AIUC-1 × CSA AICM

A&A-01: Audit and Assurance Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain audit and assurance policies and procedures and standards. Review and update the policies and procedures at least annually or upon significant changes.

A&A-02: Independent Assessments

Conduct independent audit and assurance assessments according to relevant standards at least annually.

A&A-03: Risk Based Planning Assessment

Perform independent audit and assurance assessments in response to signifianct changes or emerging risks and according to risk-based plans and policies.

A&A-04: Requirements Compliance

Verify compliance with all relevant standards, regulations, legal/contractual, and statutory requirements applicable to the audit.

A&A-05: Audit Management Process

Define and implement an Audit Management process aligned with global audting standards, to support audit planning, risk analysis, security control assessment, conclusion, remediation schedules, report generation, and review of past reports and supporting evidence.

A&A-06: Remediation

Establish, document, approve, communicate, apply, evaluate and maintain a risk-based corrective action plan to remediate audit findings, regularly review and report remediation status to relevant stakeholders.

AIS-01: Application and Interface Security Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for application security. Review and update the policies and procedures at least annually or after significant system changes.

AIS-02: Application Security Baseline Requirements

Establish, document and maintain baseline requirements for securing applications.

AIS-03: Application Security Metrics

Define and implement technical and operational metrics in alignment with business objectives, security requirements, and compliance obligations.

AIS-04: Secure Application Development Lifecycle

Define and implement a software development lifecycle (SDLC) process for application requirements analysis, planning, design, development, testing, deployment, and operation in accordance with security requirements defined by the organization.

AIS-05: Application Security Testing

Implement a testing strategy, including criteria for acceptance of new information systems, upgrades and new versions, which provides application security assurance and maintains compliance while meeting organizational delivery goals. Automate when applicable and possible.

AIS-06: Secure Application Deployment

Establish and implement strategies and capabilities for secure, standardized, and compliant application deployment. Automate where possible.

AIS-07: Application Vulnerability Remediation

Define and implement a process to remediate application security vulnerabilities, automating remediation when possible.

AIS-08: Input Validation

Validate, filter, modify or block, as necessary, input against adversarial patterns, failure patterns and unwanted behaviour according to organisational policies and applicable laws and regulations.

AIS-09: Output Validation

Validate, filter, modify or block, as necessary, output against adversarial patterns, failure patterns and unwanted behaviour according to organisational policies and applicable laws and regulations.

AIS-10: API Security

Define and implement processes, procedures, and technical measures to secure APIs. Review and update for any improvements at least annually or after significant system changes.

AIS-11: Agents Security Boundaries

Establish security boundaries for agents.

AIS-12: Source Code Management

Implement source code management practices, such as version control, code review & static code analysis, aligning with the SDLC process.

AIS-13: AI Sandboxing

Implement sandboxing techniques to execute AI tools and plugins in isolated environments to prevent unintended interactions with critical systems or data and limit the possibility of lateral movement.

AIS-14: AI Cache Protection

Implement security measures to protect caches in GenAI systems and services.

AIS-15: Prompt Differentiation

Implement mechanisms enabling the model to clearly distinguish user-provided input instructions from data and system instructions (e.g., system prompts).

BCR-01: Business Continuity Management Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain business continuity management and operational resilience policies and procedures.Review and update the policies and procedures at least annually, or when significant changes occur that could impact risk exposure.

BCR-02: Risk Assessment and Impact Analysis

Determine the impact of business disruptions and risks to establish criteria for developing business continuity and operational resilience strategies and capabilities.Review and update the risk assessment and impact analysis at least annually or upon significant changes.

BCR-03: Business Continuity Strategy

Establish strategies to reduce the impact of business disruptions, and improve resiliency and recovery from business disruptions.

BCR-04: Business Continuity Planning

Establish, document, approve, communicate, apply, evaluate and maintaina business continuity plan based on the results of the operational resiliencestrategies and capabilities.

BCR-05: Documentation

Develop, identify, and acquire documentation, both internally and from external parties, that is relevant to support the business continuity and operational resilience programs. Make the documentation available to authorized stakeholders and review at least annually or upon significant changes.

BCR-06: Business Continuity Exercises

Follow a structured approach to evaluate the effectiveness of the business continuity and operational resilience plans at planned intervals or upon significant changes.

BCR-07: Communication

Establish and maintain communication channels with all relevant stakeholders in the course of business continuity and resilience procedures.

BCR-08: Backup

Periodically perform backups. Ensure the confidentiality, integrity and availability of the backup, and verify restoration from backup for resiliency.

BCR-09: Disaster Response Plan

Establish, document, approve, communicate, apply, evaluate and maintaina disaster response plan to recover from natural and man-made disasters. Updatethe plan at least annually or upon significant changes.

BCR-10: Response Plan Exercise

Exercise the disaster response plan annually or upon significantchanges, including, if possible, participation of local emergency authorities.

