The Secure Controls Framework (SCF) includes an AI governance domain with controls that map to the NIST AI RMF, ISO 42001, and state regulations such as California's CPRA Automated Decision-Making Technology rules. Controls cover AI risk assessment, bias monitoring, incident response, explainability requirements, and vendor AI risk management.
Using SCF as a foundation, organizations can build a control set that satisfies multiple AI governance frameworks at the same time. SCF pre-built cross-framework mappings eliminate the need to manually trace each control from one framework to another. The AI governance controls address the full lifecycle: from initial risk identification and bias testing before deployment, through continuous monitoring of AI outputs, to documented procedures for handling AI-related incidents.
Keep Exploring
References