Back to Research
MethodologyMay 15, 2025

Can AI Impact Be Measured? A Case for Quantitative Scoring Methodologies

Abstract

We pose a foundational question: can the impact of artificial intelligence on business and society be measured with the same rigor applied to credit risk or vulnerability severity? We establish five axioms for a measurement-first approach to AI governance: impact is measurable, multi-dimensional, standardizable, flows across layers, and demands accountability. These principles form the theoretical foundation for a unified measurement science spanning data quality, agent behavior, and ecosystem dynamics.

Background

The history of measurement science demonstrates that complex, seemingly unquantifiable phenomena can be rendered into reliable numerical scores when the right methodology is applied [1]. The FICO score, introduced in 1989, reduced the multifactorial problem of creditworthiness into a single three-digit number that now underpins trillions of dollars in lending decisions annually [2]. Before FICO, credit decisions were subjective, inconsistent, and opaque. The score did not simplify the underlying reality; it imposed a disciplined framework that made the underlying reality legible and actionable at scale.

The Common Vulnerability Scoring System (CVSS) accomplished a parallel transformation for cybersecurity [3]. Before CVSS, vulnerability severity was assessed through ad hoc processes that varied by vendor, by organization, and by analyst. The introduction of a standardized base-temporal-environmental decomposition enabled consistent prioritization across the entire software ecosystem. CVSS did not eliminate disagreement about severity, but it created a shared language and a common numerical foundation upon which disagreement could be productive rather than incoherent.

The Basel Accords represent perhaps the most consequential example of measurement standardization in the modern economy [4]. By establishing standardized methodologies for calculating risk-weighted assets, the Basel framework created a common measurement regime across the global banking system [5]. The accords did not prevent financial crises, but they made the systemic risk landscape visible and comparable in ways that enabled regulatory coordination at international scale. Each of these precedents demonstrates a core principle: standardized measurement does not require perfect precision to be transformatively useful.

Artificial intelligence presents a measurement challenge that is at least as complex as credit risk, vulnerability severity, or banking capital adequacy, and arguably more consequential [6]. AI systems consume data from multiple sources, make decisions that affect individuals and organizations, create dependencies that propagate through supply chains, and generate feedback loops that amplify initial conditions [7]. Yet the field has no standardized methodology for measuring any of these effects. The absence of measurement is not an absence of impact; it is an absence of visibility into impact that is already occurring.

Approach

We propose five axioms that establish the theoretical foundation for AI impact measurement. The first axiom, measurability, asserts that the impact of AI systems on business and society is an empirically observable phenomenon that can be quantified through systematic methodology [1]. This is not a trivial claim. It requires accepting that impact, while complex and multi-causal, produces observable effects that can be captured through instrumentation, sampling, and statistical analysis [8]. The measurability axiom rejects the position that AI impact is inherently subjective or unquantifiable, while acknowledging that measurement will always involve uncertainty and approximation.

The second axiom, multi-dimensionality, asserts that AI impact cannot be reduced to a single dimension without losing essential information. Credit risk is multi-dimensional (payment history, amounts owed, length of history, new credit, credit mix), and FICO preserves that dimensionality through its scoring algorithm [2]. Similarly, AI impact spans data quality, algorithmic behavior, economic effects, social consequences, and systemic risk. A measurement methodology that collapses these dimensions into a single undifferentiated score would sacrifice the analytical power that makes measurement useful in the first place [9].

The third axiom, standardizability, asserts that measurement methodologies can be defined with sufficient precision to enable consistent application across organizations, industries, and jurisdictions [10]. Standardization does not require that every evaluator arrive at identical scores; it requires that score differences reflect genuine differences in the phenomenon being measured rather than differences in measurement methodology. The CVSS framework demonstrates this principle [3]: two analysts may disagree about whether a vulnerability has high or critical base severity, but the framework ensures their disagreement is about the same dimensions measured in the same way.

The fourth axiom, cross-layer flow, asserts that AI impact propagates across boundaries. Data quality affects agent behavior, agent behavior affects organizational outcomes, and organizational outcomes affect ecosystem dynamics [7]. A measurement framework that examines only one layer will systematically miss the causal mechanisms that generate the most consequential impacts. This axiom demands that measurement methodology account for the transmission of effects across the data layer, the agent layer, and the ecosystem layer.

The fifth axiom, accountability, asserts that measurement without consequence is observation without purpose [11]. The value of a FICO score lies not in its existence but in the decisions it informs and the accountability it enables. A measurement-first approach to AI governance must connect quantitative scores to decision-making processes, disclosure requirements, and accountability mechanisms [12]. Measurement that exists in isolation from governance is an academic exercise; measurement that feeds into accountability structures is a tool for responsible deployment.

Findings

Current AI governance operates almost entirely without quantitative measurement of impact [6]. The dominant approaches fall into three categories, none of which provides the measurement foundation that effective governance requires. Principles-based frameworks articulate values such as fairness, transparency, and accountability, but provide no methodology for determining whether a specific AI system achieves those values to a specific degree [13]. Compliance checklists enumerate requirements but provide no mechanism for distinguishing between systems that barely meet a threshold and systems that exceed it by orders of magnitude. Benchmark evaluations measure model capabilities on standardized tasks but do not connect capability scores to impact on business or society.

The absence of impact measurement creates a governance vacuum that is filled by narrative, assertion, and anecdote. Organizations claim their AI systems are responsible without quantitative evidence. Regulators write requirements without measurable criteria for compliance [14]. Auditors assess processes rather than outcomes because outcomes have not been rendered measurable. The result is a governance regime that is simultaneously burdensome and ineffective: organizations invest substantial resources in compliance activities that provide little assurance about actual impact.

