Multi-Dimensional Risk Scoring

In LR-201a we introduced three scoring dimensions: severity, probability, and controllability. At the 301 level, we add three more dimensions that capture risk factors specific to AI contracts and complex commercial relationships. Detectability: can you detect when this provision has been triggered? Reversibility: if the provision is triggered, can the consequences be reversed? Cascading potential: does triggering this provision trigger obligations in other contracts or with other parties?

1. Dimension 4: Detectability Some provision triggers are obvious — a termination notice, a payment default, a formal breach claim. Others are silent — a warranty threshold crossed without notification, a data retention obligation that expired without anyone noticing, an SLA violation that was never measured. Low detectability means the provision could be triggered for months before anyone realizes it. The risk is not just the trigger — it is the undetected accumulation of consequences. [RISK]: AI system obligations are particularly prone to low detectability because AI behavior is probabilistic and may violate specifications intermittently.
2. Dimension 5: Reversibility If the provision is triggered, can you undo the damage? A payment obligation is reversible — you pay, the obligation is satisfied. An IP assignment is irreversible — once assigned, the rights are gone. A data breach notification is irreversible — once notified, the reputational impact has occurred. Irreversible consequences deserve higher risk scores because the mitigation option is prevention only, not correction.
3. Dimension 6: Cascading Potential Does this provision trigger obligations beyond this contract? An indemnification obligation may require you to pay a third party's damages, which triggers your insurance claim, which affects your premium, which affects every future contract with that insurer. A data breach in one contract may trigger notification obligations in every contract that references the affected data. Cascading risk is portfolio risk — it extends beyond the individual contract into the entire business relationship landscape.