Access Control
4 controls
Dual Authorization
Organizations define privileged commands and actions requiring dual authorization based on their operational context, with emphasis on operations involving covered models or cryptographic keys protect...
View detailsInformation Flow Enforcement
External data may contain adversarial content including backdoor attacks in training data, jailbreak attempts in inference inputs, and malicious patterns in code (including inputs designed to compromi...
View detailsHuman Reviews
The organization requires human review of quarantined data before making clearance or rejection decisions. The organization defines review scope based on operational capacity and false positive rates:...
View detailsDetection of Unsanctioned Information
Adversarial content designed to compromise AI models or data center operations constitutes unsanctioned information. Detection applies to all data that could be consumed as input by AI models: trainin...
View details