---
title: Define your company's AI risk tolerance and strategy
description: Learn about define your companys ai risk tolerance and strategy in this guide.
image: https://developers.cloudflare.com/cf-twitter-card.png
---

> Documentation Index  
> Fetch the complete documentation index at: https://developers.cloudflare.com/learning-paths/llms.txt  
> Use this file to discover all available pages before exploring further.

[Skip to content](#%5Ftop) 

# Define your company's AI risk tolerance and strategy

Before you can secure AI, you need to understand your organization's goals and concerns for your users and data. This first step is crucial for anyone new to AI security because it helps you align on your overall risk tolerance for generative AI.

The level of risk you are willing to accept will determine how quickly you need to act and how deeply you need to implement security measures. Your specific concerns will then guide the exact security approaches you take to monitor and control AI usage.

To begin, consider these questions to help shape your strategy:

* Sanctioned versus shadow AI: Are your employees already using approved AI services, or are you primarily concerned with shadow AI — unapproved applications that may pose a risk? Note: Some approved vendors may offer embedded AI functionality. Consider whether those AI services are a risk, too.
* Data sensitivity: What types of sensitive data do you currently monitor, classify, and protect? This will help you identify what you need to safeguard when employees interact with AI. If you have not determined this yet, refer to [Define your sensitive data](https://developers.cloudflare.com/learning-paths/secure-internet-traffic/build-http-policies/data-loss-prevention/#define-your-sensitive-data) to learn more.
* Encouraging user behavior: Do you want to encourage or limit user engagement with AI? How much do you expect your employees to use AI in a controlled, sanctioned way?

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/learning-paths/","name":"Learning Paths"}},{"@type":"ListItem","position":3,"item":{"@id":"/learning-paths/holistic-ai-security/get-started/","name":"Get started"}},{"@type":"ListItem","position":4,"item":{"@id":"/learning-paths/holistic-ai-security/get-started/define-ai-risk-tolerance/","name":"Define your company's AI risk tolerance and strategy"}}]}
```