1) AI Governance and Programme Management

A. Stakeholder considerations, industry frameworks, and regulatory requirements

• Organisational structure and overall governance

• Roles and responsibilities

• Charter and steering committee

• Identifying stakeholders

• Risk appetite and tolerance

• Frameworks, standards, and regulations; selecting appropriate frameworks

• Business and use cases for AI

• Privacy considerations

B. AI-related strategies, policies, and procedures

• AI strategy (consumer vs enterprise; buy vs build)

• Policies: responsible use, acceptable use

• Procedures: implementation, manuals

• Ethics

C. AI asset and data lifecycle management

• AI asset and data inventory (inventory management, model cards)

• Data handling, classification, discovery

• Data augmentation and cleaning; storage; protection; destruction

D. AI security programme development and management

• Documented programme plan

• Security team roles, responsibilities, proficiencies

• Alignment to existing information security

• Use of AI-enabled security tools

• Metrics and management (KRIs, KPIs)

• Management reporting

E. Business continuity and incident response

• Detection, notification, classification (criticality/severity)

• Resiliency; Business Continuity Plan

• Compliance “red-button” requirements

• AI-specific incident response playbooks

• Break-glass / go-no-go; authority

• RTO/RPO from an AI perspective

• Disaster recovery; testing

   

2) AI Risk Management
A. AI risk assessment, thresholds, and treatment

• Impact and conformity assessments; PIAs; documentation

• Acceptable risk levels; treatment plans

• KRIs and KPIs for AI use

B. Threats, testing, and assurance

• Penetration testing; vulnerability testing; red teaming

• AI-related vulnerabilities; adversarial threats

• Threat intelligence; AI-enabled attack chains; anomalies; landscape

• Deepfakes; insider threat; AI agents

C. AI vendor and supply-chain management

• Software/library dependencies

• Vendor due diligence and contracts; SLAs; usage

• Accountability models (provider vs deployer)

• Third/fourth/fifth parties; ownership/IP; access controls; liability

• Vendor monitoring for risk/changes

3) AI Technologies and Controls
A. Security architecture and design

• Change management; SDL; secure-by-design

• Securing infrastructure as code

• Data flows; approved base models

• Interconnectivity with architecture

B. AI lifecycle (model selection, training, validation)

• Testing model interconnectivity; linkages between models

• Regression/progression; model testing; TEVV

• Model accuracy testing and evaluation

C. Data management controls

• Data collection and control

• Data poisoning; bias; accuracy

• Data position/possession requirements

D. Privacy, ethical, trust & safety controls

• Explainability; privacy controls (e.g., right to be forgotten, data subject rights)

• Consent; transparency; decision-making; fairness; ethics

• Automated decision-making; human-in-the-loop

• Trust & safety (content moderation); potential harm; environmental impacts

• Data minimisation and anonymisation

E. Security controls and monitoring

• Security-monitoring metrics; selecting/implementing controls

• CSA/self-assessment; control lifecycle; continuous monitoring

• KPIs/KRIs for controls and monitoring; technical controls; threat-controls mapping

• Security awareness training