BCR-11: Equipment Redundancy

Supplement business-critical equipment with both locally redundant and geographically dispersed equipment located at a reasonable minimum distance in accordance with applicable industry standards.

CCC-01: Change Management Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for managing the risks associated with applying changes to assets owned, controlled or used by the organization. Review and update the policies and procedures at least annually, or upon significant changes.

CCC-02: Quality Testing

Establish, maintain and implement a defined quality change control, approval and testing process incorporating baselines, testing, and release standards.

CCC-03: Change Management Technology

Implement a change management procedure to manage the risks associated with applying changes to assets owned, controlled or used by the organization.

CCC-04: Change Autorization

Implement and enforce a procedure to authorize addition, removal, update, and management of assets, owned, controlled or used by the organization.

CCC-05: Change Agreements

Include provisions limiting changes directly impacting customer ownedenvironments/tenants to explicitly authorized requests within service level agreements.

CCC-06: Change Management Baseline

Establish change management baselines for all relevant authorized changes on organization assets. Review and update the change management baseline at least annually or upon significant changes.

CCC-07: Detection of Baseline Deviation

Implement detection measures with proactive notification in case of changes deviating from the established baseline.

CCC-08: Exception Management

Implement a procedure for the management of exceptions, including emergencies, in the change and configuration process. Align the procedure withthe requirements of GRC-04: Policy Exception Process.

CCC-09: Change Restoration

Define and implement a process to proactively roll back changes to a previous known good state in case of errors or security concerns.

CEK-01: Encryption and Key Management Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for Cryptography, Encryption and Key Management. Review and update the policies and procedures at least annually or upon significant changes.

CEK-02: CEK Roles and Responsibilities

Define and implement cryptographic, encryption and key managementroles and responsibilities.

CEK-03: Data Encryption

Provide data protection at-rest, in-transit and, where applicable, in-use by using cryptographic libraries certified to approved standards.

CEK-04: Encryption Algorithm

Utilize encryption algorithms following industry standards for protecting data, based on the data classification and associated risks.

CEK-05: Encryption Change Management

Establish a standard change management procedure, to accommodatechanges from internal and external sources, for review, approval, implementationand communication of cryptographic, encryption and key management technologychanges.

CEK-06: Encryption Change Cost Benefit Analysis

Manage and adopt changes to cryptography-, encryption-, and key management-relatedsystems (including policies and procedures) that fully account for downstreameffects of proposed changes, including residual risk, cost, and benefits analysis.

CEK-07: Encryption Risk Management

Establish and maintain an encryption and key management risk programthat includes provisions for risk assessment, risk treatment, risk context,monitoring, and feedback.

CEK-08: Customer Key Management Capability

Providers must provide the capability for customers to manage their own data encryption keys.

CEK-09: Encryption and Key Management Audit

Audit encryption and key management systems, policies, and processeswith a frequency that is proportional to the risk exposure of the system withaudit occurring preferably continuously but at least annually and after anysecurity event(s).

CEK-10: Key Generation

Generate Cryptographic keys using industry accepted cryptographiclibraries specifying the algorithm strength and the random number generatorused.

CEK-11: Key Purpose

Manage cryptographic secret and private keys that are provisionedfor a unique purpose.

CEK-12: Key Rotation

Rotate cryptographic keys in accordance with the calculated cryptoperiod,which includes provisions for considering the risk of information disclosureand legal and regulatory requirements.

CEK-13: Key Revocation

Define, implement and evaluate processes, procedures and technicalmeasures to revoke and remove cryptographic keys prior to the end of its establishedcryptoperiod, when a key is compromised, or an entity is no longer part of theorganization, which include provisions for legal and regulatory requirements.

CEK-14: Key Destruction

Define, implement, and evaluate processes, procedures, and technical measures to securely destroy cryptographic keys when they are no longer needed, which include provisions for legal and regulatory requirements.

CEK-15: Key Activation

Define, implement and evaluate processes, procedures and technicalmeasures to create keys in a pre-activated state when they have been generatedbut not authorized for use, which include provisions for legal and regulatoryrequirements.

CEK-16: Key Suspension

Define, implement and evaluate processes, procedures and technicalmeasures to monitor, review and approve key transitions from any state to/fromsuspension, which include provisions for legal and regulatory requirements.

CEK-17: Key Deactivation

Define, implement and evaluate processes, procedures and technicalmeasures to deactivate keys at the time of their expiration date, which includeprovisions for legal and regulatory requirements.

CEK-18: Key Archival

Define, implement and evaluate processes, procedures and technicalmeasures to manage archived keys in a secure repository requiring least privilegeaccess, which include provisions for legal and regulatory requirements.

CEK-19: Key Compromise

Define, implement and evaluate processes, procedures and technicalmeasures to use compromised keys to encrypt information only in controlled circumstance,and thereafter exclusively for decrypting data and never for encrypting data,which include provisions for legal and regulatory requirements.

