Document system transparency policy

Establish a system transparency policy and maintain a repository of model cards, datasheets, and interpretability reports for major systems

Keywords

Transparency

System Cards

Application

Optional

Frequency

Every 12 months

Type

Preventative

Crosswalks

AML-M0023: AI Bill of Materials

AML-M0025: Maintain AI Dataset Provenance

Article 11: Technical Documentation

A.4.2: Resource documentation

A.4.3: Data resources

A.4.4: Tooling resources

A.4.5: System and computing resources

A.6.1.3: Processes for responsible AI system design and development

A.6.2.3: Documentation of AI system design and development

GOVERN 1.2: Trustworthy AI policies

GOVERN 1.6: AI system inventory

MAP 1.6: System requirements

MEASURE 2.8: Transparency and accountability

MEASURE 2.9: Model explanation

MEASURE 4.3: Performance tracking

Control activities

Establishing a transparency policy defining requirements for documentation of major AI systems. For example, model capabilities, limitations, and intended use cases.

Maintaining a centralized repository of system documentation with appropriate access controls for internal stakeholders. For example, model cards, datasheets, and interpretability reports.

Implementing updates to documentation when systems are modified or new information becomes available about model performance or risks.

Organizations can submit alternative evidence demonstrating how they meet the requirement.

AIUC-1 is built with industry leaders

"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."

Phil Venables

Former CISO of Google Cloud

"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."