DCS-03Cloud-Specific

Secure Area Policy and Procedures

Specification

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for maintaining a safe and secure working environment in offices, rooms, and facilities. Review and update the policies and procedures at least annually, or upon significant changes.

Threat coverage

Model manipulation

Data poisoning

Sensitive data disclosure

Model theft

Model/Service Failure

Insecure supply chain

Insecure apps/plugins

Denial of Service

Loss of governance

Architectural relevance

Physical infrastructure

Network

Compute

Storage

Application

Data

Lifecycle

Preparation

Data storage, Resource provisioning, Team and expertise

Development

Not applicable

Evaluation

Not applicable

Deployment

Orchestration, AI Services supply chain

Delivery

Operations, Maintenance

Retirement

Archiving, Data deletion, Model disposal

Ownership / SSRM

Owned by the Cloud Service Provider (CSP)

The Cloud Service Provider (CSP) is responsible for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with cloud computing (processing, storage, and networking) technologies in the context of the services or products they develop and offer. The CSP is responsible and accountable for implementing the control within its own infrastructure/environment. The CSP is responsible for enabling the customer and/or upstream partner to implement/configure the control within their risk management approach. The CSP is accountable for ensuring that its providers upstream implement the control related to the service/product developed and offered by the CSP.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Shared Model Provider-Orchestrated Service Provider (Shared MP-OSP)

The MP and OSP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Application

Shared Orchestrated Service Provider-Application Provider (Shared OSP-AP)

The OSP and AP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Implementation guidelines

[All Actors except AIC]
1. Providers should ensure that they have documented, approved, communicated, applied, evaluated and maintained policies and procedures for maintaining a safe and secure working environment in offices, rooms, and facilities that processes data for models or inference tasks. These include but not limited to the procedures listed for the CSP.

Auditing guidelines

1. Examine the organization's policy and procedures related to physical areas under the organization's control.

2. Determine if policy has been approved, communicated, and reviewed.

Standards mappings

ISO 42001Partial Gap

42001: A.2.2 AI Policy
42001: A.2.3 Alignment with other organizational policies
42001: A.2.4 Review of the AI Policy
27001: 5.1 Leadership and Commitment
27001: 5.2 Policy
27001: 7.3 Awareness
27001: 7.4 Communication
27001: 7.5 (7.5.1 to 7.5.3) Documentation Information
27001: 9.1 Monitoring
measurement
analysis and evaluation
27001: 9.3 Management review
27001: A.5.1 Policies for information security
27001: A.5.4 Management responsibilities
27001: A.7.1 Physical security perimeters
27001: A.7.2 Physical entry
27001: A.7.1 Securing offices
rooms and facilities
27001: A.7.4 Physical security monitoring
27002: 7.1 Physical Security perimeters
27002: 7.2 Physical entry
27002: 7.3 Securing offices
rooms and facilities
27002: 7.4 Physical security monitoring

Addendum

Include dedicated, enforceable controls for physical security of AI environments, including: Physical perimeters and entry controls Office and facility security measures Monitoring and surveillance Formal lifecycle reviews of these controls

EU AI ActFull Gap

No Mapping

Addendum

The AICM DCS-03 control is not covered in the EU AI Act

NIST AI 600-1Full Gap

No Mapping

Addendum

No controls are established to create policies and procedures for maintaining a safe and secure working environment that includes offices, rooms, and facilities.

BSI AIC4No Gap

AM-02
PS-01

Addendum

N/A

AI-CAIQ questions (2)

DCS-03.1

Are policies and procedures for maintaining a safe and secure working environment (in offices, rooms, and facilities) established, documented, approved, communicated, applied, evaluated and maintained?

DCS-03.2

Are policies and procedures for maintaining safe, secure working environments (e.g., offices, rooms, and facilities) reviewed and updated at least annually, or upon significant changes?