Monago logo
ID
documentation

Guides

Risk

Signal scoring, per-asset snapshots, and the methodology engine for operational vigilance.

Overview

Risk is the governance component of Monago that computes per-asset and per-tenant risk scores based on signal events from inference activity and governance decisions. Each signal is processed by a methodology engine that applies per-category weights (security, compliance, operational) to produce a 0-100 risk score, then classifies the result into one of four bands.

Why risk scoring matters:

  • Quantifiable risk — an auditable measurement framework for AI risk that addresses regulators' need for a quantifiable measurement framework.
  • Executive visibility — the risk dashboard provides an executive summary without the need to traverse the audit log.
  • Trend analysis — per-asset snapshots over time enable tracking of risk posture before and after a new policy is deployed.
  • Proactive escalation — threshold breaches generate audit events that can be routed to incident response.

Audience for this page: tenant administrators monitoring risk posture, and auditors or compliance officers reviewing the signal trail.

Concepts

TermDefinition
Risk signalAn event that triggers risk score re-evaluation. Sources: policy decisions, PII detections, prompt injection scores, and abnormality signals.
Risk snapshotA per-asset score at a point in time. Includes a breakdown per category and the signal evidence trail.
MethodologyThe weight and threshold configuration governing the score computation. Editable by tenant administrators; changes are recorded in the audit log.
Score bandA 4-tier classification: low, medium, high, critical.
Signal evidenceAn array of references to specific events that contribute to the snapshot.
RecomputeA manual trigger to re-evaluate every snapshot.

Setup

Prerequisites

  • The admin role for methodology configuration.
  • An active tenant with a minimum signal feed. New tenants produce empty snapshots until signals accumulate.
  • Familiarity with the organisation's risk appetite so thresholds and weights align with context.

Configure the methodology

A default methodology ships with a commonly used baseline; administrators can tune the configuration.

Open Risk

Select Risk from the sidebar.

Methodology tab

The form for per-category weights and per-band thresholds.

Per-category weights

Set weights for security, compliance, operational, and policy_violation. The four weights must sum to 1.0.

Per-band thresholds

Set low_max, medium_max, and high_max in ascending order on the 0-100 scale.

Save

Click Save methodology.

Validation: the four category weights sum to 1.0; the three band thresholds are strictly ascending (low_max < medium_max < high_max). The UI input fields show inline validation.

Trigger recompute (optional)

After a methodology update, existing snapshots reflect the new weights only after a new signal arrives, or when an administrator triggers a manual recompute.

Snapshot tab

Click Recompute all (administrator only).

Backend re-evaluates

Every per-asset snapshot is recomputed using the new methodology.

Usage

Dashboard

The Dashboard tab provides the executive view:

  • Overall risk score for the tenant.
  • Score band distribution — count of assets per band.
  • Recent threshold breaches — events where an asset's score crossed a band threshold.
  • Top signal sources — the most dominant signal categories for the recent period.

The page refreshes data periodically.

Snapshot table

The Snapshot tab lists per-asset snapshots:

  • Asset name, risk score, and band badge (colour-coded).
  • Last computed timestamp.
  • Trend indicator (up, down, stable).
  • Click a row to open the detail dialog with the per-category breakdown and the signal evidence list.

Signal events

The Signals tab lists raw signal events:

  • Source.
  • Severity.
  • Dimension.
  • Timestamp and the linked asset.
  • Click to open the detail dialog with the event metadata.

Useful for forensic work — auditors can trace a specific score back to individual events.

Methodology audit trail

The Methodology tab provides a history section that shows previous configurations (read-only). Every edit is recorded with the editing user, timestamp, and the diff of weights. Supports demonstration of due diligence to auditors.

Compliance mapping

Per-clause mapping detail and the evidence package are delivered in a separate procurement document — contact support@monago.io.

Troubleshooting

Empty dashboard / empty state

A new tenant has no signal feed yet. To generate signals:

  • Send inference requests that violate a policy (intentional test).
  • Enable PII detection with a redact policy.
  • Allow the evaluator to process the incoming signals.

Alternative: trigger a manual recompute to bootstrap snapshots from existing data.

An asset score is stuck in one band

Check the Signals tab — is one signal dimension dominant? An unbalanced methodology (for example, the compliance weight set too high) can shift scores consistently in one direction. Resolution: review and adjust the weights.

"Weight sum is not 1.0"

The four category weights must sum to 1.0. The UI input fields show inline validation during editing.

Recompute timeout

On tenants with a very large asset count, recompute can time out. Contact support for asynchronous recompute support at production scale.

Snapshot has not updated after a new signal

The snapshot evaluator runs at a fixed interval. Wait briefly and refresh the page, or trigger a manual recompute for an immediate update.

FAQ

Can the risk score be customised per asset?

Not in the pilot. The methodology is tenant-scoped and applies to every asset in the tenant. Per-asset override for critical assets is on the development roadmap.

Can scores be exported for reporting?

CSV or PDF export for a snapshot range is on the development roadmap. In the meantime, use the snapshot API endpoint to pull raw data and process it on external tooling.

What's the difference between risk score and compliance posture?

  • Risk score is quantitative (0-100), per-asset, signal-driven, and near-real-time.
  • Compliance posture is qualitative (Ready, Gap, Pending), per-framework clause, evidence-driven, and a daily aggregate.

The two are complementary — risk score for operational vigilance, compliance posture for audit readiness.

How do I pick the right thresholds?

The default baseline suits most use cases. Tune to the organisation's risk appetite — risk-averse organisations use stricter thresholds; risk-tolerant organisations use looser ones. The internal risk-appetite statement is the primary anchor.

Is a methodology change retroactive?

Not automatically. Existing snapshots keep the methodology that was in effect when they were created (immutable for audit). New snapshots use the current methodology. To apply the new methodology to historical snapshots: trigger a manual recompute.

Can workspace_admin manage the methodology?

No — the methodology is a tenant-level configuration (admin only). workspace_admin can view the risk dashboard for the workspace they manage.

Are signals from different workspaces isolated?

Snapshots are scoped per asset; assets are scoped per workspace. The tenant-wide dashboard can be filtered per workspace to obtain an isolated view. The methodology remains shared at the tenant level.

Related

  • Policies — policy decisions feed risk signals.
  • Compliance — the risk score informs the compliance posture.
  • Workspaces — workspace scope for per-workspace dashboard view.