.html Interactive Tool ✓ Professional Edition Updated Q2 2026

AI Risk Register Tool

A complete interactive risk register that runs in your browser. Six-tab application with real-time risk scoring, automated severity bands, KRI/KPI dashboard, residual risk acceptance workflow, and PDF governance reports. Zero install, zero subscription, zero telemetry. Your data stays in your browser. Never sent anywhere.

Tabs

PDF Reports

Frameworks

Install Required

NIST AI RMF 1.0 EU AI Act 2024 ISO 42001:2023

What This Capability Typically Costs

GRC platforms bundle risk, compliance, audit, and vendor management under annual subscriptions that often require professional services, onboarding, and team training before your organization sees full value. This tool is a fit-for-purpose program enhancement. It covers one specific workflow, works immediately in your browser, and doesn’t require committing to a technology platform just to access the capability you need.

GRC Platform Pricing

Entry-level (Sprinto, Vanta)$5,000 – $15,000/yr

Mid-market (Hyperproof, ZenGRC)$12,000 – $72,000/yr

Enterprise (LogicGate, Archer)$25,000 – $150,000+/yr

Recurring$5,000+/yr

This tool

One-time purchase$150.00

RenewalNone. Yours forever

Scoring engine + PDFIncluded

Framework mappingIncluded

One-time$150.00

$4,850+ first-year savings

vs. $5,000+/yr entry-level GRC platform. Own it forever

Platform pricing based on published 2026 rates from Sprinto, Vanta, Hyperproof, ZenGRC, and LogicGate

$150.00

One-time purchase · Instant download

✓Single .html file. Runs in any browser, no install, no subscription
✓6 tabs: Dashboard, Risk Register, Residual Acceptance, Categories Reference, Export, Purpose & Context
✓Real-time risk scoring with 5×5 matrix, automated severity bands, KRI/KPI tracking
✓4 PDF report types: Full Register, Executive Summary, Risk-by-Category, Residual Acceptance
✓Auto-saves to browser localStorage. Your data never leaves your machine
✓Export to JSON, CSV, or PDF. Import from JSON. Direct export to AI Risk Treatment Tracker.

.html Zero Install NIST AI RMF EU AI Act ISO 42001 ✦ v1.0

How It Works

Download. Open. Use.

Download

Single .html file arrives instantly after purchase

Open in Browser

Double-click the file or drag into Chrome, Edge, Firefox

Add Your Risks

Use the score matrix, pick treatment options, assign owners

Export Reports

Generate PDF, export JSON/CSV, or send directly to Treatment Tracker

No server, no login, no subscription. Your data auto-saves to your browser. Export anytime as JSON backup, CSV for spreadsheets, or branded PDF governance reports for audit evidence.

Screenshots

See it in action

1 / 9

Click image to zoom · 9 screenshots shown

Overview

What this tool does

Every organization deploying AI needs a central register tracking identified risks, their severity, ownership, and treatment status. Most teams use spreadsheets that lack automated scoring, real-time dashboards, or governance-grade PDF output. SaaS GRC platforms solve this but cost $15K–$100K/year and send your risk data to third-party servers.

This tool gives you the interactivity of a SaaS platform in a single file you own outright. Automated risk scoring with a 5×5 likelihood-impact matrix. Real-time KRI/KPI dashboard tracking open risks by severity, treatment option distribution, overdue items, and category coverage. A formal residual risk acceptance workflow with authority tracking. And four types of branded PDF governance reports ready for auditors.

Data flows directly into the companion AI Risk Treatment Tracker via one-click JSON export. No copy-pasting between tools.

What’s Inside

6 Tabs · Interactive Application

Real-time risk portfolio overview. KRI/KPI cards (total open, critical/high count, overdue treatments, average score), risk distribution by category and severity band, treatment option breakdown, and a clickable risk band chart that filters directly to the register view.

Live MetricsAuto-Refresh

Full CRUD interface for AI risks. Add, edit, view detail, archive, or delete. Each risk captures: ID, title, category, AI system, likelihood, impact, inherent score (auto-calculated), treatment option (7 ISO 31000 options), owner, status, residual scores, review date, controls, and notes. Sortable, filterable, with status transition validation.

ISO 42001 A.5.3NIST MAP 1.1

Formal acceptance workflow for risks where “Retain/Accept” is the treatment decision. Captures acceptance rationale, accepted-by authority, expiry date, and conditions. Links back to the risk appetite statement for threshold validation. Separate view so auditors can verify acceptance governance without scrolling the full register.

ISO 42001 Cl. 6.1.3NIST MANAGE 2.1

Pre-built risk category taxonomy covering 8 AI risk domains: Bias & Fairness, Privacy, Security, Transparency, Safety, Reliability, Regulatory, and Third-Party. Each category includes description, typical sources, and framework mapping. Used as the dropdown source when adding risks.

NIST MAP 1.1EU AI Act Art. 9

Full data management: JSON export/import (with backup-before-import safety), CSV export for spreadsheets, 4 branded PDF report types via jsPDF, auto-export to folder (File System Access API), storage size indicator, and direct “Export to Treatment Tracker” button for one-click cross-tool data flow.

