An open standard for quantifying AI security risk in entities subject to insurance underwriting. Five weighted scoring domains. Twenty-five discrete risk factors. Five rating tiers that map directly to underwriting decisions.
The AI Insurance Readiness Score (AIRS) is an open standard specification for quantifying artificial intelligence security risk in entities subject to insurance underwriting. AIRS defines five weighted scoring domains encompassing twenty-five discrete risk factors, a composite scoring methodology producing scores on a 0–100 scale, and five rating tiers that map directly to underwriting decisions. This specification provides the complete methodology, scoring rubrics, rating tier definitions, assessment process requirements, and conformance criteria necessary for institutional adoption by carriers, reinsurers, regulators, and enterprise risk teams.
Published by the AIRS Standards Body · April 2026 (v1.0) · Revised May 2026 (v1.1) · Editorial stewardship and methodology administered by AI Security Intelligence LLC
AIRS evaluates five thematic areas of AI security risk, each composed of five discrete factors. Domain weights reflect the relative contribution of each area to overall AI insurability.
Training data provenance, adversarial robustness testing, model versioning & rollback, poisoning detection, drift monitoring.
Human-in-the-loop oversight, hallucination controls, bias & fairness testing, output auditability, content provenance.
Model card & vendor documentation, third-party AI risk, API key governance, foundation-model dependency mapping, sub-processor controls.
NIST AI RMF alignment, ISO/IEC 42001 conformance, EU AI Act readiness, state AI law monitoring, GDPR/CCPA AI-specific controls.
AI incident response plan, recovery time objectives, AI-specific tabletop exercises, inter-system failure modes, business continuity for AI-dependent workflows.
Domain averages (1.0–5.0 scale) are weighted, summed, and multiplied by 20 to produce the composite AIRS score used for tier classification.
AIRS composite scores map to five rating tiers, each with a specific underwriting implication. The tier structure is designed to align with the decision architecture of institutional carriers and reinsurers.
| Score Range | Tier | Classification | Underwriting Signal |
|---|---|---|---|
| 80.00–100.00 | Tier 1 | AI Insurance Ready | Broadest coverage; standard institutional terms |
| 65.00–79.99 | Tier 2 | Conditionally Insurable | Coverage with conditions, exclusions, or sub-limits |
| 50.00–64.99 | Tier 3 | Elevated Risk | Limited coverage; mandatory remediation plan |
| 30.00–49.99 | Tier 4 | Remediation-Track | Coverage deferred pending structured remediation |
| 0.00–29.99 | Tier 5 | Uninsurable | Coverage denied; foundational governance required |
Domain floors apply: T1 requires every domain at ≥ 3.5, T2 at ≥ 2.5, T3 at ≥ 1.5. A subject entity cannot reach a tier whose domain floor is unmet on any single domain, regardless of composite. Boundary scores resolve to the higher tier. See Section 7 of the specification for the complete formula.
The specification is free to read, cite, and build upon. These paths help carriers, enterprises, and regulators apply AIRS to their own operations.
Evaluate your organization against all 25 AIRS factors using our free self-assessment calculator. Receive your composite score, tier classification, and prioritized remediation guidance.
Begin the Self-AssessmentThe specification is published in full and free to read, cite, and implement — including alignment with NIST AI RMF and ISO/IEC 42001. For citation, syndication, conformance questions, or institutional inquiries, the Standards Body receives correspondence directly.
standards@aisecurityintelligence.comGet notified when the AIRS standard is updated, revised, or extended — including version releases, errata, and companion guidance documents.
No marketing. Updates to the standard only. Unsubscribe anytime.
AIRS v1.1 is published as an open standard. Organizations may freely reference, implement, and build upon the methodology for internal risk assessment, underwriting, regulatory compliance, and academic research.
© 2026 AI Security Intelligence LLC. All rights reserved. This specification is published as an open standard. Organizations may freely reference, implement, and build upon the AIRS methodology for internal risk assessment, underwriting, regulatory compliance, and academic research, provided that attribution is given to AI Security Intelligence LLC and the standard version is cited. Reproduction or redistribution of this document in its entirety requires prior written permission from AI Security Intelligence LLC.
Attribution requirement: Any organization publishing AIRS scores, referencing AIRS tiers in policy language, or citing AIRS methodology in regulatory filings shall include the following attribution: "Scored using the AI Insurance Readiness Score (AIRS) v1.1 methodology, published by the AIRS Standards Body. Editorial stewardship and methodology administered by AI Security Intelligence LLC."
Comments, errata, and implementation inquiries: standards@aisecurityintelligence.com
70 pages. Full methodology, scoring rubrics, rating tiers, assessment process, and regulatory crosswalk. Free. No form. No email required.