HITRUST CSF requirement statement [?] (06.10hAISecSystem.7)
When creating machine learning-based AI models, the organization
(1) explicitly documents a linkage between the versions of the training dataset used, the pipeline
configuration used, and resulting AI model. - Evaluative elements in this requirement statement [?]
-
1. When creating machine learning-based AI models, the organization explicitly documents a linkage between the versions of the training dataset used, the pipeline configuration used, and resulting AI model.
- Illustrative procedures for use during assessments [?]
- Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
- Procedure: Examine evidence that written or undocumented procedures exist as defined in the HITRUST scoring rubric. Determine if the procedures and address the operational aspects of how to perform each evaluative element within the requirement statement.
- Implemented: Examine evidence that all evaluative elements within the requirement statement have been implemented as defined in the HITRUST scoring rubric, using a sample based test where possible for each evaluative element. Example test(s):
- For example, select a sample of machine learning-based AI model versions released by the organization during the past year and ensure that the associated documentation contains an explicit linkage between the versions of the training dataset used, the pipeline configuration used, and the resulting AI model.
- For example, select a sample of machine learning-based AI model versions released by the organization during the past year and ensure that the associated documentation contains an explicit linkage between the versions of the training dataset used, the pipeline configuration used, and the resulting AI model.
- Measured: Examine measurements that formally evaluate and communicate the operation and/or performance of each evaluative element within the requirement statement. Determine the percentage of evaluative elements addressed by the organization’s operational and/or independent measure(s) or metric(s) as defined in the HITRUST scoring rubric. Determine if the measurements include independent and/or operational measure(s) or metric(s) as defined in the HITRUST scoring rubric. Example test(s):
- For example, measures indicate the percentage of ML-based AI models produced by the organization with this linkage documented as a percentage of total.
- For example, measures indicate the percentage of ML-based AI models produced by the organization with this linkage documented as a percentage of total.
- Managed: Examine evidence that a written or undocumented risk treatment process exists, as defined in the HITRUST scoring rubric. Determine the frequency that the risk treatment process was applied to issues identified for each evaluative element within the requirement statement.
- Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
- Placement of this requirement in the HITRUST CSF [?]
- Assessment domain: 06 Configuration Management
- Control category: 10.0 – Information Systems Acquisition, Development, and Maintenance
- Control reference: 10h- Control of Operational Software
- Specific to which parts of the overall AI system? [?]
- AI platform layer:
- AI datasets and data pipelines
- The AI model itself
- Model-serving infrastructure and APIs
- Model pipeline and model engineering environment
- Model-level configurations (e.g., hyperparameters)
- AI platform layer:
- Discussed in which authoritative AI security sources? [?]
-
- OWASP AI Exchange
2024, © The OWASP Foundation- Where:
- Guidelines for Secure AI System Development
Nov. 2023, Cybersecurity & Infrastructure Security Agency (CISA)- Where:
- 2. Secure development > Identify, track and protect your assets
- 2. Secure development > Identify, track and protect your assets
- Where:
- Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems
Apr 2024, National Security Agency (NSA)- Where:
- Continuously protect the AI system > Validate the AI system before and during use > Bullet 3
- Continuously protect the AI system > Validate the AI system before and during use > Bullet 3
- Where:
- OWASP AI Exchange
- Discussed in which commercial AI security sources? [?]
-
- Databricks AI Security Framework
Sept. 2024, © Databricks- Where:
- Control DASF 10: Version data
- Control DASF 17: Track and reproduce the training data used for ML model training
- Control DASF 52: Source code control
- Where:
- Databricks AI Security Framework
- Control functions against which AI security threats? [?]
- Additional information
-
- Q: When will this requirement included in an assessment? [?]
- The
Security for AI systemsregulatory factor must be present in the assessment. - This requirement only applies when machine learning-based AI models are in use (generative, predictive).
- The
- Q: When will this requirement included in an assessment? [?]