AICM AtlasCSA AI Controls Matrix
DSP · Data Security and Privacy Lifecycle Management
DSP-01Cloud & AI Related

Security and Privacy Policy and Procedures

Specification

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the classification, protection, preparation and handling of data throughout its lifecycle, and according to all applicable laws and regulations,standards, and risk level. Review and update the policies and procedures at least annually.

Threat coverage

Model manipulation
Data poisoning
Sensitive data disclosure
Model theft
Model/Service Failure
Insecure supply chain
Insecure apps/plugins
Denial of Service
Loss of governance

Architectural relevance

Physical infrastructure
Network
Compute
Storage
Application
Data

Lifecycle

Preparation

Data curation, Data storage, Team and expertise

Development

Design, Guardrails

Evaluation

Evaluation, Validation/Red Teaming

Deployment

Orchestration, AI Services supply chain

Delivery

Operations, Continuous monitoring, Continuous improvement

Retirement

Data deletion, Model disposal

Ownership / SSRM

PI

Owned by the Customer (AIC)

The Customer (AIC) is responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies services or products they consume.

Model

Owned by the Customer (AIC)

The Customer (AIC) is responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies services or products they consume.

Orchestrated

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Application

Shared Application Provider-AI Customer (Shared AP-AIC)

The AP and AIC both share responsibility and accountability for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they offer and consume.

Implementation guidelines

[All Actors]
1. To include establishing below policies and procedures:

a. Data Governance Framework: Establish roles, responsibilities, and processes for managing data across AI lifecycle.

b. Data Stewardship Policy: Designate data stewards to oversee the quality, integrity, and compliance of data.

c. Data Minimization: AI systems should access only the minimal amount of data necessary to perform their functions, avoiding the storage or use of customer prompts and completions for model retraining.

d. Data Cataloging: Maintain an updated catalog of all data used by AI systems, including storage locations and access details.

e. Data Residency: Offer data residency options to comply with regional data privacy regulations, allowing customers to store their data within specific geographic locations.

f. Data Access Controls: Implement strict access controls to ensure that only authorized users can access sensitive data used in AI systems.

g. Data Lifecycle Management: Define policies to address the AI data lifecycle, including generation, collection, storage and management, processing (data cleaning, transformation, annotation and labeling, integration, and validation), and disposal after a certain period of inactivity.

h. Data Quality Policy: Ensure data integrity, accuracy, and completeness. Regularly audit and clean data to maintain high standards, for example in line with ISO/IEC 5259, ISO 25012 and ISO 8000

i. Transparency and Accountability Policy: Promote transparency in data practices and ensure accountability through regular reporting and audits.

Auditing guidelines

1. Examine the CSP’s policy and procedures related to data security and privacy. 

2. Determine if a framework exists to ensure that the CSP monitors the regulatory and legislative environment for changes applicable to the CSP's data security and privacy policy and procedures. Confirm whether the CSP has documented the roles and responsibilities that support its policy management.

3. Confirm whether the data security and privacy policy addresses the requirement that the CSP’s data is used only for authorized purposes and in compliance with legislation and regulation.

4. Examine if the security and privacy policy and procedures are reviewed and updated annually.

5. Examine documentation to determine if the function responsible for data security and privacy compliance reviews the information to determine whether the CSP complies with current legislation and regulations.

6. Determine if the CSP has a process for approving and communicating the classification, protection, preparation, and handling of data throughout its lifecycle.

7. Evaluate whether third-party security and privacy policies and procedures are considered in the CSP's data security and privacy practices.

8. Verify that policies address the physical and logical protection of data storage systems hosting AI workloads. Verify that policies also describe how encryption, tenant isolation, and data residency controls are applied to physical and logical storage systems.

Standards mappings

ISO 42001No Gap
42001: A.2.2 AI Policy
42001: A.2.4 Review of AI Policy
42001: A.2.3 Alignment with other organizational policies
42001: A.4.3 Data Resources
42001: A.7.2 Data for development and enhancement of AI system
42001: A.7.2 Acquisition of data
27001: 5.1 Policies for information security
27001: 7.3 Awareness
27001: 7.4 Communication
27001: 7.5 Documented Information (7.5.1 to 7.5.3)
27001: 9.1 Monitoring
measurement
analysis and evaluation
27001: 9.3 Management review (9.3.1 to 9.3.3)
27001: A.5.1 Policies for information security
27001: A.5.4 - Management responsibilities
27001: A.5.10 - Acceptable use of information and other associated assets
27001: A.5.12 - Classification of information
27001: A.5.34 - Privacy and protection of personal identifiable information
27001: A.5.37 - Documented operating procedures
27002: 5.1 - Policies for information security
27002: 5.4 - Management responsibilities
27002: 5.10 - Acceptable use of information and other associated assets
27002: 5.12 - Classification of information
27002: 5.34 - Privacy and protection of personal identifiable information
27002: 5.37 - Documented operating procedures
Addendum

N/A

EU AI ActPartial Gap
Article 10
Article 17
Addendum

Annual review requirement and broader data classification aspects not explicitly covered in EU AI Act. Article 10 covers data governance requirements but doesn't specify annual review cycles or comprehensive data classification.

NIST AI 600-1No Gap
GV-1.1-001
GV-1.2-001
GV-4.1-001
MP-2.3-002
MP-4.1-003
Addendum

N/A

BSI AIC4No Gap
COS-08
AM-06
SP-02
AM-02
OPS-10
OPS-11
COM-01
Addendum

N/A

AI-CAIQ questions (2)

DSP-01.1

Are Security and Privacy Policies and Procedures established, documented, approved, communicated, applied, evaluated, and maintained for the classification, protection, preparation, and handling of data throughout its lifecycle, and according to all applicable laws and regulations, standards, and risk level?

DSP-01.2

Are Security and Privacy Policies and Procedures reviewed and updated at least annually?