HITRUST CSF requirement statement [?] (New in v11.4.0, coming in Nov. 2024)
Changes to AI models (including upgrading to new model versions and moving to
completely different models) are consistently
(1) documented,
(2) tested, and
(3) approved
in accordance with the organization’s software change control policy prior to deployment.
- Evaluative elements in this requirement statement [?]
-
1. Changes to AI models (including upgrading to new model versions and moving to completely different models) are consistently documented in accordance with the organization’s software change control policy prior to deployment.
2. Changes to AI models (including upgrading to new model versions and moving to completely different models) are consistently tested in accordance with the organization’s software change control policy prior to deployment.
3. Changes to AI models (including upgrading to new model versions and moving to completely different models) are consistently approved in accordance with the organization’s software change control policy prior to deployment.
- Illustrative procedures for use during assessments [?]
- Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
- Procedure: Examine evidence that written or undocumented procedures exist as defined in the HITRUST scoring rubric. Determine if the procedures and address the operational aspects of how to perform each evaluative element within the requirement statement.
- Implemented: Examine evidence that all evaluative elements within the requirement statement have been implemented as defined in the HITRUST scoring rubric, using a sample based test where possible for each evaluative element. Example test(s):
- For example, select a sample of the AI models change documentation to confirm all changes were documented. Further, confirm that the AI models change documentation includes testing and approval information in accordance with the organization’s software change control policy, prior to deployment.
- For example, select a sample of the AI models change documentation to confirm all changes were documented. Further, confirm that the AI models change documentation includes testing and approval information in accordance with the organization’s software change control policy, prior to deployment.
- Measured: Examine measurements that formally evaluate and communicate the operation and/or performance of each evaluative element within the requirement statement. Determine the percentage of evaluative elements addressed by the organization’s operational and/or independent measure(s) or metric(s) as defined in the HITRUST scoring rubric. Determine if the measurements include independent and/or operational measure(s) or metric(s) as defined in the HITRUST scoring rubric. Example test(s):
- For example, measures indicate percentage of the organization’s AI models that received changes without documentation. Reviews, tests, or audits are completed by the organization to measure the effectiveness of the implemented controls and to confirm that all AI model changes are consistently documented, tested, and approved in accordance with the organization’s software change control policy prior to deployment.
- For example, measures indicate percentage of the organization’s AI models that received changes without documentation. Reviews, tests, or audits are completed by the organization to measure the effectiveness of the implemented controls and to confirm that all AI model changes are consistently documented, tested, and approved in accordance with the organization’s software change control policy prior to deployment.
- Managed: Examine evidence that a written or undocumented risk treatment process exists, as defined in the HITRUST scoring rubric. Determine the frequency that the risk treatment process was applied to issues identified for each evaluative element within the requirement statement.
- Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
- Placement of this requirement in the HITRUST CSF [?]
- Assessment domain: 06 Configuration Management
- Control category: 09.0 – Communications and Operations Management
- Control reference: 09.b – Change Management
- Specific to which parts of the overall AI system? [?]
-
AI platform layer:
- The deployed AI model
- The deployed AI model
- Discussed in which authoritative AI security sources? [?]
-
- ISO/IEC 42001:2023 Information technology — Artificial intelligence — Management system
2023, © International Standards Organization (ISO)/International Electrotechnical Commission (IEC)- Where:
- 8. Operation > Operational planning and control > Paragraph 5
- Annex A > A.6. AI system life cycle > A.6.2.2. AI system requirements and specification
- Annex A > A.6. AI system life cycle > A.6.2.3. Documentation of AI system design and development
- Annex A > A.6. AI system life cycle > A.6.2.4. AI system verification and validation
- Annex A > A.6. AI system life cycle > A.6.2.5. AI system deployment
- Where:
- OWASP AI Exchange
2024, © The OWASP Foundation- Where: #DEVPROGRAM
- Where: #DEVPROGRAM
- Guidelines for Secure AI System Development
Nov. 2023, Cybersecurity & Infrastructure Security Agency (CISA)- Where: 4. Secure operation and maintenance > Follow a secure by design approach to updates
- Where: 4. Secure operation and maintenance > Follow a secure by design approach to updates
- Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems
Apr 2024, National Security Agency (NSA)- Where:
- Continuously protect the AI system > Validate the AI system before and during use > Bullet 3
- Continuously protect the AI system > Validate the AI system before and during use > Bullet 4
- Secure AI operation and maintenance > Update and patch regularly > Bullet 1
- Where:
- Securing Machine Learning Algorithms
2021, © European Union Agency for Cybersecurity (ENISA)- Where: 4.1- Security Controls > Organizational > Apply documentation requirements to AI projects
- Where: 4.1- Security Controls > Organizational > Apply documentation requirements to AI projects
- ISO/IEC 42001:2023 Information technology — Artificial intelligence — Management system
- Discussed in which commercial AI security sources? [?]
-
- Databricks AI Security Framework
Sept. 2024, © Databricks- Where:
- Control DASF 19: Manage end-to-end machine learning lifecycle
- Control DASF 23: Register, version, approve, promote, and deploy model
- Control DASF 29: Build MLOps workflows
- Control DASF 41: Platform security – Secure SDLC
- Control DASF 42: Employ data-centric MLOps and LLMOps
- Control DASF 45: Evaluate models
- Control DASF 49: Automate LLM evaluation
- Where:
- Snowflake AI Security Framework
2024, © Snowflake Inc.- Where: Self-hosted OSS LLMs Security > Mitigations > Model testing
- Where: Self-hosted OSS LLMs Security > Mitigations > Model testing
- Databricks AI Security Framework
- Helps to prevent, detect, and/or correct which AI security threats? [?]
- None directly
- None directly
- Additional information
- Q: When will this requirement included in an assessment? [?]
- This requirement will always be added to HITRUST assessments which include the
Cybersecurity for deployed AI systems
regulatory factor. - No other assessment tailoring factors affect this requirement.
- This requirement will always be added to HITRUST assessments which include the
- Q: When will this requirement included in an assessment? [?]
Post your comment on this topic.