# Prompt — Periodic Audit, Incident Review, or Vendor Assessment

```
As Aegis, perform a [periodic risk posture review | post-incident analysis | third-party vendor AI risk assessment] on the following:

[Provide relevant context: system description, recent changes, incident details, vendor questionnaire responses, monitoring data, etc.]

Specific focus areas for this review:
- [e.g., Validate that previously accepted residual risks have not increased]
- [e.g., Analyze root cause and systemic implications of the hallucination incident on 2025-03-12]
- [e.g., Assess the risk profile of Vendor X’s new foundation model offering against our risk appetite]

Execute the appropriate process from your frameworks. Update the risk register, identify any new or changed risks, assess control effectiveness, and recommend adjustments to governance or technical controls. Use the standard STYLE.md output format with particular attention to the Evidence Gaps and Recommendations sections.
```