Risk Taxonomies and Governance Frameworks for Generative AI

Coutinho, Manuel AzevedoAshofteh, AfshinAl Helaly, Yasser2026-01-142026-01-142026-01-02978-3-032-10720-6978-3-032-10721-32367-3370PURE: 148962200PURE UUID: 4d4cbf08-bb05-48d6-8c3d-e5a268785f57crossref: 10.1007/978-3-032-10721-3_1Scopus: 105027159829ORCID: /0000-0001-5183-7554/work/201633833http://hdl.handle.net/10362/199176Coutinho, M.A., Ashofteh, A., & Al Helaly, Y. (2026). Risk Taxonomies and Governance Frameworks for Generative AI: A Review of Ethical, Cybersecurity, and Regulatory Challenges. In Á. Rocha, F. García Peñalvo, C. J. Costa, & R. Gonçalves (Eds.), Proceedings of 20th Iberian Conference on Information Systems and Technologies (CISTI 2025) (Vol. 2, pp. 3-15). (Lecture Notes in Networks and Systems; Vol. 1717). Springer. https://doi.org/10.1007/978-3-032-10721-3_1 --- This research was supported by Portuguese national science funds made available through the FCT under project UIDB/04152/2020-Centro de Investigação em Gestão de Informação (MagIC).This study investigates the transformative evolution of generative artificial intelligence (GenAI), emphasizing its significant impact across critical sectors such as healthcare, education, government, and business. GenAI shifts from a research curiosity to an essential tool, and it offers remarkable opportunities for enhancing human creativity and productivity while posing serious challenges in ethical, social, and cybersecurity dimensions. The study analyzes the complex risk landscape linked to the deployment of GenAI, underscoring the pressing need for cohesive, integrated risk management frameworks that can effectively negotiate innovation with responsible development. An in-depth examination of existing regulatory and governance initiatives, including the European Union Artificial Intelligence Act (EU AI Act), highlights the necessity for harmonized risk taxonomies and actionable management strategies. Through a systematic literature review methodology, this research identifies 79 key articles from an initial pool of 1818, further augmented by additional relevant literature obtained through backward citation techniques. This comprehensive analysis aims to illuminate critical research gaps, offering essential insights needed to mitigate risks while fully leveraging the potential of GenAI.131032560engGenerative AIArtificial IntelligenceLarge Language ModelsNatural Language ProcessingEthicsTransparencyCybersecurityPrivacyRisk ManagementControl and Systems EngineeringSignal ProcessingComputer Networks and CommunicationsSDG 3 - Good Health and Well-beingRisk Taxonomies and Governance Frameworks for Generative AIconference object10.1007/978-3-032-10721-3_1A Review of Ethical, Cybersecurity, and Regulatory Challengeshttps://www.scopus.com/pages/publications/105027159829