SAIL

/

AI Policy & Safe experimentation (Plan)

/

Inadequate Compliance Mapping

1.3

.

Inadequate Compliance Mapping

sail
1.3
Risk

Inadequate Compliance Mapping

Description

Organization fails to identify or map all applicable AI regulations and requirements to policies and controls.

Example

Company misses EU AI Act requirements for high-risk AI systems, facing regulatory penalties.

Assets Affected

AI Policy

Compliance docs

Risk register

Mitigation
  • Regulatory monitoring
  • Compliance matrix
  • Legal consultation
  • Automated regulation tracking
  • Periodic gap analysis
Standards Mapping
  • ISO 42001: 4.1, 4.2
  • NIST AI RMF: GOVERN 1.1, MAP 1.1
  • DASF v2: PLATFORM 12.6