CEK-20: Key Recovery

Define, implement and evaluate processes, procedures and technicalmeasures to assess the risk to operational continuity versus the risk of thekeying material and the information it protects being exposed if control ofthe keying material is lost, which include provisions for legal and regulatoryrequirements.

CEK-21: Key Inventory Management

Define, implement and evaluate processes, procedures and technicalmeasures in order for the key management system to track and report all cryptographic materials and changes in status, which include provisions for legal and regulatoryrequirements.

DCS-01: Off-Site Equipment Disposal Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for the secure disposal of equipment used outside the organization's premises. If the equipment is not physically destroyed a data destruction procedure that renders recovery of information impossible must be applied. Review and update the policies and procedures at least annually, or upon significant changes.

DCS-02: Off-Site Transfer Authorization Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for the relocation or transfer of hardware, software,or data/information to an offsite or alternate location. The relocation or transferrequest requires the written or cryptographically verifiable authorization.Review and update the policies and procedures at least annually, or upon significant changes.

DCS-03: Secure Area Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for maintaining a safe and secure working environmentin offices, rooms, and facilities. Review and update the policies and proceduresat least annually, or upon significant changes.

DCS-04: Secure Media Transportation Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for the secure transportation of physical media. Review and update the policies and procedures at least annually, or upon significant changes.

DCS-05: Assets Classification

Classify and document the physical, and logical assets (e.g., applications)based on the organizational business risk. Review and update the assets’ classification at least annually or upon significant changes.

DCS-06: Assets Cataloguing and Tracking

Catalogue and track all relevant physical and logical assets locatedat all of the service providers sites within a secured system. Review and update the catalogue at least annually or upon significant changes.

DCS-07: Controlled Physical Access Points

Design and implement physical security perimeters to safeguard personnel, data, and information systems.

DCS-08: Equipment Identification

Use equipment identification as a method for connection authentication.

DCS-09: Secure Area Authorization

Allow only authorized personnel access to secure areas, with allingress and egress points restricted, documented, and monitored by physicalaccess control mechanisms. Retain access control records on a periodic basisas deemed appropriate by the organization.

DCS-10: Surveillance System

Implement, maintain, and operate datacenter surveillance systems at the external perimeter and at all the ingress and egress points to detect unauthorized ingress and egress attempts.

DCS-11: Adverse Event Response Training

Train datacenter personnel to safely manage adverse events, including but not limited to unauthorized ingress and egress attempts.

DCS-12: Cabling Security

Define, implement and evaluate processes, procedures and technical measures that ensure a risk-based protection of power and telecommunication cables from a threat of interception, interference or damage at all facilities, offices and rooms.

DCS-13: Environmental Systems

Implement and maintain data center environmental control systems that monitor, maintain and test for continual effectiveness the temperatureand humidity conditions within accepted industry standards.

DCS-14: Secure Utilities

Secure, monitor, maintain, and test utilities services for continualeffectiveness at planned intervals.

DCS-15: Equipment Location

Keep business-critical equipment away from locations subject to high probability for environmental risk events.

DSP-01: Security and Privacy Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the classification, protection, preparation and handling of data throughout its lifecycle, and according to all applicable laws and regulations,standards, and risk level. Review and update the policies and procedures atleast annually.

DSP-02: Secure Disposal

Apply industry accepted methods for the secure disposal of data from storage media such that data is not recoverable by any forensic means.

DSP-03: Data Inventory

Create and maintain a data inventory, at least for any sensitive, regulated and personal data. Review and update the inventory at least annually or upon significant changes.

DSP-04: Data Classification

Classify data according to its type and sensitivity level.

DSP-05: Data Flow Documentation

Create data flow documentation to identify what data is processed, stored or transmitted where. Review data flow documentation at defined intervals, at least annually, and after any change.

DSP-06: Data Ownership and Stewardship

Document ownership and stewardship of all relevant documented personal and sensitive data. Perform review at least annually.

DSP-07: Data Protection by Design and Default

Develop systems, products, and business practices based upon a principle of security by design and industry best practices.

DSP-08: Data Privacy by Design and Default

Develop systems, products, and business practices based upon a principle of privacy by design and industry best practices. Ensure that systems' privacy settings are configured by default, according to all applicable laws and regulations.

DSP-09: Data Protection Impact Assessment

Conduct a Data Protection Impact Assessment (DPIA) to evaluate the origin, nature, particularity and severity of the risks upon the processing of personal data, according to any applicable laws, regulations and industrybest practices.

DSP-10: Sensitive Data Transfer

Define, implement and evaluate processes, procedures and technical measures that ensure any transfer of personal or sensitive data is protected from unauthorized access and only processed within scope as permitted by the respective laws and regulations.

DSP-11: Personal Data Access, Reversal, Rectification and Deletion

Define and implement, processes, procedures and technical measures to enable data subjects to request access to, modification, or deletion of their personal data, according to any applicable laws and regulations.

DSP-12: Limitation of Purpose in Personal Data Processing

Define, implement and evaluate processes, procedures and technical measures to ensure that personal data is processed according to any applicable laws and regulations and for the purposes declared to the data subject.

