Rank 07 · Protect privacy, security, and compliance

Draw the AI boundary before data or tools cross it.

For security, compliance, enterprise, and risk owners: AI risk includes data residency, retention, tool permissions, vendor access, logs, human approvals, and incident response.

Trace one sensitive workflow end to end

Use a real input class and follow it through every model, store, tool, log, reviewer, and vendor.

  1. Which data may enter the workflow, where is it stored, and who may retrieve it?
  2. What actions can the system take, with which identity and permission scope?
  3. Can you stop, investigate, and reconstruct a harmful or unauthorized action?

Controls that follow the workflow

Step 01

Classify data and actions

Name prohibited data, approved purposes, consequence levels, and tool authority before implementation.

Step 02

Enforce boundaries

Use least privilege, isolation, allowlists, redaction, retention limits, and approvals outside model judgment.

Step 03

Prepare the response

Log decisions safely, test kill switches and rollback, assign incident roles, and retain audit evidence.

What this path does not prove.

  • This page is an engineering starting point, not legal advice or a compliance certification.
  • Controls must match your jurisdiction, contracts, threat model, data classes, and existing security program.
  • Documentation without tested enforcement does not establish a safe production boundary.

Related articles from the approved brief map.

Need to test whether the controls survive an incident?

The existing twelve-control audit covers kill switches, tool boundaries, audit trails, sandboxing, sensitive-access scope, injection defenses, approvals, evaluation, rollback, and isolation.

Run the incident readiness audit