Any organization performing an e1, i1 or r2 assessment may also perform an HITRUST AI Security Assessment for its corresponding AI platform and achieve an ai1 (when combined with an e1 or i1 assessment) or ai2 (when combined with an r2 assessment) certification if it meets the necessary criteria. The ai1 and ai2 assessments are designed to equip organizations with a capability to demonstrate fundamental cybersecurity risks of deployed AI systems are being addressed.
Eligibility Criteria
The diagram below depicts the assessment types and associated CSF library version that qualify for an ai1 or ai2 assessment.
AI Certification Intended Audience
The table below describes a subset of AI personas listed by ISO/IEC 22989:2022, with an indication of whether the persona can perform an ai1 or ai2 Assessment.
| AI Persona | Description | Can perform this assessment |
| AI providers | An AI provider is an organization or entity that provides products or services that use one or more AI systems. Encompasses:
|
Yes |
| AI developers | Concerned with the development of AI services and products (for example, model designers, model verifiers). | No The AI Application Deployer that instantiates what an AI developer built can obtain this certification, but the software development function cannot. HITRUST cannot certify the AI application/system development function. HITRUST only certifies implemented systems. |
| AI customers/users | Users of an AI product or service. | No A SaaS user organization cannot obtain an ai1 or ai2 Certification over the SaaS product. The SaaS provider must certify the system. |
| AI partners | Provide products and/or services in the context of AI (e.g., datasets, technical development services, evaluation/assessment services). | No |