AICM AtlasCSA AI Controls Matrix
SEF · Security Incident Management, E-Discovery, & Cloud Forensics
SEF-07Cloud & AI Related

Security Breach Notification

Specification

Define and implement, processes, procedures and technical measures for security breach notifications. Report material security breaches and assumed security breaches including any relevant supply chain breaches, as per applicable SLAs, laws and regulations.

Threat coverage

Model manipulation
Data poisoning
Sensitive data disclosure
Model theft
Model/Service Failure
Insecure supply chain
Insecure apps/plugins
Denial of Service
Loss of governance

Architectural relevance

Physical infrastructure
Network
Compute
Storage
Application
Data

Lifecycle

Preparation

Data collection, Data curation, Data storage

Development

Training, Guardrails

Evaluation

Evaluation, Validation/Red Teaming, Re-evaluation

Deployment

Orchestration, AI Services supply chain, AI applications

Delivery

Operations, Maintenance, Continuous monitoring, Continuous improvement

Retirement

Data deletion

Ownership / SSRM

PI

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Model

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Orchestrated

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Application

Shared across the supply chain

Shared control ownership refers to responsibilities and activities related to LLM security that are distributed across multiple stakeholders within the AI supply chain, including the Cloud Service Provider (CSP), Model Provider (MP), Orchestrated Service Provider (OSP), Application Provider (AP), and Customer (AIC). These controls require coordinated actions, communication, and governance across all involved parties to ensure their effectiveness.

Implementation guidelines

[All Actors]
1. Develop a breach notification policy that includes AI-specific data types (e.g., training data, model parameters) and exposure scenarios.

2. Identify breach thresholds that trigger notification obligations based on contractual, regulatory, and operational risk factors.

3. Establish procedures to inform affected stakeholders, including regulators, partners, and customers, within required timeframes.

4. Document the breach timeline, impact, and mitigation steps, and maintain records for audit and legal review.

5. Include AI considerations such as compromised model outputs, unauthorized access to inference APIs, or exposure of proprietary models.

Auditing guidelines

1. Verify CSP documented policies clearly specify requirements for breach notification.

2. Ensure impacted parties are engaged.

3. Confirm procedures comply with applicable legal and regulatory requirements.

4. Confirm the notification procedure provides essential information (e.g., services impacted, instances impacted, regions impacted).

5. Ensure regular testing of breach notification procedures.

6. Confirm documentation of all breach notifications and follow-up actions.

Standards mappings

ISO 42001No Gap
42001: A.8.3
42001: A.8.4
42001: A.8.5
42001: A.10.2
42001: A.10.3
42001: A.10.4
42001: B.8.3
42001: B.8.4
42001: B.8.5
42001: B.10.1
42001: B.10.2
42001: B.10.3
42001: B.10.4
Addendum

N/A

EU AI ActPartial Gap
Article 20
Article 24 (4)
Article 55 (1) (c)
Article 73 (1)
Article 73 (2)
Article 73 (3)
Article 73 (7)
Article 73 (6)
Addendum

Require establishing comprehensive processes for security breach notifications as outlined in SEF-07, particularly regarding coordination with internal and external stakeholders and public communication aspects.

NIST AI 600-1Partial Gap
GV-2.1-001
GV-2.1-002
MG-2.3-001
MG-4.3-002
MG-4.3-003
Addendum

NIST AI 600-1 doesn't reference the SEF-07 topic of security breaches, only incidents.

BSI AIC4No Gap
C4 RE-05
C5 SIM-01
C5 SIM-03
C5 SIM-04
Addendum

N/A

AI-CAIQ questions (2)

SEF-07.1

Are processes, procedures and technical measures for security breach notifications defined and implemented?

SEF-07.2

Are material security breaches and assumed security breaches, including any relevant supply chain breaches, reported as per applicable SLAs, laws and regulations?