This measurement gap is not merely an inconvenience; it is a structural failure that undermines every downstream governance activity. Risk assessment without measurement is guesswork. Auditing without measurement is theater. Disclosure without measurement is public relations. Accountability without measurement is arbitrary. The entire architecture of AI governance rests on a foundation that does not yet exist: a standardized, quantitative methodology for measuring what AI systems actually do to the world [11].

Our analysis reveals that the technical barriers to AI impact measurement are lower than commonly assumed. The challenge is not that impact is inherently unmeasurable; it is that the field has not invested in measurement methodology with the same intensity it has invested in model development. The statistical techniques for multi-dimensional scoring are well-established [9]. The instrumentation requirements for data collection are achievable with current technology. The aggregation methods for combining multiple signals into composite scores have been validated across decades of application in credit risk [2], vulnerability scoring [3], and capital adequacy assessment [4].

Implications

If the five axioms hold, the implications for the AI industry are substantial. Standardized measurement enables comparison, and comparison enables markets. Today, organizations cannot meaningfully compare the impact of different AI systems because no common measurement methodology exists. A standardized scoring framework would enable procurement decisions informed by quantitative impact assessment, creating market incentives for AI systems that score well on dimensions that matter to buyers and regulators.

Standardized measurement also enables regulation that is proportionate and evidence-based [14]. Current regulatory proposals, from the EU AI Act to emerging frameworks in the United States and Asia, struggle with the fundamental problem of classification: how should a regulator determine which AI systems warrant heightened scrutiny? Without quantitative measurement, classification must rely on proxies such as application domain or model size, which are poor predictors of actual impact. Standardized impact scores would enable risk-proportionate regulation that targets the systems with the highest measured impact rather than the systems that happen to fall into administratively convenient categories.

The insurance industry presents a particularly compelling use case for standardized AI impact measurement. Actuarial science depends on quantifiable risk [15], and the current inability to measure AI impact creates a barrier to the development of AI-related insurance products. Standardized scoring would enable the underwriting of AI risk in the same way that CVSS scores inform cyber insurance pricing [3] and credit scores inform lending terms [2]. The development of an AI insurance market would, in turn, create powerful economic incentives for organizations to manage and reduce their AI impact scores.

Finally, standardized measurement enables longitudinal analysis and trend detection. When measurement is consistent over time, it becomes possible to identify whether AI impact is increasing or decreasing, which dimensions are driving changes, and which interventions are effective. Without measurement, the field is navigating in the dark, unable to determine whether the aggregate direction of AI deployment is toward benefit or harm, and unable to course-correct with evidence-based interventions.

References

  1. Finkelstein, L. (2003). Widely, strongly and weakly defined measurement. Measurement, 34(1), 39-48.
  2. Fair Isaac Corporation. (2009). The FICO Score: An Overview of Its Development and Use. Fair Isaac Corporation Technical Report.
  3. Mell, P., Scarfone, K., & Romanosky, S. (2007). A Complete Guide to the Common Vulnerability Scoring System Version 2.0. FIRST - Forum of Incident Response and Security Teams.
  4. Basel Committee on Banking Supervision. (2006). International Convergence of Capital Measurement and Capital Standards: A Revised Framework. Bank for International Settlements.
  5. Tarullo, D. K. (2008). Banking on Basel: The Future of International Financial Regulation. Peterson Institute for International Economics.
  6. Floridi, L., Cowls, J., Beltrametti, M., Chatila, R., Chazerand, P., Dignum, V., ... & Vayena, E. (2018). AI4People—An Ethical Framework for a Good AI Society: Opportunities, Risks, Principles, and Recommendations. Minds and Machines, 28(4), 689-707.
  7. Amodei, D., Olah, C., Steinhardt, J., Christiano, P., Schulman, J., & Mané, D. (2016). Concrete Problems in AI Safety. arXiv preprint arXiv:1606.06565.
  8. Stevens, S. S. (1946). On the Theory of Scales of Measurement. Science, 103(2684), 677-680.
  9. Nardo, M., Saisana, M., Saltelli, A., Tarantola, S., Hoffman, A., & Giovannini, E. (2008). Handbook on Constructing Composite Indicators: Methodology and User Guide. OECD Publishing.
  10. International Organization for Standardization. (2015). ISO 9001:2015 Quality Management Systems — Requirements. ISO.
  11. Jobin, A., Ienca, M., & Vayena, E. (2019). The Global Landscape of AI Ethics Guidelines. Nature Machine Intelligence, 1(9), 389-399.
  12. Raji, I. D., Smart, A., White, R. N., Mitchell, M., Gebru, T., Hutchinson, B., ... & Barnes, P. (2020). Closing the AI Accountability Gap: Defining an End-to-End Framework for Internal Algorithmic Auditing. Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency, 33-44.
  13. Hagendorff, T. (2020). The Ethics of AI Ethics: An Evaluation of Guidelines. Minds and Machines, 30(1), 99-120.
  14. European Parliament and Council. (2024). Regulation (EU) 2024/1689 Laying Down Harmonised Rules on Artificial Intelligence (AI Act). Official Journal of the European Union.
  15. Cummins, J. D., & Mahul, O. (2009). Catastrophe Risk Financing in Developing Countries: Principles for Public Intervention. World Bank Publications.