Secure Controls Framework
Download The SCF
AI Governance

What is the SCF's Artificial Intelligence & Autonomous Technologies (AAT) domain?

Direct Answer

The SCF AAT (Artificial Intelligence & Autonomous Technologies) domain provides a structured control set for managing AI system risks. AAT controls address AI risk identification, bias monitoring, explainability requirements, AI incident response, Automated Decision-Making governance, and alignment with the NIST AI RMF and ISO 42001. Organizations use SCF AAT to build a control-based AI governance program that maps to multiple frameworks simultaneously.

The SCF AAT domain gives security and compliance teams a practical, auditable baseline for governing AI systems - including Machine Learning models, Generative AI tools, and autonomous technologies.

 

Key control areas in the AAT domain include: AI risk identification and classification; algorithmic bias and fairness monitoring; model transparency and explainability documentation; AI incident detection and response; Automated Decision-Making (ADMT) governance; data quality controls for AI training data; and vendor or third-party AI governance.

 

The AAT domain maps to the NIST AI RMF's four core functions (Govern, Map, Measure, Manage), ISO 42001:2023, the EU AI Act, and applicable US state regulations on Automated Decision-Making.

 

This cross-framework mapping lets organizations satisfy multiple compliance requirements from a single control implementation, reducing duplication across programs.

Keep Exploring

Relevant Resources

References

Authoritative Sources