DSP-13: Personal Data Sub-processing

Define, implement and evaluate processes, procedures and technical measures for the transfer and sub-processing of personal data within the service supply chain, according to any applicable laws and regulations.

DSP-14: Disclosure of Data Sub-processors

Define, implement and evaluate processes, procedures and technical measures to disclose the details of any personal or sensitive data access by sub-processors to the data owner prior to initiation of that processing.

DSP-15: Limitation of Production Data Use

Obtain authorization from data owners, and manage associated riskbefore replicating or using production data in non-production environments.

DSP-16: Data Retention and Deletion

Data retention, archiving and deletion is managed in accordance withbusiness requirements, applicable laws and regulations.

DSP-17: Sensitive Data Protection

Define and implement, processes, procedures and technical measuresto protect sensitive data throughout its lifecycle.

DSP-18: Disclosure Notification

The providers should implement and describe to customers the procedure to manage and respond to requests for disclosure of Personal Data by Law Enforcement Authorities according to applicable laws and regulations.

DSP-19: Data Location

Define and implement, processes, procedures and technical measures to specify and document the physical locations of data, including any locations in which data is processed or backed up.

DSP-20: Data Provenance and Transparency

Define, implement and evaluate processes, procedures and technical measures to: 1) Document and trace data sources, and 2) Make the data source available according to legal and regulatory requirements

DSP-21: Data Poisoning Prevention & Detection

Define, implement and evaluate processes, procedures and technical measures to prevent data poisoning in AI models and continuously detect such.

DSP-22: Privacy Enhancing Technologies

Use Privacy Enhancing Technologies for training data, informed by risk and privacy impact analysis and business use cases.

DSP-23: Data Integrity Check

Regularly validate the consistency and conformity of training, fine-tuning or augmentation data. Implement dataset versioning to ensure traceability and enforce restrictions to prevent unauthorized changes.

DSP-24: Data Differentiation and Relevance

Ensure training-data differentiation and relevance to the intended use of the AI Model.

GRC-01: Governance Program Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for an information governance program, which is sponsored by the leadership of the organization and related to AI systems as well. Review and update the policies and procedures at least annually.

GRC-02: Risk Management Program

Establish and maintain a formal, documented, and leadership-sponsored AI Risk Management (AIRM) program that includes policies and procedures for identification, evaluation, ownership, treatment, and acceptance of risks.

GRC-03: Organizational Policy Reviews

Review all relevant organizational policies and associated proceduresat least annually or when a substantial change occurs within the organization.

GRC-04: Policy Exception Process

Establish and follow an approved exception process as mandated bythe governance program whenever a deviation from an established policy occurs.

GRC-05: Information Security Program

Develop and implement an Information Security Program, which includesprograms for all the relevant domains of the AICM.

GRC-06: Governance Responsibility Model

Define and document roles and responsibilities for planning, implementing,operating, assessing, and improving governance programs.

GRC-07: Information System Regulatory Mapping

Identify and document all relevant standards, regulations, legal/contractual, and statutory requirements, which are applicable to your organization. Review at least annually or when a substantial change occurs within the organization.

GRC-08: Special Interest Groups

Establish and maintain contact with related special interest groups and other relevant entities in line with business context.

GRC-09: Acceptable Use of the AI Service

Define, document and enforce policies and procedures on the acceptable use of AI services offered by the organization. Ensure effectiveness by continuous risk assessments, reviews and human oversight.

GRC-10: AI Impact Assessment

Establish, document, and communicate to all relevant stakeholders an AI Impact Assessment process and its criteria to regularly evaluate the ethical, societal, operational, legal, and security impacts of the AI system throughout its lifecycle.

GRC-11: Bias and Fairness Assessment

Regularly evaluate AI systems, models, datasets & algorithms for bias and fairness to ensure compliance with ethical standards.

GRC-12: Ethics Committee

Establish an ethics committee to review AI applications, ensuring alignment with ethical standards and organizational values.

GRC-13: Explainability Requirement

Establish, document, and communicate the degree of explainability needed for the AI Services.

GRC-14: Explainability Evaluation

Evaluate, document, and communicate the degree of explainability of the AI Services, including possible limitations and exceptions.

GRC-15: Human supervision

Establish, execute, and assess processes, procedures, and technical measures to ensure human oversight and control of the AI system in compliance with regulatory requirements and organizational risk management.

HRS-01: Background Screening Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for background verification of all new employees (includingbut not limited to remote employees, contractors, and third parties) accordingto local laws, regulations, ethics, and contractual constraints and proportionalto the data classification to be accessed, the business requirements, and acceptablerisk. Review and update the policies and procedures at least annually.

HRS-02: Acceptable Use of Technology Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for defining allowances and conditions for the acceptable use of organizationally-owned or managed assets. Review and update the policiesand procedures at least annually.

