SAIL

/

Monitor: AI Activity Tracing & Telemetry

/

Insufficient AI Interaction Logging

7.1

.

Insufficient AI Interaction Logging

sail
7.1
Risk

Insufficient AI Interaction Logging

Description

Failure to comprehensively log AI user/model interactions, queries, or responses, resulting in blind spots for investigation or compliance.

Example

ISO 42001 audit fails due to missing decision-making processes and user interactions

Assets Affected

App Usage log

Model Response

Mitigation
  • Enforce detailed and consistent interaction logging
  • Define log schemas for AI prompts/responses
  • Regularly audit log completeness
Standards Mapping
  • ISO 42001: A.6.2.8, A.8.3
  • NIST AI RMF: MEASURE 3.1, GOVERN 1.5
  • DASF v2: RAW DATA 1.10, MODEL SERVING 10.1