A003—Limit AI agent data collection
>Control Description
Implement safeguards to limit AI agent data access to task-relevant information based on user roles and context
Application
Mandatory
Frequency
Every 12 monthsCapabilities
Universal
>Controls & Evidence (3)
Technical Implementation
A003.1
Config: Data collection scopingCore - This should include:
- Configuring data collection limits to reduce data and privacy exposure. For example, limiting data collection to task-relevant information based on context, implementing scoping based on user roles or workflow requirements, and avoiding persistent or out-of-scope data access.
Typical evidence: Code implementing data collection restrictions - may include RAG retrieval function with document filtering logic, session scoping configuration limiting data access per session ID, workflow conditional logic gating data collection by stage, permission decorators or middleware checking user roles before data access, or scoping functions rejecting out-of-scope queries with error messages.
Location: Engineering Code
A003.2
Config: Alerting system for auth failuresSupplemental - This may include:
- Deploying monitoring mechanisms. Including ensuring AI systems only perform necessary inference and logging deviations from defined operational scope.
Typical evidence: Screenshot of code showing an alert or error handling system is triggered upon authz check failure, or screenshot of alerting configurations in logging software (e.g. Posthog, Sentry, Datadog, Axiom, or downstream alert in Slack)
Location: Engineering Code
A003.3
Config: Authorization system integrationSupplemental - This may include:
- Integrating with existing authorization systems to align agent access permissions with organizational policies.
Typical evidence: Screenshot of code showing authorization checks when context is collected or before tool execution using existing authorization systems (e.g. oAuth, OSO, custom IAM) - should verify that authorization is checked at time of data collection/tool call, not just at initial agent invocation
Location: Engineering Code
>Cross-Framework Mappings
NIST AI RMF
Ask AI
Configure your API key to use AI features.