HRS-03: Clean Desk Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures that require unattended workspaces to not have openlyvisible confidential data. Review and update the policies and procedures atleast annually.

HRS-04: Remote and Home Working Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures to protect information accessed, processed or storedat remote sites and locations. Review and update the policies and proceduresat least annually.

HRS-05: Asset returns

Establish and document procedures for the return of organization-ownedassets by terminated employees.

HRS-06: Employment Termination

Establish, document, and communicate to all personnel the proceduresoutlining the roles and responsibilities concerning changes in employment.

HRS-07: Employment Agreement Process

Employees sign the employee agreement prior to being granted accessto organizational information systems, resources and assets.

HRS-08: Employment Agreement Content

The organization includes within the employment agreements provisionsand/or terms for adherence to established information governance and securitypolicies.

HRS-09: Personnel Roles and Responsibilities

Document and communicate roles and responsibilities of employees,as they relate to information assets and security.

HRS-10: Non-Disclosure Agreements

Identify, document, and review, at planned intervals, requirementsfor non-disclosure/confidentiality agreements reflecting the organization'sneeds for the protection of data and operational details.

HRS-11: Security Awareness Training

Establish, document, approve, communicate, apply, evaluate and maintain a security awareness training program for all employees of the organization and provide regular training updates.

HRS-12: Personal and Sensitive Data Awareness and Training

Provide employees with access to sensitive organizational and personal data with appropriate security awareness training and regular updates in organizational procedures, processes, and policies relating to their professional function relative to the organization.

HRS-13: Compliance User Responsibility

Make employees aware of their roles and responsibilities for maintaining awareness and compliance with established policies and procedures and applicablelegal, statutory, or regulatory compliance obligations.

HRS-14: AI Competency Training

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures defining the AI training program for all relevant personnel of the organization based on their roles and provide regular training updates.

HRS-15: AI Acceptable Use

Establish, document, and communicate to all personnel the policies and procedures on the acceptable use of AI technologies within the organization.

I&S-01: Infrastructure and Virtualization Security Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for infrastructure and virtualization security. Reviewand update the policies and procedures at least annually, or upon significant changes.

I&S-02: Capacity and Resource Planning

Plan and monitor the availability, quality, and adequate capacityof resources in order to deliver the required system performance as determinedby the business.

I&S-03: Network Security

Monitor, encrypt and restrict communications between environmentsto only authenticated and authorized connections, as justified by the business.Review these configurations at least annually, and support them by a documentedjustification of all allowed services, protocols, ports, and compensating controls.

I&S-04: OS Hardening and Base Controls

Harden host and guest OS, hypervisor or infrastructure control planeaccording to their respective best practices, and supported by technical controls,as part of a security baseline.

I&S-05: Production and Non-Production Environments

Separate production and non-production environments.

I&S-06: Segmentation and Segregation

Design, develop, deploy and configure applications and infrastructures such that tenant access is appropriately segmented and segregated, monitored and restricted.

I&S-07: Migration to Hosted Environments

Use secure and encrypted communication channels when migrating servers, services, applications, or data to hosted environments. Such channels must include only up-to-date and approved protocols.

I&S-08: Network Architecture Documentation

Identify and document high-risk environments.

I&S-09: Network Defense

Define, implement and evaluate processes, procedures and defense-in-depthtechniques for protection, detection, and timely response to network-based attacks.

IAM-01: Identity and Access Management Policy and Procedures

Establish, document, approve, communicate, implement, apply, evaluateand maintain policies and procedures for identity and access management. Reviewand update the policies and procedures at least annually, or upon significant changes.

IAM-02: Strong Password Policy and Procedures

Establish, document, approve, communicate, implement, apply, evaluateand maintain strong password policies and procedures. Review and update thepolicies and procedures at least annually.

IAM-03: Identity Inventory

Manage, store, and regularly review the inventory of identities, and monitor their level of access.

IAM-04: Separation of Duties

Employ the separation of duties principle when implementing information system access.

IAM-05: Least Privilege

Employ the least privilege principle when implementing information system access.

IAM-06: User Access Provisioning

Define and implement an identity access provisioning process which authorizes, records, and communicates access changes to data and assets.

IAM-07: User Access Changes and Revocation

De-provision or modify identity access in a timely manner.

IAM-08: User Access Review

Review and revalidate user access for least privilege and separationof duties with a frequency that is commensurated with organizational risk tolerance and at least annually, or upon significant changes.

IAM-09: Segregation of Privileged Access Roles

Define, implement and evaluate processes, procedures and technical measures for the segregation of privileged access roles.

IAM-10: Management of Privileged Access Roles

Define and implement an access process to ensure privileged accessroles and rights are granted for a time limited period, and implement procedures to prevent the accumulation of segregated privileged access.

IAM-11: Customers' Approval for Agreed Privileged Access Roles

Define, implement and evaluate processes and procedures for customers to participate, where applicable, in the granting of access for agreed, highrisk (as defined by the organizational risk assessment) privileged access roles.

