To address the challenges of fragmented understanding of Large Language Model (LLM) security risks and the inadequacy of LLM risk classification and grading frameworks, this study aims to construct a comprehensive framework that integrates risk mechanism analysis, quantitative assessment, and governance practices. Theoretically, this study synthesizes and reconstructs multiple foundational theories, including socio-technical systems, social systems theory, and safety science, to reveal that risks originate from a dual trigger mechanism of the model's "internal complexity" and "external interaction." It consequently dissects risks into two primary dimensions—"internal safety" and "application security"—providing a unified theoretical foundation for a systematic governance framework. Methodologically, the study introduces "Risk Label Cards" as a standardized tool and employs an "Artificial Intelligence + Human Expert Collaboration" approach to structurally analyze real-world security incidents. Combined with an improved DREAD (damage, reproducibility, exploitability, affected users, discoverability) risk matrix model, it establishes a complete assessment methodology that spans from qualitative identification to quantitative grading. The research culminates in the construction of a systematic risk classification system and a three-tiered (high, medium, low) risk landscape covering major risk types. The "dual-dimensional driven" risk analysis and governance framework constructed in this study provides a systematic theoretical tool for the precise assessment and governance of LLM risks, effectively bridging the "theory-practice gap" in governance. Furthermore, with its theoretical compatibility and dynamic characteristics, the framework provides a reference for continuously tracking and understanding the evolution of LLM security risks and for security policy research.