>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

GV-6.1-009Update and integrate due diligence processes for GAI acquisition and procurement vendor

>Control Description

Update and integrate due diligence processes for GAI acquisition and procurement vendor assessments to include intellectual property, data privacy, security, and other risks. For example, update processes to Address solutions that may rely on embedded GAI technologies; Address ongoing monitoring, assessments, and alerting, dynamic risk assessments, and real-time reporting tools for monitoring third-party GAI risks; Consider policy adjustments across GAI modeling libraries, tools and APIs, fine-tuned models, and embedded tools; Assess GAI vendors, open-source or proprietary GAI tools, or GAI service providers against incident or vulnerability databases.

>Cross-Framework Mappings

SCF

AAT-01
Compare
TPM-01
Compare
TPM-04.1
Compare

Ask AI

Configure your API key to use AI features.