Every Alpha Governance Rating scores a company across 10 dimensions. Each dimension is scored 0-100 based on specific evidence requirements. The weights vary by rating profile.
Dimension weights by profile
| # | Dimension | Developer | Deployer | Hybrid |
|---|
| 1 | Leadership and Accountability | 10% | 12% | 11% |
| 2 | AI Safety and Robustness | 15% | 8% | 12% |
| 3 | Transparency and Disclosure | 10% | 10% | 10% |
| 4 | Data Ethics and Privacy | 12% | 8% | 10% |
| 5 | Governance Infrastructure | 10% | 14% | 12% |
| 6 | Fairness and Bias Mitigation | 6% | 10% | 8% |
| 7 | Societal, Workforce and Environmental Impact | 6% | 10% | 8% |
| 8 | Regulatory and Compliance Posture | 10% | 10% | 10% |
| 9 | Cybersecurity and AI Resilience | 13% | 8% | 10% |
| 10 | Third-Party and Supply Chain Governance | 8% | 10% | 9% |
“The Alpha 8” refers to the original 8 core governance dimensions (v1). Dimensions 9 (Cybersecurity) and 10 (Third-Party/Supply Chain) were added in v2 to address emerging governance requirements.
Dimension summaries
D1: Leadership and Accountability
Board-level ownership of AI governance. Measures whether AI oversight has a named owner at the board and executive level, whether accountability is codified in charters or mandates, and whether the board receives regular AI governance reporting.
D2: AI Safety and Robustness
Technical and procedural safeguards for AI systems. Covers model testing, red-teaming, safety incident response, alignment practices, and deployment safeguards. Weighted heavily for Developer profiles.
D3: Transparency and Disclosure
Quality and completeness of AI governance disclosure. Measures public reporting on AI use, governance structures, risk assessments, and incident history. Assessed against peers and regulatory expectations.
D4: Data Ethics and Privacy
Governance of data used in AI systems. Covers consent frameworks, data minimization, privacy-by-design, data supply chain governance, and compliance with applicable data protection regulations.
D5: Governance Infrastructure
The structural foundation of AI governance. Measures policy frameworks, committee structures, escalation paths, audit mechanisms, and the integration of AI governance into enterprise risk management.
D6: Fairness and Bias Mitigation
Processes for identifying, measuring, and mitigating bias in AI systems. Covers testing protocols, demographic impact analysis, remediation procedures, and ongoing monitoring.
D7: Societal, Workforce and Environmental Impact
Governance of AI’s broader impacts. Measures workforce transition planning, environmental footprint of AI operations, community impact assessment, and alignment with responsible AI principles.
D8: Regulatory and Compliance Posture
Preparedness for current and emerging AI regulation. Covers compliance with applicable frameworks (EU AI Act, NIST AI RMF, ISO 42001), regulatory engagement, and proactive compliance investment.
D9: Cybersecurity and AI Resilience
Security posture specific to AI systems. Covers model security, adversarial robustness, supply chain security for AI components, and incident response capabilities for AI-specific threats.
D10: Third-Party and Supply Chain Governance
Governance of AI vendors, partners, and supply chain. Measures vendor assessment processes, contractual governance requirements, ongoing monitoring, and accountability for third-party AI systems. 
