AAT-01.2Protect

Trustworthy AI & Autonomous Technologies

Mechanisms exist to ensure Artificial Intelligence (AI) and Autonomous Technologies (AAT) are designed to be reliable, safe, fair, secure, resilient, transparent, explainable and data privacy-enhanced to minimize emergent properties or unintended consequences.

Domain: Artificial Intelligence & Autonomous Technologies

Function
Protect
Weighting
10
Assessment cadence
Annual
Framework references
41

Assessment question

Does the organization ensure Artificial Intelligence (AI) and Autonomous Technologies (AAT) are designed to be reliable, safe, fair, secure, resilient, transparent, explainable and data privacy-enhanced to minimize emergent properties or unintended consequences?

Evidence Request List (ERL)

Reference identifiers for the evidence typically requested to demonstrate this control.

E-AAT-03

Framework mappings

41 references · 5 families

How AAT-01.2 maps to controls and requirements in other frameworks. Expand a family to see specific references.

Control23 refs
Control Threat Summary
NT-2NT-3NT-4NT-5NT-6NT-7NT-9NT-10NT-11NT-12NT-13MT-7MT-8MT-9MT-10MT-12MT-13MT-14MT-15MT-23MT-24MT-25MT-27
ISO4 refs
ISO 42001 2023
7.1A.4A.6.1.2A.7
NIST2 refs
NIST AI 100-1 (AI RMF) 1.0
GOVERN 1.2MEASURE 2.5
Risk72 refs
Risk R-AC-1
R-AC-1
Risk R-AC-2
R-AC-2
Risk R-AC-3
R-AC-3
Risk R-AC-4
R-AC-4
Risk R-AM-1
R-AM-1
Risk R-AM-2
R-AM-2
Risk R-BC-1
R-BC-1
Risk R-BC-2
R-BC-2
Risk R-BC-3
R-BC-3
Risk R-BC-4
R-BC-4
Risk R-BC-5
R-BC-5
Risk R-EX-1
R-EX-1
Risk R-EX-2
R-EX-2
Risk R-EX-3
R-EX-3
Risk R-EX-4
R-EX-4
Risk R-EX-5
R-EX-5
Risk R-EX-6
R-EX-6
Risk R-EX-7
R-EX-7
Risk R-GV-1
R-GV-1
Risk R-GV-2
R-GV-2
Risk R-GV-3
R-GV-3
Risk R-GV-4
R-GV-4
Risk R-GV-5
R-GV-5
Risk R-GV-6
R-GV-6
Risk R-GV-7
R-GV-7
Risk R-GV-8
R-GV-8
Risk R-IR-1
R-IR-1
Risk R-IR-2
R-IR-2
Risk R-IR-3
R-IR-3
Risk R-IR-4
R-IR-4
Risk R-SC-1
R-SC-1
Risk R-SC-2
R-SC-2
Risk R-SC-3
R-SC-3
Risk R-SC-4
R-SC-4
Risk R-SC-5
R-SC-5
Risk R-SC-6
R-SC-6
Risk Threat Summary
R-AC-1R-AC-2R-AC-3R-AC-4R-AM-1R-AM-2R-BC-1R-BC-2R-BC-3R-BC-4R-BC-5R-EX-1R-EX-2R-EX-3R-EX-4R-EX-5R-EX-6R-EX-7R-GV-1R-GV-2R-GV-3R-GV-4R-GV-5R-GV-6R-GV-7R-GV-8R-IR-1R-IR-2R-IR-3R-IR-4R-SC-1R-SC-2R-SC-3R-SC-4R-SC-5R-SC-6
Shared Assessments SIG1 refs
Shared Assessments SIG 2025
R.1.1.1

Maturity model (SP-CMM)

The SCF Security & Privacy Capability Maturity Model describes what this control looks like at each maturity level.

0Not Performed

Practices are non-existent, based on the inability to demonstrate an implemented and operational capability. A reasonable person would conclude the control is not being performed.