JSONCSVPDF

First-open onboarding with guided tour wizard (skippable). Explains the tool purpose, regulatory context (ISO 42001, EU AI Act, NIST AI RMF), and step-by-step quickstart. Includes framework citations with source references.

OnboardingFramework Context

Audience

Who uses this tool

📈

Chief Risk Officer

Uses the Dashboard for portfolio-level risk visibility. Exports the Executive Summary PDF for board reporting. Monitors KRI thresholds and overdue treatment counts.

📋

AI Risk Manager

Primary operator. Adds risks, assigns owners, tracks treatment progress, manages the residual acceptance workflow, and exports to the Treatment Tracker when ready.

🔧

AI System Owner

Documents risks specific to their AI systems. Uses the score matrix to calculate inherent risk. Updates residual scores as controls are implemented.

🔍

Internal Auditor

Uses PDF reports as primary audit evidence. Verifies risk scoring methodology, acceptance authority compliance, and treatment plan completeness through the export system.

Framework Alignment

Standards coverage

NIST

NIST AI RMF 1.0

Risk identification and categorization aligned to MAP function. Dashboard supports MEASURE requirements. Treatment options map to MANAGE function.

MAP 1.1MEASURE 2.1MANAGE 4.1

EU AI Act 2024

Risk categories include EU AI Act classification tiers. Register tracks Art. 9 risk management system requirements for high-risk AI systems.

Art. 6Art. 9Annex III

42001

ISO/IEC 42001:2023

Fulfills A.5.3 risk assessment documentation and A.5.4 risk treatment tracking. Acceptance workflow supports Cl. 6.1.3. PDF reports satisfy Cl. 7.5 documented information.

A.5.3A.5.4Cl. 6.1.3Cl. 7.5

Value Proposition

Why not a spreadsheet or SaaS platform?

✓ This Tool

✓Interactive scoring with real-time dashboard. No manual formula maintenance.

✓Branded PDF reports generated instantly. Ready for auditors.

✓Data stays on your machine. No third-party servers, no telemetry.

✓One-time $150. No subscription, no per-seat fees, no annual renewal.

✓Direct export to Treatment Tracker. One-click cross-tool data flow.

✓Works offline. No internet required after download.

✗ Alternatives

✗Spreadsheets: No dashboard, no PDF reports, no scoring automation, formula drift.

✗SaaS GRC: $15K–$100K/year, long procurement, vendor lock-in, data sovereignty risk.

✗Custom web app: 90–150 hours of developer time at $50–$120/hr.

✗Free templates: Basic columns only. No scoring, no acceptance workflow, no export.

✗Multi-tool workflows: Copy-paste between register and treatment plan. Data sync errors.

✗Open-source tools: Require hosting, maintenance, security patching, and configuration.

“Why is this only $150?”

I’ve been building governance documentation since 2012. That year I helped my healthcare analytics company earn its first HITRUST certification. Since then I’ve created and managed compliance documentation for SOC 2, PCI DSS, HITRUST, and ISO 27001 programs across enterprise organizations. I have a writing degree and I genuinely like this work.

HITRUST CSF SOC 2 PCI DSS ISO 27001 14 Years in GRC Writing Degree

Credentials don’t explain the price though. This does:

I want AI adopted responsibly. I don’t want my friends, my family, or my kids dealing with threats and risks that come from deploying AI without governance. Organizations will take the path that earns them the most money. That’s how business works. So I feel obligated to put quality tools out at a price where governance isn’t something only Fortune 500 companies can afford. SaaS GRC platforms charge $15K–$100K per year. I’m charging $150 once.

You’re building something that matters. A risk management system that earns trust from your board, your customers, and your team. And it has to work.

The citations in these templates were checked against the published standards. The actual ISO 42001:2023 PDF, the EU AI Act regulation text, the NIST AI RMF 1.0 document. Control IDs, article numbers, framework mappings. This is practitioner-built tooling from someone who’s sat in the audits, written the remediation plans, and knows what survives a compliance review.

Derrick Jackson // Founder, Tech Jacks Solutions

Related Templates

Works with these

★ BUNDLE DEAL. SAVE 30%

Get the complete AI Risk Management Command Bundle

Includes this Risk Register Tool plus the Treatment Tracker Tool, 10 governance documents, and Excel workbooks. Everything you need for a complete AI risk program.

Important

This tool is a starting point, not a finished product. It provides a professionally structured interactive risk register with verified framework citations to accelerate your AI risk management program. It does not replace legal counsel, compliance review, or organizational judgment. Every organization is different. You’ll need to populate risks specific to your regulatory context, risk tolerance, and operational environment. Your data is stored locally in your browser via localStorage and is never transmitted to any server. You are responsible for backing up your data via the export function. Framework citations reflect standards as of Q2 2026. Single organization license. All purchases include a 14-day money-back guarantee.

Interactive HTML tool for AI risk identification, scoring, and governance reporting. 6 tabs, 4 PDF report types, 3 frameworks. Zero install, runs in browser.