Questionnaire for AI/ML/GenAI Engineering Teams

Has intent filtering been implemented? Describe the mechanism

Is there a jailbreak/prompt injection detection layer?

Are there controls to detect and handle adversarial attacks (input perturbations)?

For RAG systems: Is output grounding implemented?

Is the environment sandboxed?

Does the model have access to external APIs?

Does the model have file system or network access?

What are the controls around external resource access?

Is this a fine-tuned model? If yes:

Is the training data available for review?
Will the model be trained on user conversations?
What quality checks exist for training data?

Are there controls to prevent bias in model outputs?

Is PII or confidential information being processed?

Has Data Privacy/Protection approval been obtained?

Is data being anonymized before processing?

Are conversations being stored? If yes:

What database security controls are implemented?
What is the data retention policy?

What are the input data sources?

How is data integrity verified?

Are there quality checks for untrusted user inputs?

Is data shared with third parties?

Have third-party services been security vetted?

Is the vendor Infosec-GRC onboarded?

Has legal approval been granted for data sharing?

What input validation and sanitization is implemented?

Are there size/format restrictions on inputs?

How are file uploads handled and validated?

Is there manual review for any inputs?

What output moderation systems are in place?

Is output encoding implemented?

How are inappropriate/malicious outputs filtered?

Are model outputs logged and monitored?

What authentication methods are implemented?

How are user roles and permissions managed?

Is MFA required for sensitive operations?

Is rate limiting implemented per user?

Are there token consumption limits?

How are API quotas enforced?

Are user inputs logged?

Are model outputs logged?

How are logs protected and retained?

Is there automated alerting for suspicious patterns?

How is system health monitored?

Are there alerts for unusual model behavior?

How are security incidents detected and handled?

Has VAPT been performed on the web application?

Is SAST implemented in the CI/CD pipeline?

Is Software Composition Analysis (SCA) performed on the codebase?

How are application errors handled?

Is there a fallback mechanism for model failures?

How are failed requests logged?

Are there regulatory requirements for the use case?

Has legal review been completed?

Are there data sovereignty requirements?

What data security standards are being followed?

Are there industry-specific compliance requirements?

How is compliance monitored and maintained?

Last updated 1 year ago

Questionnaire for AI/ML/GenAI Engineering Teams

1. Model Architecture and Controls

Model Security Layers

External Access

Model Training

2. Data Handling and Privacy

Data Processing

Data Sources

3. Input/Output Controls

Input Management

Output Controls

4. Access Control and Rate Limiting

Authentication & Authorization

Rate Limiting

5. Monitoring and Logging

Activity Monitoring

Security Monitoring

6. Application Security

Security Testing

Error Handling

7. Compliance and Governance

Legal and Compliance

Security Standards

hashtag1. Model Architecture and Controls

hashtagModel Security Layers

hashtagExternal Access

hashtagModel Training

hashtag2. Data Handling and Privacy

hashtagData Processing

hashtagData Sources

hashtagThird-Party Data Sharing

hashtag3. Input/Output Controls

hashtagInput Management

hashtagOutput Controls

hashtag4. Access Control and Rate Limiting

hashtagAuthentication & Authorization

hashtagRate Limiting

hashtag5. Monitoring and Logging

hashtagActivity Monitoring

hashtagSecurity Monitoring

hashtag6. Application Security

hashtagSecurity Testing

hashtagError Handling

hashtag7. Compliance and Governance

hashtagLegal and Compliance

hashtagSecurity Standards