HRS-02Cloud & AI Related

Acceptable Use of Technology Policy and Procedures

Specification

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for defining allowances and conditions for the acceptable use of organizationally-owned or managed assets. Review and update the policies and procedures at least annually.

Threat coverage

Model manipulation

Data poisoning

Sensitive data disclosure

Model theft

Model/Service Failure

Insecure supply chain

Insecure apps/plugins

Denial of Service

Loss of governance

Architectural relevance

Physical infrastructure

Network

Compute

Storage

Application

Data

Lifecycle

Preparation

Team and expertise

Development

Supply Chain

Evaluation

Not applicable

Deployment

AI Services supply chain

Delivery

Not applicable

Retirement

Not applicable

Ownership / SSRM

Shared Cloud Service Provider-Model Provider (Shared CSP-MP)

The CSP and MP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Shared Cloud Service Provider-Model Provider (Shared CSP-MP)

Application

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Implementation guidelines

[Applicable to all actors]
1. Define and Document Policies: Develop clear acceptable use guidelines covering permissible data inputs and outputs, training sets, algorithmic operations, and deployment practices. Incorporate ethical principles (fairness, transparency, bias prevention) and comply with relevant legal and regulatory requirements.

2. Align with External Provider Requirements: Integrate AI service provider policies into internal acceptable use standards, ensuring consistent rules for data handling, model usage, and system integration.

3. Communicate and Train: Communicate policies to all teams and stakeholders. Provide regular training on safe and appropriate AI use, data handling practices, and potential risk mitigation strategies.

4. Oversight and Monitoring: Assign compliance oversight responsibilities and deploy monitoring tools (e.g., usage logs, anomaly detection) to ensure adherence to acceptable use guidelines.

5. Periodic Review and Update: Review and update acceptable use policies at least annually, or when significant changes occur in technology or regulation. Gather input from stakeholders to refine and improve policy scope.

Auditing guidelines

1. Policy Establishment and Documentation: Verify that the CSP has established and documented two distinct AUPs, an internal AUP for employees and contractors, addressing acceptable and prohibited use of customer environments and data, and a published AUP for customers, defining acceptable and prohibited use of CSP services and infrastructure by tenants.

2. Policy Communication and Acknowledgement: Confirm that the internal AUP is communicated to all CSP employees and contractors, with signed acknowledgements retained. Verify that the customer‑facing AUP is published and easily accessible to all customers (e.g., through terms of service, portal links).

3. Content of the Internal AUP: Verify that the internal AUP explicitly prohibits unauthorized access to or use of customer environments, data, or resources; unauthorized changes to customer configurations or services; and disclosure of sensitive customer information. Confirm the AUP defines consequences for violations and outlines escalation and reporting procedures.

4. Content of the Customer‑Facing AUP: Verify that the customer‑facing AUP explicitly prohibits use of CSP services for illegal or prohibited activities, abuse of resources (e.g., unauthorized crypto‑mining, spamming, denial‑of‑service attacks), and launching attacks or unauthorized access attempts originating from the customer’s tenancy. Confirm the AUP clearly defines enforcement actions (e.g., suspension or termination of services for violations).

5. Monitoring and Enforcement: Verify that monitoring mechanisms are in place to detect violations of both the internal and customer‑facing AUPs. Ensure that documented procedures exist to investigate violations, notify relevant parties, and apply corrective actions.

6. Periodic Review and Maintenance: Confirm that both the internal and customer‑facing AUPs are reviewed and updated at least annually, or after significant changes to services, laws, or customer expectations. Verify that evidence of review and approval is maintained.

From CCM:
1. Examine policy for adequacy, currency, communication, and effectiveness.
2. Verify that a definition of organizationally-owned or managed assets exists, and is implemented.
3. Verify, through interviews or otherwise, that the policy is communicated to users.
4. Examine policy and procedures for evidence of review at least annually.

Standards mappings

ISO 42001No Gap

42001: A.2.2 AI Policy
42001: A.2.3 Alignment with other organizational policies
42001: A.2.4 Review of AI Policy
27001: 5.1 Leadership and commitment
27001: 5.2 Policy
27001: 7.3 Awareness
27001: 7.4 Communication
27001: 7.5 Documented Information
27001: 9.1 Monitoring
measurement
analysis and evaluation
27001: 9.3 Management Review
27001: A.5.1 Policies for information security
27001: A.5.4 Management responsibilities
27001: A.5.10 Acceptable use of information and other associated assets
27001: A.5.37 Documented operating procedures
27002: 5.1 Policies for information security
27002: 5.4 Management responsibilities
27002: 5.10 Acceptable use of information and other associated assets
27002: 5.37 Documented operating procedures

Addendum

N/A

EU AI ActPartial Gap

Article 53 (1)
Annex XI
Annex XII

Addendum

Coverage on organization-wide policies on acceptable use of managed assets, and requirements for communication, role-based enforcement, and annual review cycles.

NIST AI 600-1No Gap

GV-6.1-010
GV-1.4-002
GV-3.2-003
GV-1.3-004
A.1.2

Addendum

N/A

BSI AIC4No Gap

HR-02
AM-05

Addendum

N/A

AI-CAIQ questions (2)

HRS-02.1

Are policies and procedures for defining allowances and conditions for the acceptable use of organizationally-owned or managed assets established, documented, approved, communicated, applied, evaluated, and maintained?

HRS-02.2

Are the policies and procedures for defining allowances and conditions for the acceptable use of organizationally-owned or managed assets reviewed and updated at least annually?