SAIL

/

AI Policy & Safe experimentation (Plan)

/

Inadequate AI Policy

1.1

.

Inadequate AI Policy

sail
1.1
Risk

Inadequate AI Policy

Description

AI policy lacks critical elements or hasn't been updated to reflect current AI capabilities, regulations, or organizational changes.

Example

AI policy missing production deployment guidelines, leading to unsafe model releases without required safety checks

Assets Affected

AI Policy

AI App

AI platform

3rd-party AI integration

Mitigation
  • Regular policy review cycles
  • Map to current regulations
  • Include emerging AI tech
  • Stakeholder feedback loops
  • Version control
Standards Mapping
  • ISO 42001: A.2.2, A.2.4
  • NIST AI RMF: GOVERN 1.2, GOVERN 1.4
  • DASF v2: