SAIL

/

AI Policy & Safe experimentation (Plan)

/

Unmonitored AI experimentation

1.5

.

Unmonitored AI experimentation

sail
1.5
Risk

Unmonitored AI experimentation

Description

Unauthorized/hidden "shadow" experimentation environments bypass controls, risking regulatory, security, and data exposure.

Example

Data scientist runs LLM playground on personal VM with customer data.

Assets Affected

AI platform

Notebook

Model files

Mitigation
  • Require registration/approval of experiment sandboxes
  • Asset inventory
  • Alert on new/rogue environments
  • Periodic discovery scans
  • Log analysis
Standards Mapping
  • ISO 42001: A.3.2, A.6.1.3
  • NIST AI RMF: GOVERN 1.6, GOVERN 4.3