AICM AtlasCSA AI Controls Matrix
DCS · Datacenter Security
DCS-04Cloud-Specific

Secure Media Transportation Policy and Procedures

Specification

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the secure transportation of physical media. Review and update the policies and procedures at least annually, or upon significant changes.

Threat coverage

Model manipulation
Data poisoning
Sensitive data disclosure
Model theft
Model/Service Failure
Insecure supply chain
Insecure apps/plugins
Denial of Service
Loss of governance

Architectural relevance

Physical infrastructure
Network
Compute
Storage
Application
Data

Lifecycle

Preparation

Data storage

Development

Not applicable

Evaluation

Not applicable

Deployment

AI Services supply chain

Delivery

Not applicable

Retirement

Archiving

Ownership / SSRM

PI

Owned by the Cloud Service Provider (CSP)

The Cloud Service Provider (CSP) is responsible for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with cloud computing (processing, storage, and networking) technologies in the context of the services or products they develop and offer. The CSP is responsible and accountable for implementing the control within its own infrastructure/environment. The CSP is responsible for enabling the customer and/or upstream partner to implement/configure the control within their risk management approach. The CSP is accountable for ensuring that its providers upstream implement the control related to the service/product developed and offered by the CSP.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Shared Model Provider-Orchestrated Service Provider (Shared MP-OSP)

The MP and OSP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Application

Shared Orchestrated Service Provider-Application Provider (Shared OSP-AP)

The OSP and AP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Implementation guidelines

[All Actors Except AIC]
1. Providers should ensure that they have  document, approve, communicate, apply, evaluate and maintain policies and procedures for secure transportation of media that processes data for models or inference tasks. 

2. Implement Physical protection standards for transfer of media. 

3. Design/Implement procedural safeguards/steps in place to authorize and verify such transfers, with separation of duties of personnel involved.

Auditing guidelines

1. Examine the organization's policy and procedures for secure transportation of physical media.

2. Determine if policy has been approved, communicated, and reviewed.

Standards mappings

ISO 42001Partial Gap
42001: A.2.3 Alignment with other organizational policies
42001: A.4.2 Resource Documentation
27001: 5.1 Leadership and Commitment
27001: 5.2 Policy
27001: 7.3 Awareness
27001: 7.4 Communication
27001: 7.5 (7.5.1 to 7.5.3) Documentation Information
27001: 9.1 Monitoring
measurement
analysis and evaluation
27001: 9.3 Management review
27001: A.5.1 Policies for information security
27001: A.5.4 Management responsibilities
27001: A.5.14 Information Transfer
27001: A.5.36 Compliance with policies
rules and standards for
information security
27001: A.5.37 Documented operating procedures
27001: A.7.10 - Storage media
27002: 5.1 - Policies for Information Security
27002: 5.14 - Information transfer
27002: 5.36 Compliance with policies
rules and standards for
information security
27002: 5.37 Documented Operating procedures
27002: 7.10 Storage Media
27002: 7.9 – Equipment security
Addendum

Include a dedicated control on physical media transportation and handling (mirroring 27001 A.7.10 / 27002 7.10) Operational-level guidance on securing physical AI-related data in transit Review and monitoring expectations for these procedures.

EU AI ActPartial Gap
Article 9 (Risk Management)
Article 15
Addendum

Require: Documented and approved policies for secure transportation of physical media containing data relevant to high-risk AI systems, procedures communicated to staff and applied in practice, periodic (at least annual) review and update of these policies, and integration into risk management and technical documentation.

NIST AI 600-1Partial Gap
GV-4.1-003
Addendum

This is mostly interpretation of the AICM control specification, where the "secure transportation" requirement can be interpreted as a supply chain process. NIST AI 600-1 does not cover the DCS-04 topic of a policy specifically for transportation of physical media nor any annual review of policies.

BSI AIC4No Gap
AM-02
Addendum

N/A

AI-CAIQ questions (2)

DCS-04.1

Are policies and procedures for the secure transportation of physical media established, documented, approved, communicated, applied, evaluated, and maintained?

DCS-04.2

Are policies and procedures for the secure transportation of physical media reviewed and updated at least annually, or upon significant changes?