AAT-29.6: Privileged Role & Delegation Boundaries

There is no evidence of a capability to prevent privilege escalation or unauthorized delegation by AI agents by: (1) Monitoring and enforcing dynamic roles; and (2) Establishing cross-agent delegation boundaries and privileged actions.

C|P-CMM1 is N/A, since a structured process is required to prevent privilege escalation or unauthorized delegation by AI agents by: (1) Monitoring and enforcing dynamic roles; and (2) Establishing cross-agent delegation boundaries and privileged actions.

Artificial Intelligence and Autonomous Technology (AAT) efforts are requirements-driven and governed at a local/regional level, but are not consistent across the organization. CMM Level 2 control maturity would reasonably expect all, or at least most, the following criteria to exist:

• AAT activities are decentralized and are not standardized across the organization, where non-standardized methods are used to develop, implement and maintain AAT solutions.
• AAT developers identify relevant controls that are appropriate to address applicable statutory, regulatory and contractual requirements.
• A qualified individual is assigned the role and responsibilities to centrally manage, coordinate, develop, implement and maintain AAT-related development activities (e.g., Chief Technology Officer (CTO)).
• No formal Governance, Risk & Compliance (GRC) team exists to provide oversight of AAT-related activities. GRC roles are assigned to existing cybersecurity personnel.

Artificial Intelligence and Autonomous Technology (AAT) efforts are standardized across the organization and centrally managed, where technically feasible, to ensure consistency. CMM Level 3 control maturity would reasonably expect all, or at least most, the following criteria to exist:

• The Chief Information Security Officer (CISO), or similar function with technical competence to address cybersecurity concerns, analyzes the organization's business strategy and prioritizes the objectives of the security function to determine prioritized and authoritative guidance for Artificial Intelligence and Autonomous Technologies (AAT), within the broader scope of cybersecurity and data protection operations.
• The CISO, or similar function, develops a security-focused Concept of Operations (CONOPS) that documents management, operational and technical measures to apply defense-in-depth techniques across the organization. This CONOPS for AAT may be incorporated as part of a broader operational plan for the cybersecurity and data privacy program.
• A Governance, Risk & Compliance (GRC) function, or similar function, provides governance oversight for the implementation of applicable statutory, regulatory and contractual cybersecurity and data protection controls to facilitate the implementation of secure and compliant practices to protect the confidentiality, integrity, availability and safety of the organization's applications, systems, services and data. Compliance requirements for AAT are identified and documented.
• A steering committee is formally established to provide executive oversight of the cybersecurity and data privacy program, including AAT. The steering committee establishes a clear and authoritative accountability structure for AAT operations.
• Legal reviews are conducted to minimize the inadvertent infringement of third-party Intellectual Property (IP) rights through the use of AAT products and/ or services.
• AAT-specific compliance requirements for cybersecurity and data privacy are identified and documented.
• Governance function for AAT is formally assigned with defined roles and associated responsibilities.
• A Program Management Office (PMO), or similar function, tracks and reports on activities related to the mapping, measuring and managing of AAT.
• Secure engineering principles are identified and implemented to ensure AAT are designed to be reliable, safe, fair, secure, resilient, transparent, explainable and data privacy-enhanced to minimize emergent properties or unintended consequences.
• Robust development and pre-deployment functionality, security and data privacy testing is conducted on all internal and third-party AAT projects.
• Production use of AAT is closely monitored to minimize emergent properties or unintended consequences.
• Robust incident response and business continuity plans exist to respond to AAT-related emergent properties or unintended consequences.
• Data sources utilized in the training and/or operation of AAT are identified and documented.
• The Confidentiality, Integrity and Availability (CIA) of source data to prevent accidental contamination or malicious corruption (e.g., data poisoning) that could compromise the performance of AAT.

See C|P-CMM3. There are no defined C|P-CMM4 criteria, since it is reasonable to assume a quantitatively-controlled process is not necessary to prevent privilege escalation or unauthorized delegation by AI agents by: (1) Monitoring and enforcing dynamic roles; and (2) Establishing cross-agent delegation boundaries and privileged actions.

See C|P-CMM4. There are no defined C|P-CMM5 criteria, since it is reasonable to assume a continuously-improving process is not necessary to prevent privilege escalation or unauthorized delegation by AI agents by: (1) Monitoring and enforcing dynamic roles; and (2) Establishing cross-agent delegation boundaries and privileged actions.