it contemplates is entity-defined rather than a fixed statutory tiering.
  • UAE AI Ethics — the neighbouring principle-based guidance. The SDAIA framework embeds its principles layer as one pillar of a full risk methodology rather than standing alone. See UAE AI Ethics.

In Modulos this reuse is realised at the control layer: controls behind OFF-23 / MFF-23 are shared with other framework templates, so evidence recorded once can serve multiple frameworks. This preview does not assert clause-by-clause equivalence to any instrument.

For a side-by-side view of the major frameworks, see the AI governance frameworks comparison.

How Modulos operationalizes Saudi AI Risk Management

The two templates are designed to run together: OFF-23 sets the organization-wide policy, pillar registers, tolerance, and standards once, and each MFF-23 project produces the per-system risk register and cycle evidence that shows the methodology is actually applied to a given AI system.

  • OFF-23 — Saudi AI Risk Management (org) — one organisation project. 8 requirements (ORF-448ORF-455), mapped to 23 controls: 4 new (OCF-359OCF-362) and 19 reused from the shared estate.
  • MFF-23 — Saudi AI Risk Management (app) — one AI-application project per in-scope AI system. 17 requirements (MRF-414MRF-430), mapped to 38 controls: 16 new (MCF-644MCF-659) and 22 reused.

Each requirement is evidenced through a readiness signal plus owner-attested fulfilment — not through reviews, which are reserved for control status changes. The framework's own scales, bands, pillars, and taxonomy stay anchored in the requirement texts; the reused shared controls carry no Saudi-specific wording.

→ Full rollout: Operationalizing Saudi AI Risk Management in Modulos — project structure, the requirement-to-activity mapping table, the control split, the rollout sequence, and the evidence model.

Getting started

Frequently asked questions about Saudi AI Risk Management

What is the SDAIA National AI Risk Management Framework?

It is an advisory national framework published by the Saudi Data and Artificial Intelligence Authority (SDAIA) in April 2026 (document SDAIA-P145, version 1.0). It gives government and private-sector entities in Saudi Arabia a practical methodology for identifying, assessing, treating, and monitoring the risks of AI systems. The framework rests on four reference pillars (general principles and AI ethics, AI regulations, data regulations, and sector regulations) and a five-stage risk management cycle: context and scope, risk identification, risk assessment, risk treatment, and monitoring and review. SDAIA issues it in its capacity as the national reference for data and AI under Council of Ministers Resolution No. 292 (1441H), in support of Saudi Vision 2030 and the National Strategy for Data and AI.

Is the framework mandatory?

No. The framework is explicitly advisory: it creates no new obligations and positions itself as guiding lines, methodologies, and tools that help entities build their own internal AI risk policies and procedures. In the Modulos catalogue the templates carry the Guidance label, which reflects the instrument type. The regulatory instruments the framework points to through its pillars (AI regulations, data regulations, and sector regulations, such as the Personal Data Protection Law) remain binding on their own terms.

Who is the framework for?

All government and private-sector entities in Saudi Arabia, across sectors and stages of digital maturity, with flexibility to apply it in proportion to the entity's sector, size, usage patterns, and maturity. It concentrates on AI systems with high impact on individuals, assets, and operations, naming predictive models, natural language processing, image and video analysis, intelligent automation, and general-purpose models. The framework addresses three audiences: system developers, system operators, and policymakers.

How does the risk assessment work?

Each identified risk receives a likelihood estimate on four levels (rare 1, unlikely 2, likely 3, almost certain 4) and an impact estimate on four levels (low 1, medium 2, high 3, catastrophic 4). The risk level is the product of the two, on a range of 1 to 16, banded as low (1–2), medium (3–6), high (8–12), and catastrophic (16). The catastrophic impact level is reserved for extreme cases; the framework lists the characteristics under which it typically appears, including direct harm to public security or human safety and wide-scale leakage of highly sensitive data.

How does Modulos model the framework?

As two paired templates. OFF-23 (org) holds the organization-level foundations as 8 requirements, ORF-448 through ORF-455: internal policies, the four pillar alignments, risk governance and tolerance, documentation standards, and capability building. MFF-23 (app) holds the per-system execution of the risk cycle as 17 requirements, MRF-414 through MRF-430, one per named framework activity. The pair adds 20 new controls (MCF-644 to MCF-659 on the app side, OCF-359 to OCF-362 on the org side) and reuses controls already shared with the platform's ISO 42001, NIST AI RMF, and other estates.

Can we use our own risk taxonomy instead of the framework's seven categories?

Yes, with a documented crosswalk. The framework introduces its seven-category classification for the risk inventory (bias, discrimination, and abuse; privacy and security; misinformation; malicious use; human-machine interaction; social, economic, and environmental impacts; safety and limitations) as a suggestion, and its completeness aim — no type of risk overlooked — is not optional. The framework itself does not define how an alternative taxonomy is accepted; in the Modulos templates, an entity relying on an equivalent taxonomy shows that its categories cover the seven categories' full scope: semantic coverage, not just label matching.

Is the framework available in English?

SDAIA has published an official English executive summary (SDAIA-P145EN); the full framework text is Arabic and the Arabic text is authoritative. The Modulos requirements quote the authoritative Arabic verbatim, each passage followed by an unofficial English translation, so teams can work in English while auditing against the official source.

Source attribution

This page summarises the National Artificial Intelligence Risk Management Framework (SDAIA-P145, version 1.0), published April 2026 by the Saudi Data and Artificial Intelligence Authority (sdaia.gov.sa). The Arabic text is authoritative; SDAIA has published an official English executive summary (SDAIA-P145EN), and English renderings of framework passages here and in the Modulos templates are unofficial translations. Requirement and control codes (OFF-23, MFF-23, ORF-, MRF-, OCF-, MCF-) are Modulos template identifiers, not SDAIA references.

Disclaimer

This page is for general informational purposes and does not constitute legal advice. The framework is an advisory national methodology and creates no new obligations; the Guidance label on the Modulos templates reflects the instrument type. The laws and regulations the framework's pillars point to remain binding on their own terms. Always verify against the current published edition and consult qualified advisers.