# Questionnaire for AI/ML/GenAI Engineering Teams ### 1. Model Architecture and Controls #### Model Security Layers * [ ] Has intent filtering been implemented? Describe the mechanism * [ ] Is there a jailbreak/prompt injection detection layer? * [ ] Are there controls to detect and handle adversarial attacks (input perturbations)? * [ ] For RAG systems: Is output grounding implemented? * [ ] Is the environment sandboxed? #### External Access * [ ] Does the model have access to external APIs? * [ ] Does the model have file system or network access? * [ ] What are the controls around external resource access? #### Model Training * [ ] Is this a fine-tuned model? If yes: * [ ] Is the training data available for review? * [ ] Will the model be trained on user conversations? * [ ] What quality checks exist for training data? * [ ] Are there controls to prevent bias in model outputs? ### 2. Data Handling and Privacy #### Data Processing * [ ] Is PII or confidential information being processed? * [ ] Has Data Privacy/Protection approval been obtained? * [ ] Is data being anonymized before processing? * [ ] Are conversations being stored? If yes: * [ ] What database security controls are implemented? * [ ] What is the data retention policy? #### Data Sources * [ ] What are the input data sources? * [ ] How is data integrity verified? * [ ] Are there quality checks for untrusted user inputs? #### Third-Party Data Sharing * [ ] Is data shared with third parties? * [ ] Have third-party services been security vetted? * [ ] Is the vendor Infosec-GRC onboarded? * [ ] Has legal approval been granted for data sharing? ### 3. Input/Output Controls #### Input Management * [ ] What input validation and sanitization is implemented? * [ ] Are there size/format restrictions on inputs? * [ ] How are file uploads handled and validated? * [ ] Is there manual review for any inputs? #### Output Controls * [ ] What output moderation systems are in place? * [ ] Is output encoding implemented? * [ ] How are inappropriate/malicious outputs filtered? * [ ] Are model outputs logged and monitored? ### 4. Access Control and Rate Limiting #### Authentication & Authorization * [ ] What authentication methods are implemented? * [ ] How are user roles and permissions managed? * [ ] Is MFA required for sensitive operations? #### Rate Limiting * [ ] Is rate limiting implemented per user? * [ ] Are there token consumption limits? * [ ] How are API quotas enforced? ### 5. Monitoring and Logging #### Activity Monitoring * [ ] Are user inputs logged? * [ ] Are model outputs logged? * [ ] How are logs protected and retained? * [ ] Is there automated alerting for suspicious patterns? #### Security Monitoring * [ ] How is system health monitored? * [ ] Are there alerts for unusual model behavior? * [ ] How are security incidents detected and handled? ### 6. Application Security #### Security Testing * [ ] Has VAPT been performed on the web application? * [ ] Is SAST implemented in the CI/CD pipeline? * [ ] Is Software Composition Analysis (SCA) performed on the codebase? #### Error Handling * [ ] How are application errors handled? * [ ] Is there a fallback mechanism for model failures? * [ ] How are failed requests logged? ### 7. Compliance and Governance #### Legal and Compliance * [ ] Are there regulatory requirements for the use case? * [ ] Has legal review been completed? * [ ] Are there data sovereignty requirements? #### Security Standards * [ ] What data security standards are being followed? * [ ] Are there industry-specific compliance requirements? * [ ] How is compliance monitored and maintained? --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://playbook.sidthoviti.com/ai-security/questionnaire-for-ai-ml-genai-engineering-teams.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.