1. Plan: AI Policy & Safe Experimentation
2. Code/No Code: AI Asset Discovery
3. Build: AI Security Posture Management
4. Test: AI Red Teaming
5. Deploy: Runtime Guardrails
6. Operate: Safe Execution Environment (Sandbox)
7. Monitor: AI Activity Tracing
Risk
Governance Misalignment
Description
AI policy conflicts with or doesn't integrate with existing security, privacy, or data governance policies.
Example
AI policy allows cloud processing while data policy prohibits it, causing compliance violations.
Assets Affected
AI Policy
Data governance docs
Security policies
Mitigation
- Cross-functional policy review
- policy mapping matrix
- integrated governance framework
- regular alignment checks.
Standards Mapping
- ISO: A.2.3
- EU AI Act: Art. 17
- DASF: Governance 4.1, Governance 4.2
- AIUC-1: E010