AICM AtlasCSA AI Controls Matrix
SEF · Security Incident Management, E-Discovery, & Cloud Forensics
SEF-06Cloud & AI Related

Event Triage Processes

Specification

Define, implement and evaluate processes, procedures and technical measures supporting business processes to triage security-related events.

Threat coverage

Model manipulation
Data poisoning
Sensitive data disclosure
Model theft
Model/Service Failure
Insecure supply chain
Insecure apps/plugins
Denial of Service
Loss of governance

Architectural relevance

Physical infrastructure
Network
Compute
Storage
Application
Data

Lifecycle

Preparation

Data storage

Development

Guardrails

Evaluation

Re-evaluation

Deployment

AI Services supply chain, AI applications

Delivery

Operations, Maintenance, Continuous monitoring, Continuous improvement

Retirement

Archiving, Data deletion, Model disposal

Ownership / SSRM

PI

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Shared Model Provider-Orchestrated Service Provider (Shared MP-OSP)

The MP and OSP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Application

Shared Orchestrated Service Provider-Application Provider (Shared OSP-AP)

The OSP and AP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Implementation guidelines

[All Actors]
1. Define a standardized triage playbook to guide classification, prioritization, and routing of security events.

2. Ensure initial triage criteria include impact assessment, asset criticality, threat severity, and confidence score.

3. Automate event enrichment using contextual data (e.g., asset tags, threat intelligence, user behavior) to improve triage accuracy.

4. Align event tagging and prioritization with MITRE ATT&CK, NIST CSF, or equivalent frameworks to drive consistency.

5. Establish centralized coordination between all stakeholder teams (MP, OSP, AP, AIC, CSP) for synchronized triage actions and escalation procedures.

6. Perform regular cross-stakeholder triage simulations and post-mortems to refine playbooks and improve responsiveness.

Auditing guidelines

1. Verify CSP has documented triage procedures clearly define event categorization and prioritization.

2. Confirm triage processes efficiently differentiate between critical and non-critical events for the cloud solution. 

3. Confirm design supports information collection to support triage (e.g., AWS Cloud Trails, AWS Cloud Watch, Microsoft Cloud Defender).

4. Understand triage models from suppliers and partners (e.g., OSP, AP, MP, AIC).

5. Check regular training provided on event triage methods.

6. Ensure continuous improvement through periodic review and update of triage processes.

7. Confirm clear accountability assigned for triaging security events.

Standards mappings

ISO 42001Full Gap
No Mapping for ISO 42001
27001: A.5.25
27001: A.5.26
27002: 5.25
27002: 5.26
Addendum

Require structured triage of AI-related security events, including assessment, classification, and escalation.

EU AI ActFull Gap
No Mapping
Addendum

Include requirement for defining, implementing, and evaluating processes for triaging security-related events.

NIST AI 600-1Partial Gap
GV-2.1-001
GV-2.1-002
Addendum

NIST AI 600-1 does not cover the SEF-06 topic of business processes to triage security-related events specifically.

BSI AIC4No Gap
C4 RE-05
C5 SIM-02
C5 OPS-15
Addendum

N/A

AI-CAIQ questions (1)

SEF-06.1

Are security-related event triage processes, procedures and technical measures supporting business processes, defined, implemented and evaluated? Alternative formulation: Are processes procedures and technical measures supporting business processes to triage security-related events, defined, implemented and evaluated?