AI Transparency & Data Use Statement

Last Updated: December 2025

SmartRisk Sheets integrates optional AI features that help risk owners perform deeper analysis and communicate risk more effectively. This statement clarifies what AI does, what data is used, and where professional judgment is required.

What AI Does

SmartRisk Sheets uses OpenAI to:

✅ Generate analytical insights for each risk.
✅ Convert raw assessment values into meaningful executive context.
✅ Suggest actions aligned with severity and control strength

AI enhances expert reasoning — it does not replace governance responsibility. AI outputs may reflect incomplete or context-dependent information.

What Data is Sent to AI

Only the fields required to generate a concise insight are sent. AI features are activated by user action and operate only within the context of the customer’s spreadsheet:

• Risk Category
• Risk Description
• Primary Impact
• Treatment Strategy
• Control Effectiveness
• Residual Risk
• Mitigation Plan Summary
• Notes

Some metadata such as risk ID may be included for clarity. We do not include documents, names, financial data, or sensitive regulated content unless users manually enter it in text fields.

How Data is Protected During AI Calls

• The AI Key is housed in a standalone WebApp and is called from the customer's sheet.
• SmartRisk Sheets has no access to user API keys or insights returned. There are no additional script properties except those added by the account owner.
• Requests are encrypted in transit via HTTPS and not stored by SmartRisk Sheets.

OpenAI may store logs temporarily for safety unless users switch to zero-data-retention enterprise plans.

AI Limitations (Transparency Requirement)

AI insights may:

⚠️ Rely on incomplete or outdated context.
⚠️ Provide overly general reasoningt.
⚠️ Miss organization-specific controls and strategies.

The user is responsible for:

• Reviewing insights before approving actions.
• Ensuring compliance with regulatory requirements.
• Confirming accuracy of input data.

AI suggestions are non-binding recommendations.

Regulatory & Ethical Alignment

This solution aligns to key trust principles from:

✅ ISO 31000 (Risk)
✅ COSO ERM

Focus areas:
✔ Transparency
✔ Human oversight
✔ Safety and robustness
✔ Explainability (in plain business language)

User Control

Users can:

✅ Disable AI entirely.
✅ Regenerate insights anytime.
✅ Remove generated text.
✅ Rotate or delete API keys.
✅ Replace AI-assisted fields with manual commentary.

User autonomy remains paramount.

Final Commitment

SmartRisk Sheets commits to:

✔ Keeping users in charge of decisions.
✔ Maintaining transparency in data use.
✔ Reducing operational workload safely.
✔ Delivering responsible and reliable AI assistance.

For compliance support, contact: 📩 info@smartrisksheets.com

Get Templates

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by