IAM-12: Safeguard Logs Integrity

Define, implement and evaluate processes, procedures and technical measures to ensure the logging infrastructure is read-only for all with write access, including privileged access roles, and that the ability to disable it's controlled through a procedure that ensures the segregation of duties and break glass procedures.

IAM-13: Uniquely Identifiable Users

Define, implement and evaluate processes, procedures and technical measures, that ensure identities’ activities are identifiable through uniquely associated IDs.

IAM-14: Strong Authentication

Define, implement and evaluate processes, procedures and technical measures for authenticating access to systems, application and data assets, including multifactor authentication for at least privileged user and sensitive data access. Adopt digital certificates or alternatives which achieve an equivalent level of security for system identities.

IAM-15: Passwords and Secrets Management

Define, implement and evaluate processes, procedures and technical measures for the secure management of passwords and other secrets.

IAM-16: Authorization Mechanisms

Define, implement and evaluate processes, procedures and technicalmeasures to verify access to data and system functions is authorized.

IAM-17: Knowledge Access Control - Need to Know

Define policy and procedure for "need to know" access to knowledge, information and data within the organization and in the context of the AI system to be applied when regulating access to resources.

IAM-18: Output Modification and Special Authorization

When allowing model output modification of AI generated output, establish a role for this access and allow changes only by authorized identities.

IAM-19: Agent Access Restriction

Restrict agents' access to the tools and plugins necessary for the activity or use case at hand, ensuring adherence to the principles of need-to-know and least privilege.

IPY-01: Interoperability and Portability Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for interoperability and portability includingrequirements for:a. Communications between application interfacesb. Information processing interoperabilityc. Application development portabilityd. Information/Data exchange, usage, portability, integrity, and persistenceReview and update the policies and procedures at least annually or upon significant changes.

IPY-02: Application Interface Availability

Provide application interface(s) to AICs so that they programmatically retrieve their data to enable interoperability and portability.

IPY-03: Secure Interoperability and Portability Management

Implement cryptographically secure and standardized network protocolsfor the management, import and export of data, according to industry standards.

IPY-04: Data Portability Contractual Obligations

Agreements must include provisions specifying AICs access to dataupon contract termination and will include:a. Data formatb. Length of time the data will be storedc. Scope of the data retained and made available to the AICsd. Data deletion policy

LOG-01: Logging and Monitoring Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for logging and monitoring. Review and update the policies and procedures at least annually, or upon significant changes.

LOG-02: Audit Logs Protection

Define, implement and evaluate processes, procedures and technical measures to ensure the security and retention of audit logs.

LOG-03: Security Monitoring and Alerting

Identify and monitor security-related events within applications, the underlying infrastructure, supply chain, and consider logging other events based on risk evaluation. Define and implement a system to generate alerts to responsible stakeholders based on such events and corresponding metrics.

LOG-04: Audit Logs Access and Accountability

Restrict access to audit logs and maintain records of access to logs.

LOG-05: Audit Logs Monitoring and Response

Monitor security audit logs to detect activity outside of typical or expected patterns. Establish and follow a defined process to review and take appropriate and timely actions on detected anomalies.

LOG-06: Clock Synchronization

Use a reliable time source across all relevant information processing systems.

LOG-07: Logging Scope

Establish, document and implement which information meta/data system events should be logged. Review and update the scope at least annually or whenever there is a change in the threat environment.

LOG-08: Log Records

Generate audit records containing relevant security information.

LOG-09: Log Protection

Protect audit records from unauthorized access, modification, and deletion.

LOG-10: Encryption Monitoring and Reporting

Establish and maintain a monitoring and internal reporting capability over the operations of cryptographic, encryption and key management policies, processes, procedures, and controls.

LOG-11: Transaction / Activity Logging

Log and monitor key lifecycle management events to enable auditing and reporting on usage of cryptographic keys.

LOG-12: Access Control Logs

Monitor and log physical access using an auditable access control system.

LOG-13: Failures and Anomalies Reporting

Define, implement and evaluate processes, procedures and technical measures for the reporting of anomalies and failures of the monitoring system and provide immediate notification to the accountable party.

LOG-14: Input Monitoring

Log and monitor all input events (content and metadata) to enable auditing and reporting on the usage of AI models.

LOG-15: Output Monitoring

Log and monitor all output events (content and metadata) to enable auditing and reporting on usage of AI models.

MDS-01: Training Pipeline Security

Define, implement, and evaluate policies, procedures, and technical measures that ensure the security of the Training Pipeline. Regularly review and update policies, procedures and technical measures to address new security threats and best practices.

MDS-02: Model Artifact Scanning

Define, implement, and evaluate policies, procedures, and technical measures for the scanning of model artifacts for vulnerabilities and attacks, at each step of the service lifecycle and at each hand over point. Regularly review and update policies, procedures and technical measures to address model artifact scanning.

