0
22.3.5
Australia Patch 3, Australia Patch 2, Australia Patch 1, Australia, Zurich Patch 9, Zurich Patch 8, Zurich Patch 7, Zurich Patch 4, Zurich Patch 1, Zurich, Yokohama Patch 11, Yokohama Patch 6, Yokohama Patch 4, Yokohama Patch 3, Xanadu Patch 9
Standalone Application
AI Risk and Compliance Management involves a strategic framework designed to identify, assess, and mitigate the inherent risks associated with the development and deployment of AI technologies. As organizations increasingly rely on AI systems, it becomes essential to navigate the complexities of compliance with global regulations such as the GDPR and the EU’s AI Act. This framework includes a comprehensive risk assessment process to evaluate potential challenges such as, algorithmic bias, data privacy, and transparency. It ensures that AI systems are developed and used in an ethical and responsible manner. Engaging diverse stakeholders, including ethicists and legal experts, enhances the organization's ability to address the social and ethical implications of AI technologies while fostering a culture of accountability.
- AI System Intake Form to request AI use case, AI model, and Datasets.
- AI Risk and Compliance workspace to manage and monitor the risk and compliance posture of AI systems.
- Perform impact assessments (using Smart Assessments) to identify how AI systems, models, and datasets affect fundamental rights.
- New Roles & Access Controls to handle AI Risk and Compliance Management.
- Identify the AI systems from the CMDB by enhancing or leveraging the Entity filter capability.
- Advance Risk Assessment (ARA) integration to identify individual and specific risks associated with AI assets, such as AI systems, models, and datasets. Perform risk assessments on each identified risk separately.
- Bulk risk assessment feature enables product owners to assess the regulatory and operational risks of multiple AI use cases in a unified workflow.
- Auto-creation or resolving entity
- Based on the existence of the CMDB AI System record, an Entity can be auto-created or resolved to an existing record.
- 360-Relationship View:
- Explore the relationships between critical AI assets that impact your business, including controls, risks, and issues.
- Entity based access control
- Implemented Entity based access control feature which facilitates object access via entities. You can map entities to specific users or user groups, enabling you with a granular level of access control.
- Bulk AI Risk Assessments, secure AI Risks and Controls using Entity-based Access Control, Unified Content Management, Email-driven AI Misuse or Inquiry reporting.
- New
- Manage Smart Assessment templates with versioning support. Create, publish, and delete template versions to support consistent assessment governance.
- View the entity, risk, and control for each assessment directly in task and work queue lists, without opening individual records.
- Access authority documents, agency mappings, and citations for additional AI regulatory frameworks in the AI Risk and Compliance content pack.
- Changed
- Added automated impact assessment flow whenever an AI Dataset is created.
- Standardized query range security ACLs are now applied across all tables, ensuring consistent query access for authenticated users with appropriate read permissions throughout the platform. These ACL rules are installed automatically during upgrade with no administrator action required — automated upgrade scripts handle the full transition, including detection and processing of previously customized ACLs to ensure existing configurations continue to function without interruption. If your instance includes administrator-modified query range ACLs, a post-upgrade review is recommended to confirm alignment with your intended access policies.
- Fixed
- Localization & Performance issues are fixed.
- Fixed issue w.r.t to retired controls. Retired controls are excluded from the control based widgets.
- Fixed issue related to synchronization of AI asset life cycle tasks between AI Risk and Compliance and AICT workspace.
- Fixed functional domain issue w.r.t indicators feature on AI asset record page.
Permissions and roles:
- Role required to install the app: System Admin (admin)