AICM AtlasCSA AI Controls Matrix
IAM · Identity & Access Management
IAM-02Cloud & AI Related

Strong Password Policy and Procedures

Specification

Establish, document, approve, communicate, implement, apply, evaluate and maintain strong password policies and procedures. Review and update the policies and procedures at least annually.

Threat coverage

Model manipulation
Data poisoning
Sensitive data disclosure
Model theft
Model/Service Failure
Insecure supply chain
Insecure apps/plugins
Denial of Service
Loss of governance

Architectural relevance

Physical infrastructure
Network
Compute
Storage
Application
Data

Lifecycle

Preparation

Data collection, Data storage, Team and expertise

Development

Design, Supply Chain

Evaluation

Evaluation, Validation/Red Teaming

Deployment

Orchestration, AI Services supply chain, AI applications

Delivery

Operations, Maintenance, Continuous improvement

Retirement

Archiving, Data deletion, Model disposal

Ownership / SSRM

PI

Shared Cloud Service Provider-Model Provider (Shared CSP-MP)

The CSP and MP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Owned by the Orchestrated Service Provider (OSP)

The Orchestrated Service Provider (OSP) is responsible for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer. The OSP is responsible and accountable for the implementation of the control within its own infrastructure/environment. If the control has downstream implications on the users/customers, the OSP is responsible for enabling the customer and/or upstream partner in the implementation/configuration of the control within their risk management approach. The OSP is accountable for ensuring that its providers upstream (e.g MPs) implement the control as it relates to the service/product the develop and offered by the OSP. This refers to entities that create the technical building blocks and management tools that enable AI implementation. This can include platforms, frameworks, and tools that facilitate the integration, deployment, and management of AI models within enterprise workflows. These providers focus on model orchestration and offer services like API access, automated scaling, prompt management, workflow automation, monitoring, and governance rather than end-user functionality or raw infrastructure. They help businesses implement AI in a structured and efficient manner. Examples: AWS, Azure, GCP, OpenAI, Anthropic, LangChain (for AI workflow orchestration), Anyscale (Ray for distributed AI workloads), Databricks (MLflow), IBM Watson Orchestrate, and developer platforms like Google AI Studio.

Application

Shared Application Provider-AI Customer (Shared AP-AIC)

The AP and AIC both share responsibility and accountability for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they offer and consume.

Implementation guidelines

[All Actors]
Responsible for establishing strong password policies and procedures that include:
1. Authentication Standards: Establish requirements for password complexity, length, history, and expiration.

2. Brute-force Attack Prevention: Use brute-force attack prevention mechanisms based on rate limiting and progressive delays (e.g., account lockout after a specified number of failed login attempts).

3. Password Protection: Use password protection using strong storage and in transit encryption, utilizing secure hashing algorithms with regular updates and salting, and conducting periodic assessments and updates of encryption practices aligned with industry standards.

4. Credential management tools: Leverage credential management tools (e.g., hardware security modules or encrypted credential vaults) to store and protect passwords and keys.

5. Password Rotation: Define and enforce password rotation requirements for all identities within AI development and operations environments, taking into account specialized accounts such as service accounts used by AI frameworks.

6. Password Reset: Define a secure password reset process to prevent unauthorized access in case of forgotten passwords.

7. Password Recovery: Define a secure process for password recovery that includes verification steps to prevent unauthorized access.

8. Multi-Factor Authentication (MFA): Use multi-factor authentication to add an extra layer of security in addition to passwords.

9. Approval: Establish an approval process for any changes or modifications to the IAM policy and procedures, including a documented record.

10. Maintenance and Reviews: Conduct reviews on password policies and procedures documentation at least annually to ensure alignment with evolving security landscape, regulations, and risks.

11. Short-Lived Credentials: Prioritize using short-lived secrets and automatic rotation of credentials where possible to reduce management overhead and minimize impact of leaked credentials.

12. Policy Communication: Ensure password policies are clearly documented and effectively communicated to all relevant stakeholders.

Auditing guidelines

1. Confirm enforcement of enterprise-grade password policies for IAM services.

2. Validate built-in tools support policy configuration (e.g., expiration, complexity).

3. Ensure passwords used in CLI/API access follow secure storage practices.

4. Check whether CSP customers are notified of non-compliance with password policy.

5. Review documentation showing integration of password policies into account provisioning workflows.

From CCM:
1. Examine policy and/or procedures related to passwords to determine if minimum password complexity requirements are defined.
2. Determine if the organization enforces minimum password complexity requirements as defined in policy.
3. Examine policy and procedures for evidence of review at least annually.

Standards mappings

ISO 42001No Gap
42001: A.2.3 - Alignment with other organizational policies
42001: A.2.4 - Review of the AI policy
27001: A.5.1 - Policies for information security
27001: A.5.17 - Authentication information
Addendum

N/A

EU AI ActPartial Gap
Annex IV,
Article 8,
Article 9,
Article 15
Addendum

Mandatory strong password standards. Annual review and update of password policies. Authentication controls for staff/admins. Password lifecycle or approval processes.

NIST AI 600-1Full Gap
No Mapping
Addendum

No explicit reference to password policies and procedures is made in the NIST AI 600-1 standard.

BSI AIC4No Gap
C4 PC-02
C5 IDM-01
C5 IDM-02
Addendum

N/A

AI-CAIQ questions (2)

IAM-02.1

Are strong password policies and procedures established, documented, approved, communicated, implemented, applied, evaluated, and maintained?

IAM-02.2

Are strong password policies and procedures reviewed and updated at least annually?