1Performed Informally

Artificial Intelligence and Autonomous Technology (AAT) domain capabilities are ad hoc and inconsistent. Capability criteria associated with this control may include: ▪ Policies, standards & procedures associated with AAT domain capabilities provide limited coverage due to the depth and breadth of the existing documentation. ▪ AAT-related processes are expected to follow the organization's existing processes (e.g., incident response, asset management, change control, risk assessments, etc.). ▪ No formal Governance, Risk & Compliance (GRC) team exists to provide AAT oversight, where the Chief Information Officer (CIO), or similar function, governs technology decisions what is acceptable for AAT within the organization.

2Planned & Tracked

Artificial Intelligence and Autonomous Technology (AAT) capabilities are requirements-driven, but are not standardized across the entity (e.g., local/regional level consistency). Capability criteria associated with this control reasonably expect the following criteria to exist: ▪ Policies and standards associated with AAT domain capabilities are formally documented and centrally-managed by the entity. ▪ Standardized Operating Procedures (SOP) associated with AAT domain capabilities are documented and maintained by process owners. ▪ IT and/or cybersecurity personnel work with business stakeholders and process owners to appropriately scope and reasonably implement cybersecurity and data protection controls associated with AAT domain capabilities to address applicable statutory, regulatory and/or contractual requirements for Technology Assets, Applications, Services and/or Data (TAASD). ▪ Artificial Intelligence (AI)-related controls are primarily administrative and preventative in nature (e.g., policies, standards, procedures & guidelines). ▪ Asset management may be a defined function (e.g., team or department) or assigned as an additional duty to existing IT and/or cybersecurity personnel.

3Well Defined

Artificial Intelligence and Autonomous Technology (AAT) capabilities are standardized across the entity for applicability to People, Processes, Technologies, Data and/or Facilities (PPTDF) to ensure consistency for Technology Assets, Applications, Services and/or Data (TAASD). Capability criteria associated with this control reasonably expect the following criteria to exist: ▪ Policies and standards associated with AAT domain capabilities are formally documented and centrally-managed by the entity's Governance, Risk & Compliance (GRC) team, or similar function. ▪ Standardized Operating Procedures (SOP) associated with AAT domain capabilities are well-documented and kept current by process owners. ▪ An Artificial Intelligence Governance (AIG) team, or similar function, is appropriately staffed and supported to implement and maintain AAT domain capabilities. ▪ Technology is leveraged to enhance the efficiency and accuracy of AI governance, risk management and compliance operations (e.g., dedicated AI governance platform). ▪ The entity's Governance, Risk & Compliance (GRC) team, or similar function, works with business stakeholders and process owners to appropriately scope and reasonably implement cybersecurity and data protection controls associated with AAT domain capabilities to address Minimum Compliance Requirements (MCR) (e.g., applicable statutory, regulatory and/or contractual requirements) and Discretionary Security Requirements (DSR) (e.g., entity-required controls). ▪ An implemented and operational capability exists to ensure AAT are designed to be reliable, safe, fair, secure, resilient, transparent, explainable and data privacy-enhanced to minimize emergent properties or unintended consequences.

4Quantitatively Controlled

Utilize SCR-CMM Level 3 criteria definitions: ▪ There are no defined Level 4 criteria, since it is reasonable to assume a quantitatively-controlled process is not necessary to operationalize this control. ▪ While it may be possible to develop “metrics-driven” capabilities for this control, the criteria would be organization-specific to define.

5Continuously Improving

Utilize SCR-CMM Level 3 or Level 4 (if available) criteria definitions: ▪ There are no defined Level 5 criteria, since it is reasonable to assume a continuously-improving process is not necessary to operationalize this control. ▪ Level 5 capabilities should be considered “world-class” where the control builds on Level 4 capabilities, but are continuously improving through Artificial Intelligence (AI) and/or Machine Learning (ML) technologies. ▪ While it may be possible to develop responsive capabilities for this control through the use of AI and/or ML technologies, the criteria would be organization-specific to define.

Data attribution

Control content is sourced from the Secure Controls Framework™ (SCF) version 2026.1, © Secure Controls Framework Council, LLC, licensed under CC BY-ND 4.0. RiskRegisterHQ is not affiliated with, endorsed by, or sponsored by the SCF Council. For the authoritative and most current version, visit securecontrolsframework.com.

Track AAT-01.2 in your risk register

Turn this control into an owned, tracked, audit-ready item in RiskRegisterHQ — with reminders and a full change history.