AI Personas
ISO/IEC 22989:2022 provides a helpful list of personas within the AI space that we find helpful. The table below briefly describes a subset of these AI personas, with an indication of whether the persona can achieve the HITRUST AI Cybersecurity Certification.
AI Persona | Description | Can they achieve this certification? |
---|---|---|
AI providers | An AI provider is an organization or entity that provides products or services that uses one or more AI systems. Encompasses:
|
Yes |
AI developers | Concerned with the development of AI services and products (e.g., model designers, model verifiers). | No. The provider of an AI application and/or AI platform instantiates what an AI developer builds and can achieve this certification, but the software development function cannot. HITRUST does not certify “built but not installed” software. |
AI customers / users | Users of an AI product or service. | No. Analogy: A SaaS user organization cannot achieve a HITRUST certification over the SaaS product (instead, the SaaS provider can). |
AI partners | Provide products and/or services in the context of AI (e.g., datasets, technical development services, evaluation / assessment services). | No |
Example scenarios
Here are some example scenarios to help illustrate when a business is considered an AI Provider for the purposes of determining whether they qualify for this HITRUST certification:
No. | Scenario | Are they an AI provider? |
---|---|---|
1 | Customer Satisfaction Analysis Platform: A software vendor provides a customer satisfaction aggregation tool that consumes online reviews and creates a multi-page document in a structured format using OpenAI’s pre-trained GPT4o model. The company performs no fine-tuning and does not reference OpenAI in their marketing content and holds themselves out as an AI-driven company selling AI-powered products. | Yes. Even though they did not train the model or even fine-tune it, they have integrated an AI model into their technology platform. In this scenario, the organization would likely want to inherit several controls (e.g., security of the model’s training data) from OpenAI. |
2 | Online Job Posting Board: A provider of an online job posting board has a policy that all resumes are to be sent to an LLM for first level consideration before they are sent to hiring companies. The provider maintains processes and procedures using a set of standard prompts that instruct the LLM how to determine if the candidate should proceed. This work is performed manually by a team of level 1 technicians who are following these processes and procedures and using the web-based UI provided by their LLM provider. There is no source code for the job posting board related to AI in any way. | No. The provider of the online job posting board has an AI-enabled process but has not deployed an instance of an AI model themselves. Instead, they use a model another organization deployed. As such, they could not seek to obtain an AI security certification from HITRUST for their provider’s system. |
3 | Social Media Platform: A social media company uses an ML model to determine if users’ posts violate their terms of service and content guidelines. The users’ posts are routed in near-real-time to a self-trained ML model that exists within the social media platform’s technology stack. Users of the social media platform are not aware of this system. | Yes. In this case, the social media company is both a model creator and the deployer of the model. |
4 | Loan Origination Company: A custom loan origination company uses an expert system to provide recommendations on loan application approval to a mortgage loan officer. Ultimately, a human makes the final decision. | Yes. The expert system uses a heuristic (i.e., knowledge-driven instead of data-driven) model, and this model is part of the loan origination system deployed by the loan origination company. |
Post your comment on this topic.
Jeremy Huval wrote: Sep 11, 2024
Great feedback Walter!
Walter Haydock wrote: Sep 11, 2024
I would recommend adhering strictly to the ISO/IEC 22989:2022 terminology regarding roles. For example, that document does not use the term "deployer."
The appropriate scope for this certification would thus be AI providers and AI producers.