MDS-03: Model Documentation

Define, implement, enforce, approve, document, communicate, maintain and evaluate processes and procedures for model documentation.Regularly review and update the model documentation.

MDS-04: Model Documentation Requirements

Establish and implement baseline requirements for Model documentation.

MDS-05: Model Documentation Validation

Define, implement, and evaluate processes, procedures, and technical measures for the validation of the Model documentation aligned with the current model.

MDS-06: Adversarial Attack Analysis

Define, implement, and evaluate processes and technical measures to assess adversarial threats specific to each AI model.

MDS-07: Robustness against Adversarial Attack / Model Hardening

Define, implement, and evaluate processes, procedures, and technicalmeasures for Model Hardening to mitigate relevant adversarial attacks as identified in the Threat Analysis and Adversarial Threat Analysis.

MDS-08: Model Integrity Checks

Regularly calculate and compare checksums using cryptographic hashes of model checkpoints to detect unauthorized modifications. Apply at least annually based on the level of risk, or after any change of hands.

MDS-09: Model Signing/Ownership Verification

Sign models cryptographically and verify signatures to ensure model provenance and ownership, any time the model changes hands or is loaded from storage.

MDS-10: Model Continuous Monitoring

Define, implement, and evaluate processes, procedures, and technical measures for continuous monitoring of model performance metrics over time to identify sudden shifts or unexpected changes in predictions that could degrade model performance.

MDS-11: Model Failure

Perform a risk-based evaluation of the model and model serving infrastructure for model failure.Define and implement measures to mitigate model and model serving infrastructure failures, and regularly evaluate throughout the AI system's lifecycle.

MDS-12: Open Model Risk Assessment

Establish a process to evaluate risk associated with open models. Periodically review these risk factors, and implement a process to monitor and mitigate any determined vulnerabilities.

MDS-13: Secure Model Format

Adopt secure model formats and processes for AI model serialization where applicable.

SEF-01: Security Incident Management Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintainpolicies and procedures for Security Incident Management, E-Discovery, and Forensics. Review and update the policies and procedures at least annually or upon significant changes.

SEF-02: Service Management Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the timely management of security incidents. Review and update the policies and procedures at least annually, or upon significant changes.

SEF-03: Incident Response Plans

Establish, document, approve, communicate, apply, evaluate and maintain a security incident response plan, which includes but is not limited to: a communication strategy for notifying relevant internal departments, impacted AICs, and other business critical relationships (such as supply-chain) that may be impacted.

SEF-04: Incident Response Testing

Follow a structured approach to evaluate the effectiveness of incident response plans at planned intervals or upon significant changes.

SEF-05: Incident Response Metrics

Establish, monitor and report information security incident metrics.

SEF-06: Event Triage Processes

Define, implement and evaluate processes, procedures and technical measures supporting business processes to triage security-related events.

SEF-07: Security Breach Notification

Define and implement, processes, procedures and technical measuresfor security breach notifications. Report material security breaches and assumed security breaches including any relevant supply chain breaches, as per applicable SLAs, laws and regulations.

SEF-08: Points of Contact Maintenance

Maintain points of contact for applicable regulation authorities,national and local law enforcement, and other legal jurisdictional authorities. Review and update the points of contact at least annually.

SEF-09: Incident Response

Define incident categories and severity levels for AI systems, and determine response procedures for each, including automated response where applicable.

STA-01: Supply Chain Risk Management Policies and Procedures

Establish, document, approve, communicate, apply, evaluate, and maintain policies and procedures for supply chain risk management. Review and update the policies and procedures at least annually or upon significant changes.

STA-02: SSRM Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the application of the Shared Security Responsibility Model (SSRM) within the organization. Review and update the policies and procedures at least annually, or upon significant changes.

STA-03: SSRM Supply Chain

Apply, document, implement and manage the SSRM throughout the supply chain.

STA-04: SSRM Guidance

Provide SSRM Guidance to the Customer detailing information about theSSRM applicability throughout the supply chain.

STA-05: SSRM Control Ownership

Delineate the shared ownership and applicability of all CSA AICM controls according to the SSRM.

STA-06: SSRM Documentation Review

Review and validate SSRM documentation.

STA-07: SSRM Control Implementation

Implement, operate, and audit or assess the portions of the SSRM which the organization is responsible for.

STA-08: Supply Chain Inventory

Develop and maintain an inventory of all supply chain relationships.

STA-09: Supply Chain Risk Management

Periodically review risk factors associated with supply chain relationships.

STA-10: Primary Service and Contractual Agreement

Service agreements must incorporate at least the following mutually-agreed upon provisions and/or terms: • Scope, characteristics and location of business relationship and services offered • Information security requirements (including SSRM) • Change management process • Logging and monitoring capability • Incident management and communication procedures • Right to audit and third party assessment • Service termination • Interoperability and portability requirements • Data privacy

STA-11: Supply Chain Agreement Review

Review supply chain agreements at least annually, or upon significant changes.

