SOC2 AI Security Assessment

1

Discovery & Inventory

Do you maintain a complete inventory of all AI systems in use across your organization?

Not Started - We don't track AI tools systematically Initial - Teams informally mention what they use Developing - We have a central list, but it's often outdated Established - We maintain a living inventory with owners, purposes, and risk ratings

Have you categorized your AI agents by their potential impact and autonomy level?

Not Started - All AI is treated the same Initial - We discuss high-risk vs. low-risk informally Developing - We have documented risk tiers with some criteria Established - Each AI system has a clear risk rating tied to specific controls

Do you have a clear "authority matrix" defining what each AI agent can access and modify?

Not Started - Permissions are ad-hoc or overly broad Initial - We know generally what agents "should" access Developing - We document permissions but rarely verify them Established - Every agent has defined, minimum-necessary permissions that are regularly audited

2

Governance & Accountability

Is there clear executive accountability for AI security and compliance?

Not Started - AI security is handled reactively by different teams Initial - One person "keeps an eye on it" informally Developing - We've assigned ownership but without clear authority or budget Established - Executive leadership owns AI governance with defined budgets and decision rights

Have you created and communicated AI-specific policies?

Not Started - We rely on general IT policies Initial - We've drafted AI guidelines but haven't rolled them out Developing - Policies exist and are somewhat enforced Established - Clear, accessible policies that teams reference regularly and leadership reviews annually

Are your teams trained on AI-specific security risks?

Not Started - No AI-focused training exists Initial - We've mentioned AI risks in general security training Developing - We provide AI security training, but coverage is inconsistent Established - Regular, role-specific training with measurable comprehension

3

Technical Defenses

Are AI agents treated as high-privilege identities with appropriate authentication?

Not Started - AI uses shared credentials or overly permissive service accounts Initial - We've discussed treating AI as non-human identities Developing - Some agents have dedicated credentials with basic controls Established - All agents use cryptographically secure authentication with Zero Trust principles

Do your AI agents operate with minimum necessary permissions?

Not Started - Agents often have broad "admin" or "power user" access Initial - We've identified that permissions are too broad Developing - We're working toward least privilege but haven't fully implemented it Established - Dynamic, context-aware permissions that grant only what's needed for the current task

Are you protecting sensitive data from exposure through AI systems?

Not Started - Minimal data protection specific to AI Initial - We've identified sensitive data concerns Developing - Some masking or encryption in place Established - Automated PII detection, masking, and encryption for all AI interactions

Have you implemented controls to detect and block malicious or inappropriate AI interactions?

Not Started - No specialized guardrails for AI Initial - We've researched guardrail solutions Developing - Basic input validation or output filtering in place Established - Comprehensive, auditable guardrails scanning inputs and outputs in real-time

4

Monitoring & Response

Are you actively monitoring AI agent behavior for anomalies?

Not Started - We review AI systems only when problems occur Initial - Basic logging of AI activities Developing - Some automated monitoring with manual review Established - Real-time behavioral analytics with automated alerting

Do you monitor your AI models for drift, bias, or performance degradation?

Not Started - Models run until they obviously fail Initial - Periodic manual checks of model performance Developing - Regular model evaluation with documented metrics Established - Automated drift detection with predefined thresholds and alerts

How frequently do you test AI systems for vulnerabilities?

Not Started - No AI-specific security testing Initial - General security testing that touches some AI components Developing - Annual penetration testing including AI systems Established - Regular pen testing, red team exercises, and prompt injection simulations

Do you have an incident response plan specifically for AI security incidents?

Not Started - We'd figure it out if something happened Initial - General incident response that could apply to AI Developing - AI incidents are mentioned in our IRP Established - Detailed, tested AI incident playbooks with clear escalation paths

5

Vendor & Supply Chain

Do you assess third-party AI providers for security and compliance?

Not Started - We trust vendor marketing materials Initial - Basic vendor questionnaires Developing - Security reviews for major vendors Established - Comprehensive vendor risk assessments with SOC 2 reports and ongoing monitoring

Can you trace the components and dependencies of your AI systems?

Not Started - We don't track AI supply chain components Initial - We know the primary vendors we use Developing - Documentation of major dependencies Established - Complete SBOM (Software Bill of Materials) for AI systems with regular updates

AI Security & SOC 2 Readiness Assessment

Discovery & Inventory

Governance & Accountability

Technical Defenses

Monitoring & Response

Vendor & Supply Chain

Get Your Personalized Action Plan