AI Governance
Model Card Generator
from dataclasses import dataclass
from typing import List, Dict, Optional
import json
from datetime import datetime
@dataclass
class ModelCard:
model_name: str
version: str
description: str
intended_use: List[str]
training_data: Dict
evaluation_results: Dict
ethical_considerations: List[str]
limitations: List[str]
created_by: str
created_at: str = None
def __post_init__(self):
if self.created_at is None:
self.created_at = datetime.now().isoformat()
class ModelCardGenerator:
def __init__(self):
self.sections = {}
def generate_from_model(self, model_info: Dict) -> ModelCard:
return ModelCard(
model_name=model_info["name"],
version=model_info["version"],
description=model_info.get("description", ""),
intended_use=model_info.get("use_cases", []),
training_data=model_info.get("training_data", {}),
evaluation_results=model_info.get("metrics", {}),
ethical_considerations=model_info.get("ethical_notes", []),
limitations=model_info.get("limitations", []),
created_by=model_info.get("author", "Unknown")
)
def to_markdown(self, card: ModelCard) -> str:
md = f"""# Model Card: {card.model_name}
## Model Details
- **Version:** {card.version}
- **Created By:** {card.created_by}
- **Date:** {card.created_at}
## Description
{card.description}
## Intended Use
"""
for use in card.intended_use:
md += f"- {use}\n"
md += "\n## Training Data\n"
for key, value in card.training_data.items():
md += f"- **{key}:** {value}\n"
md += "\n## Evaluation Results\n"
for metric, value in card.evaluation_results.items():
md += f"- **{metric}:** {value}\n"
md += "\n## Ethical Considerations\n"
for item in card.ethical_considerations:
md += f"- {item}\n"
md += "\n## Limitations\n"
for item in card.limitations:
md += f"- {item}\n"
return md
def save_card(self, card: ModelCard, path: str):
md_content = self.to_markdown(card)
with open(path, "w") as f:
f.write(md_content)
generator = ModelCardGenerator()
card = generator.generate_from_model({
"name": "Sentiment Analyzer v2",
"version": "2.0.0",
"description": "BERT-based sentiment classifier",
"use_cases": ["Customer feedback analysis", "Social media monitoring"],
"training_data": {"size": "100K samples", "source": "Twitter API"},
"metrics": {"accuracy": "92%", "f1": "0.91"},
"ethical_notes": ["May have bias on certain demographics"],
"limitations": ["English only", "Formal text performs better"]
})
generator.save_card(card, "model_card.md")
Risk Assessment Framework
from enum import Enum
from typing import List, Dict
from dataclasses import dataclass
class RiskLevel(Enum):
LOW = "low"
MEDIUM = "medium"
HIGH = "high"
CRITICAL = "critical"
@dataclass
class RiskItem:
category: str
description: str
likelihood: str
impact: str
risk_level: RiskLevel
mitigation: str
class RiskAssessment:
def __init__(self):
self.risk_categories = [
"Bias and Fairness",
"Privacy",
"Security",
"Reliability",
"Transparency"
]
def assess_model(self, model_info: Dict) -> List[RiskItem]:
risks = []
if model_info.get("uses_personal_data"):
risks.append(RiskItem(
category="Privacy",
description="Model processes personal data",
likelihood="high",
impact="high",
risk_level=RiskLevel.HIGH,
mitigation="Implement data anonymization and encryption"
))
if model_info.get("high_stakes"):
risks.append(RiskItem(
category="Reliability",
description="High-stakes decision making",
likelihood="medium",
impact="critical",
risk_level=RiskLevel.CRITICAL,
mitigation="Require human oversight and validation"
))
if not model_info.get("bias_testing"):
risks.append(RiskItem(
category="Bias and Fairness",
description="No bias testing performed",
likelihood="high",
impact="medium",
risk_level=RiskLevel.HIGH,
mitigation="Conduct comprehensive bias audit"
))
return risks
def generate_report(self, risks: List[RiskItem]) -> str:
report = "# Risk Assessment Report\n\n"
for risk in risks:
report += f"""## {risk.category}
- **Description:** {risk.description}
- **Likelihood:** {risk.likelihood}
- **Impact:** {risk.impact}
- **Risk Level:** {risk.risk_level.value}
- **Mitigation:** {risk.mitigation}
"""
return report
assessor = RiskAssessment()
risks = assessor.assess_model({
"uses_personal_data": True,
"high_stakes": True,
"bias_testing": False
})
report = assessor.generate_report(risks)
Compliance Checker
class ComplianceChecker:
def __init__(self):
self.requirements = {
"eu_ai_act": {
"high_risk": [
"risk_assessment",
"data_governance",
"documentation",
"transparency",
"human_oversight",
"accuracy_robustness"
]
},
"gdpr": {
"data_processing": [
"lawful_basis",
"data_minimization",
"purpose_limitation",
"storage_limitation"
]
}
}
def check_compliance(self, model_info: Dict, regulation: str) -> Dict:
if regulation not in self.requirements:
return {"error": f"Unknown regulation: {regulation}"}
reqs = self.requirements[regulation]
results = {}
for category, items in reqs.items():
results[category] = {}
for item in items:
results[category][item] = model_info.get(item, False)
return results
def generate_compliance_report(self, results: Dict) -> str:
report = "# Compliance Report\n\n"
for category, checks in results.items():
report += f"## {category}\n"
for item, passed in checks.items():
status = "PASS" if passed else "FAIL"
report += f"- [{status}] {item}\n"
report += "\n"
return report
checker = ComplianceChecker()
compliance = checker.check_compliance(model_info, "eu_ai_act")
report = checker.generate_compliance_report(compliance)
Best Practices
- Create model cards for every deployed model
- Conduct regular risk assessments
- Implement continuous monitoring and auditing
- Maintain documentation for regulatory compliance
- Establish clear roles and responsibilities
- Use automated tools for compliance checking