STA-12: Supply Chain Compliance Assessment

Define and implement a process for conducting internal assessments to confirm conformance and effectiveness of standards, policies, procedures, and service level agreement activities at least annually.

STA-13: Supply Chain Service Agreement Compliance

Implement policies requiring all service providers throughout the supply chain to comply with information security, confidentiality, access control, privacy, audit, personnel policy and service level requirements and standards.

STA-14: Supply Chain Governance Review

Periodically review the organization's supply chain partners' IT governance policies and procedures.

STA-15: Supply Chain Data Security Assessment

Define and implement a process for conducting security assessments periodically for all organizations within the supply chain.

STA-16: Service Bill of Material (BOM)

Define, implement, and enforce a process for establishing a Bill of Material for the service supply chain. Review and update the Bill of Material at least annually or upon significant changes.

TVM-01: Threat and Vulnerability Management Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures to identify, report and prioritize the remediation of vulnerabilities and threats, in order to protect systems against vulnerability exploitation. Review and update the policies and procedures at least annually or upon significant changes.

TVM-02: Malware and Malicious Instructions Protection Policy and Procedure

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures to protect against malware and malicious instructions. Review and update the policies and procedures at least annually or upon significant changes.

TVM-03: Vulnerability Remediation Schedule

Define, implement and evaluate processes, procedures and technical measures to enable both scheduled and emergency responses to vulnerability identifications, based on the identified risk.

TVM-04: Detection Updates

Define, implement and evaluate processes, procedures and technical measures to update detection tools, threat signatures, and indicators of compromise on a weekly, or more frequent basis.

TVM-05: External Library Vulnerabilities

Define, implement and evaluate processes, procedures and technical measures to identify updates for applications which use third party or open-source libraries according to the organization's vulnerability management policy.

TVM-06: Penetration Testing

Define, implement and evaluate processes, procedures and technicalmeasures for the periodic performance of penetration testing by independentthird parties.

TVM-07: Vulnerability Remediation Schedule

Define, implement and evaluate processes, procedures and technical measures based on identified risks to support scheduled and emergency responses to vulnerability identification.

TVM-08: Vulnerability Prioritization

Use a risk-based model for effective prioritization of vulnerabilityremediation using an industry recognized framework.

TVM-09: Vulnerability Management Reporting

Define and implement a process for tracking and reporting vulnerabilityidentification and remediation activities that includes stakeholder notification.

TVM-10: Vulnerability Management Metrics

Establish, monitor and report metrics for vulnerability identificationand remediation at defined intervals.

TVM-11: Guardrails

Define and implement processes, procedures and technical measures to apply guardrails to the AI system. Continuously evaluate guardrails for changes in regulatory requirements and risk scenarios.

TVM-12: Threat Analysis and Modeling

Define implement and evaluate threat analysis process and procedures to identify, assess and review the threat landscape for Cloud and AI systems. Build threat models according to industry best practices to inform the risk mitigation strategy.

TVM-13: Threat Response

Use a risk-based method for the prioritization and mitigation of threats, leveraging an industry-recognized framework to guide threat decision-making and protection measures.

UEM-01: Endpoint Devices Policy and Procedures

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for all endpoints. Review and update the policies and procedures at least annually or uponsignificant system changes.

UEM-02: Application and Service Approval

Define, document, apply and evaluate a list of approved services, applications and sources of applications (stores) acceptable for use by endpoints when accessing or storing organization-managed data.

UEM-03: Compatibility

Define and implement a process for the validation of the endpoint device's compatibility with operating systems and applications.

UEM-04: Endpoint Inventory

Maintain an inventory of all endpoints used to store and process company data.

UEM-05: Endpoint Management

Define, implement and evaluate processes, procedures and technical measures to enforce policies and controls for all endpoints permitted to acces ssystems and/or store, transmit, or process organizational data.

UEM-06: Automatic Lock Screen

Configure all relevant interactive-use endpoints to require an automaticlock screen.

UEM-07: Operating Systems

Manage changes to endpoint operating systems, patch levels, and/orapplications through the company's change management processes.

UEM-08: Storage Encryption

Protect information from unauthorized disclosure on managed endpoint devices with storage encryption.

UEM-09: Anti-Malware Detection and Prevention

Configure managed endpoints with anti-malware detection and prevention technology and services.

UEM-10: Software Firewall

Configure managed endpoints with properly configured software firewalls.

UEM-11: Data Loss Prevention

Configure managed endpoints with Data Loss Prevention (DLP) technologiesand rules in accordance with a risk assessment.

UEM-12: Remote Locate

Enable remote geo-location capabilities for all managed mobile endpoints, according to all applicable laws and regulations.

UEM-13: Remote Wipe

Define, implement and evaluate processes, procedures and technicalmeasures to enable the deletion of company data remotely on managed endpointdevices.

UEM-14: Third-Party Endpoint Security Posture

Define, implement and evaluate processes, procedures and technicaland/or contractual measures to maintain proper security of third-party endpointswith access to organizational assets.