Skip to main content
v2026.1714 entries · CC-BY 4.0
CiteLicenceEN-GB
CASRAI

Definition · Plain-language

Algorithmic impact assessment

An algorithmic impact assessment (AIA) is a structured evaluation of the risks and impacts of an automated decision system, carried out before it is deployed.

CASRAI research-methods explainer — Algorithmic impact assessment

The step most authors miss

Doing CRediT right? Don’t stop at the statement.

A CRediT statement credits you inside one paper. The recognition CRediT was built for happens when those roles are tied to you, persistently. Sign in with your ORCID — free — and claim your CRediT contributions on casrai.org, the home of the standard. They become a verified, portable part of your identity, not a line that disappears into one PDF.

Free: claim your contributions, then export a journal-ready CRediT statement, schema.org structured data, JATS XML, CSV or BibTeX — and preview your public profile. A membership publishes that profile publicly and verifies the journals you serve.

Sign in with ORCID — free Why this matters →

What an AIA evaluates

An algorithmic impact assessment examines an automated system before it goes live to gauge how much it could affect people and what safeguards it therefore needs. Typical factors include the scope and scale of the system, how reversible and severe its decisions are, the rights and interests at stake, the sensitivity of the data used, and the degree of human involvement. Many AIAs translate these factors into an impact level or score, which then determines proportionate requirements — for example more rigorous testing, peer review, human oversight or public disclosure for higher-impact systems. The aim is to surface and address harms early, while a system can still be redesigned.

The Canadian model

The most established example is the Government of Canada’s Algorithmic Impact Assessment, a mandatory questionnaire under the federal Directive on Automated Decision-Making. Departments complete it for automated systems that make or assist administrative decisions, producing an impact score from level I to level IV. The score sets graduated obligations covering peer review, notice, human-in-the-loop requirements, explanation and contingency planning, with higher-impact systems facing stronger controls. Because the tool and completed assessments are published openly, the Canadian AIA has become a widely cited reference model for embedding proportionate, transparent risk assessment into public-sector AI use.

How AIAs fit governance

An AIA is a governance gate placed early in the lifecycle, complementing rather than replacing other assurance. Where ongoing risk management runs throughout a system’s life and audits test live behaviour, an AIA front-loads a structured judgement about whether and how a system should proceed. Its output feeds directly into governance decisions: the assessed impact level drives the controls, oversight and documentation applied thereafter. The concept overlaps with the conformity assessments and fundamental-rights impact assessments that some AI regulation requires, sharing the same logic of proportionate, pre-deployment scrutiny matched to the level of risk a system poses.

Key facts

At a glance

  • Definition: a structured, pre-deployment evaluation of an automated system’s risks and impacts
  • Factors: reach, reversibility, severity, data sensitivity, human involvement
  • Output: an impact level or score driving proportionate controls
  • Best-known example: Government of Canada’s mandatory federal AIA
  • Timing: before deployment, while redesign is still possible
  • Related: conformity and fundamental-rights impact assessments

Common misconceptions

What people often get wrong

Often heard: An algorithmic impact assessment is a one-off technical accuracy test.

Actually: An AIA evaluates broad risks and impacts on people — rights, severity, data sensitivity, reach — not just model accuracy. It is a governance judgement about whether and how a system should proceed, not a performance benchmark.

Often heard: AIAs are only a Canadian government requirement.

Actually: While Canada’s federal AIA is the best-known example, the concept is used more widely in public-sector and high-risk AI governance, and it overlaps with impact assessments required or recommended under other regimes and standards.

Often heard: You run an AIA after a system is deployed to see how it did.

Actually: An AIA is conducted before deployment so that risks can shape design and oversight while change is still feasible. Post-deployment review is a separate activity, handled by monitoring and audit.

Going deeper

Related CASRAI guidance

AI risk managementAI accountabilityAI governanceConformity assessmentStandards dictionaryStandards compared

Referenced across the research world

University of Cambridge logoColumbia University logoUniversity of Edinburgh logoHarvard University logoUniversity of Oxford logoPrinceton University logoStanford School of Medicine logoUniversity College London logoORCID logoCrossref logoUniversity of Cambridge logoColumbia University logoUniversity of Edinburgh logoHarvard University logoUniversity of Oxford logoPrinceton University logoStanford School of Medicine logoUniversity College London logoORCID logoCrossref logo
  • University of Cambridge logo
  • Columbia University logo
  • University of Edinburgh logo
  • Harvard University logo
  • University of Oxford logo
  • Princeton University logo
  • Stanford School of Medicine logo
  • University College London logo
  • ORCID logo
  • Crossref logo

View CASRAI adoption →