Agree,
The risk management approach could be taken in consideration to define your sampling plans. Based the given risk you could create a table associating AQL's and attributes to inspect and then document such criteria into the QA procedure.
It is said that the customer is who sets the AQL's, but I have found that this is not always the case, thus the engineers find themselves in the need to set them, keeping always in mind that the customer deserves zero defects.
You could divide your product defect types by categories like critical, major and minor, and then set AQL's accordingly, just as an example: 0.65, 1.0 and 2.5 respectively. According to the FDA's QSR these sapling plans need to be reviewed from time to time to asses their adequacy and that they are sensitive to changes, so you could have that evaluation made in your quality group meetings, risk management process review meetings, or if feasible in a management review.