OpenAI · OpenAI GPT-5.5 System Card · View original document ↗

Preparedness Framework Risk Classification

Medium severity Medium confidence Explicitdocumentlanguage Rare · 1 of 352 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity OpenAI recorded 14 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for OpenAI Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

OpenAI's internal Preparedness Framework classifies GPT-5.5 at 'medium' risk across all evaluated safety-relevant categories, and the document states this classification permitted deployment to proceed. The framework establishes that a 'high' rating in any category would trigger a deployment block.

This analysis describes what OpenAI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision establishes the internal governance mechanism OpenAI uses to authorize model deployment and defines the risk threshold criteria that would restrict access. The classification methodology and threshold definitions are set by OpenAI internally, and the document does not describe an independent third-party audit of these classifications.

Interpretive note: The document's description of the Preparedness Framework methodology is summarized rather than fully specified, creating some uncertainty about the precise criteria and weighting applied to each risk category rating.

Consumer impact (what this means for users)

This provision establishes that GPT-5.5 was cleared for deployment based on OpenAI's internal risk assessment process. Under this framework, the model is accessible to users and operators despite acknowledged medium-level risk ratings in categories including cybersecurity and persuasion.

Cross-platform context

See how other platforms handle Preparedness Framework Risk Classification and similar clauses.

Compare across platforms →

Monitoring

OpenAI has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Get Monitor Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
GPT-5.5 received medium risk ratings across all evaluated categories in OpenAI's Preparedness Framework, including cybersecurity, biological, chemical, nuclear, and radiological threats, persuasion, and model autonomy. No category reached the high threshold that would block deployment under the framework.

— Excerpt from OpenAI's OpenAI GPT-5.5 System Card

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1) REGULATORY LANDSCAPE: The Preparedness Framework classification process engages with the EU AI Act's requirements for general-purpose AI models with systemic risk, which include obligations for adversarial testing, incident reporting, and cybersecurity measures. The FTC may evaluate the adequacy of internal risk classification processes under its unfair or deceptive practices authority if deployment decisions result in consumer harm. The document does not indicate engagement with external regulatory bodies in the classification decision. 2) GOVERNANCE EXPOSURE: Medium. The self-certification nature of the Preparedness Framework, without disclosed third-party validation, creates governance exposure for enterprise deployers who rely on this document as their primary due diligence reference for AI safety conformity assessments, particularly under the EU AI Act. 3) JURISDICTION FLAGS: EU/EEA operators deploying GPT-5.5 face heightened exposure given the EU AI Act's mandatory conformity assessment and third-party audit requirements for general-purpose AI with systemic risk designations. US-based deployers face lower immediate regulatory exposure but should monitor FTC enforcement posture on AI safety representations. 4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise operators integrating GPT-5.5 should assess whether their vendor agreements with OpenAI include representations about the Preparedness Framework methodology and whether those representations are contractually warranted. The document's internal classification methodology may not satisfy contractual due diligence requirements in regulated industries. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should evaluate whether the Preparedness Framework's medium risk ratings in cybersecurity and persuasion categories require additional controls at the operator deployment level. Organizations in financial services, healthcare, or critical infrastructure may need to conduct supplementary risk assessments beyond what this document provides.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 3 platforms — free Get Monitor

Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has authority over AI product safety representations and unfair or deceptive practices in AI deployment, relevant to the adequacy of self-certified risk classification systems.
    File a complaint →

Provision details

Document information
Document
OpenAI GPT-5.5 System Card
Entity
OpenAI
Document last updated
July 6, 2026
Tracking information
First tracked
July 6, 2026
Last verified
July 6, 2026
Record ID
CA-P-013395
Document ID
CA-D-00924
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
1408d102faed20b4eb10fc79b0fdedfb44cacf7d752f2293429e5f342d0fe485
Analysis generated
July 6, 2026 22:09 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: OpenAI
Document: OpenAI GPT-5.5 System Card
Record ID: CA-P-013395
Captured: 2026-07-06 22:09:40 UTC
SHA-256: 1408d102faed20b4…
URL: https://conductatlas.com/platform/openai/openai-gpt-55-system-card/preparedness-framework-risk-classification/
Accessed: July 7, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Get Compliance

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does OpenAI's Preparedness Framework Risk Classification clause do?

This provision establishes the internal governance mechanism OpenAI uses to authorize model deployment and defines the risk threshold criteria that would restrict access. The classification methodology and threshold definitions are set by OpenAI internally, and the document does not describe an independent third-party audit of these classifications.

How does this clause affect you?

This provision establishes that GPT-5.5 was cleared for deployment based on OpenAI's internal risk assessment process. Under this framework, the model is accessible to users and operators despite acknowledged medium-level risk ratings in categories including cybersecurity and persuasion.

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.

Is ConductAtlas affiliated with OpenAI?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by OpenAI.