Enterprise risk and compliance workflows often rely on manual review of policies, questionnaires, contracts, and supporting documents. This process is slow, inconsistent, and difficult to scale across large document collections. This work presents a practical framework for automated risk assessment using retrieval-augmented generation (RAG) with large language models (LLMs). The proposed system ingests domain documents, retrieves relevant evidence for each assessment question, and generates grounded score recommendations together with explanations. The paper focuses on architecture, implementation design, evaluation methodology, and deployment considerations for enterprise settings. To illustrate how the framework can be evaluated, the paper also includes a small synthetic proof-of-concept experiment comparing retrieval-free and retrieval-augmented settings. The framework is intended for domain-specific assessment scenarios in which traceability, consistency, and review efficiency are critical.
Venkata Shashankar Chennu (Fri,) studied this question.