GRC-09AI-Specific

Acceptable Use of the AI Service

Specification

Define, document and enforce policies and procedures on the acceptable use of AI services offered by the organization. Ensure effectiveness by continuous risk assessments, reviews and human oversight.

Threat coverage

Model manipulation

Data poisoning

Sensitive data disclosure

Model theft

Model/Service Failure

Insecure supply chain

Insecure apps/plugins

Denial of Service

Loss of governance

Architectural relevance

Physical infrastructure

Network

Compute

Storage

Application

Data

Lifecycle

Preparation

Resource provisioning, Data collection

Development

Design, Guardrails

Evaluation

Re-evaluation, Validation/Red Teaming

Deployment

Orchestration, AI Services supply chain

Delivery

Continuous improvement, Continuous monitoring, Operations, Maintenance

Retirement

Data deletion, Archiving

Ownership / SSRM

Owned by the Customer (AIC)

The Customer (AIC) is responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies services or products they consume.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Owned by the Orchestrated Service Provider (OSP)

The Orchestrated Service Provider (OSP) is responsible for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer. The OSP is responsible and accountable for the implementation of the control within its own infrastructure/environment. If the control has downstream implications on the users/customers, the OSP is responsible for enabling the customer and/or upstream partner in the implementation/configuration of the control within their risk management approach. The OSP is accountable for ensuring that its providers upstream (e.g MPs) implement the control as it relates to the service/product the develop and offered by the OSP. This refers to entities that create the technical building blocks and management tools that enable AI implementation. This can include platforms, frameworks, and tools that facilitate the integration, deployment, and management of AI models within enterprise workflows. These providers focus on model orchestration and offer services like API access, automated scaling, prompt management, workflow automation, monitoring, and governance rather than end-user functionality or raw infrastructure. They help businesses implement AI in a structured and efficient manner. Examples: AWS, Azure, GCP, OpenAI, Anthropic, LangChain (for AI workflow orchestration), Anyscale (Ray for distributed AI workloads), Databricks (MLflow), IBM Watson Orchestrate, and developer platforms like Google AI Studio.

Application

Owned by the Customer (AIC)

Implementation guidelines

[All Actors]
1. Define and enforce a formal Acceptable Use Policy (AUP) for AI systems and services.

2. Specify prohibited use cases (e.g., surveillance, hate speech, deepfakes) and high-risk applications requiring pre-approval.

3. Clarify acceptable interaction boundaries for users, developers, and third-party integrations.

4. Ensure the AUP is accessible, legally reviewed, and referenced in user onboarding,  API usage, and contracts.

5. Establish enforcement mechanisms for violations, including logging, suspension, and escalation protocols.

Auditing guidelines

1. Examine the AI Acceptable Use Policy for adequacy, currency, and communication to relevant interested parties and users.

2. Verify that the AI Acceptable Use Policy identifies the applicable CSP-operated AI infrastructure and services users subject to these guidelines.

3. Verify that the AI Acceptable Use Policy clearly defines the acceptable and prohibited use of the CSP services, with respect to AI-enabling services, specifying what constitutes acceptable and prohibited use cases as applicable.

4. Verify, through interviews or otherwise, that the policy is communicated to CSP users, and acknowledged as applicable. 

5. Examine policy for evidence of review by policy owner or committee at least annually.

Standards mappings

ISO 42001No Gap

42001: A.9.2 (Processes for responsible use of AI systems)
42001: A.9.3 (Objectives for responsible use of AI system)
42001: A.9.4 (Intended use of the AI system)
42001: B.9.4 (Intended use of the AI system)
42001: B.6.2.6 (AI system operation and monitoring)

Addendum

N/A

EU AI ActPartial Gap

Article 29
Article 52

Addendum

Continuous risk assessments and details of reviews and human oversight.

NIST AI 600-1No Gap

GV-3.2-003
GV-4.1-001

Addendum

N/A

BSI AIC4No Gap

PF-10
SR-01

Addendum

N/A

AI-CAIQ questions (2)

GRC-09.1

Are policies and procedures defined, documented, and enforced for the acceptable use of AI services offered by the organization?

GRC-09.2

Is effectiveness of the acceptable use of AI services policies and procedures evaluated by continuous risk assessments, reviews, and human oversight?