Cloud 101CircleEventsBlog
Join CSA's Open Certification Framework WG! Help shape global, trusted cloud certification and the CSA STAR program. 

Download Publication

AI Organizational Responsibilities - Core Security Responsibilities
AI Organizational Responsibilities - Core Security Responsibilities
Who it's for:
  • CISOs and Chief AI Officers 
  • Business leaders, decision makers, and shareholders
  • AI engineers, analysts, and developers
  • Policymakers and regulators
  • Customers and the general public

AI Organizational Responsibilities - Core Security Responsibilities

Release Date: 05/05/2024

Working Group: AI Safety Initiative

This publication from the CSA AI Organizational Responsibilities Working Group provides a blueprint for enterprises to fulfill their core information security responsibilities pertaining to the development and deployment of Artificial Intelligence (AI) and Machine Learning (ML). Expert-recommended best practices and standards, including NIST AI RMF, NIST SSDF, NIST 800-53, and CSA CCM, are synthesized into 3 core security areas: data protection mechanisms, model security, and vulnerability management. Each responsibility is analyzed using quantifiable evaluation criteria, the RACI model for role definitions, high-level implementation strategies, continuous monitoring and reporting mechanisms, access control mapping, and adherence to foundational guardrails.

Key Takeaways:
  • The components of the AI Shared Responsibility Model
  • How to ensure the security and privacy of AI training data
  • The significance of AI model security, including access controls, secure runtime environments, vulnerability and patch management, and MLOps pipeline security
  • The significance of AI vulnerability management, including AI/ML asset inventory, continuous vulnerability scanning, risk-based prioritization, and remediation tracking

The other two publications in this series discuss the AI regulatory environment and a benchmarking model for AI resilience. By outlining recommendations across these key areas of security and compliance in 3 targeted publications, this series guides enterprises to fulfill their obligations for responsible and secure AI development and deployment.
Download this Resource

Bookmark
Share
Related resources
AI Organizational Responsibilities: AI Tools and Applications
AI Organizational Responsibilities: AI Tools an...
AI Risk Management: Thinking Beyond Regulatory Boundaries
AI Risk Management: Thinking Beyond Regulatory ...
AI Organizational Responsibilities - Governance, Risk Management, Compliance and Cultural Aspects
AI Organizational Responsibilities - Governance...
How Repsol’s DLP Strategy Enables a Fearless Embrace of GenAI
How Repsol’s DLP Strategy Enables a Fearless Embrace of GenAI
Published: 02/13/2025
AI in Agriculture: Smarter Crops, Healthier Livestock, Better Yields
AI in Agriculture: Smarter Crops, Healthier Livestock, Better Yields
Published: 02/10/2025
Agentic AI Threat Modeling Framework: MAESTRO
Agentic AI Threat Modeling Framework: MAESTRO
Published: 02/06/2025
From 2024 to 2025: How These GRC Trends are Reshaping the Industry
From 2024 to 2025: How These GRC Trends are Reshaping the Industry
Published: 02/05/2025
Cloudbytes Webinar Series
Cloudbytes Webinar Series
January 1 | Online

Acknowledgements

Jan Gerst
Jan Gerst
Cybersecurity Subject Matter Expert, Charter Communications

Jan Gerst

Cybersecurity Subject Matter Expert, Charter Communications

MSMIT Cloud, MBA, MSMIT Cybersecurity

CSA CSP CCSK 

Cornell University - Technology Leadership | Business Management 

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training