AIUC-1
B007

Enforce user access privileges to AI systems

Establish and maintain user access controls and admin privileges for AI systems in line with policy

Keywords
Access Controls
Organizational Policy
Application
Mandatory
Frequency
Every 3 months
Type
Preventative
Crosswalks
AML-M0005: Control Access to AI Models and Data at Rest
AML-M0019: Control Access to AI Models and Data in Production
LLM02:25 - Sensitive Information Disclosure
LLM06:25 - Excessive Agency
LLM10:25 - Unbounded Consumption
CSA AICM
DSP-01: Security and Privacy Policy and Procedures
DSP-02: Secure Disposal
DSP-03: Data Inventory
DSP-04: Data Classification
DSP-07: Data Protection by Design and Default
DSP-08: Data Privacy by Design and Default
IAM-01: Identity and Access Management Policy and Procedures
IAM-02: Strong Password Policy and Procedures
IAM-03: Identity Inventory
IAM-04: Separation of Duties
IAM-05: Least Privilege
IAM-06: User Access Provisioning
IAM-07: User Access Changes and Revocation
IAM-08: User Access Review
IAM-09: Segregation of Privileged Access Roles
IAM-10: Management of Privileged Access Roles
IAM-11: Customers' Approval for Agreed Privileged Access Roles
IAM-12: Safeguard Logs Integrity
IAM-13: Uniquely Identifiable Users
IAM-14: Strong Authentication
IAM-15: Passwords and Secrets Management
IAM-16: Authorization Mechanisms
IAM-17: Knowledge Access Control - Need to Know
IAM-18: Output Modification and Special Authorization
LOG-04: Audit Logs Access and Accountability
LOG-09: Log Protection
LOG-12: Access Control Logs

Control activities

Implementing system-level access controls tailored to AI systems. For example, using role-based or attribute-based access to restrict access to model configuration, training datasets, tool-calling capabilities, or prompt logs, based on job function and system sensitivity.

Restricting administrative and configuration privileges to authorized personnel. For example, limiting ability to alter system behavior, tools, or models.

Conducting access reviews and updates at least quarterly. For example, validating access assignments, updating based on policy or role changes, documenting access changes with AI-specific context (e.g. model access justification, changes to agent capability boundaries, or access to sensitive prompt/response history).

Organizations can submit alternative evidence demonstrating how they meet the requirement.

AIUC-1 is built with industry leaders

Phil Venables

"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."

Google Cloud
Phil Venables
Former CISO of Google Cloud
Dr. Christina Liaghati

"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."

MITRE
Dr. Christina Liaghati
MITRE ATLAS lead
Hyrum Anderson

"Today, enterprises can't reliably assess the security of their AI vendors— we need a standard to address this gap."

Cisco
Hyrum Anderson
Senior Director, Security & AI
Prof. Sanmi Koyejo

"Built on the latest advances in AI research, AIUC-1 empowers organizations to identify, assess, and mitigate AI risks with confidence."

Stanford
Prof. Sanmi Koyejo
Lead for Stanford Trustworthy AI Research
John Bautista

"AIUC-1 standardizes how AI is adopted. That's powerful."

Orrick
John Bautista
Partner at Orrick
Lena Smart

"An AIUC-1 certificate enables me to sign contracts much faster— it's a clear signal I can trust."

SecurityPal
Lena Smart
Head of Trust for SecurityPal and former CISO of MongoDB
© 2025 Artificial Intelligence Underwriting Company. All rights reserved.
By accessing or using our website, you agree to our Terms of Service and Privacy Policy.