AC-1 Policy And Procedures
ViewAC-4 Information Flow Enforcement
ViewMitigations
AIR-DET-016Preserving Source Data Access Controls in AI Systems
AIR-PREV-017AI Firewall Implementation and Management
AIR-DET-001AI Data Leakage Prevention and Detection
AIR-PREV-022Multi-Agent Isolation and Segmentation
AIR-PREV-002Data Filtering From External Knowledge Bases
AIR-PREV-003User/App/Model Firewalling/Filtering
AIR-PREV-006Data Quality & Classification/Sensitivity
AC-5 Separation Of Duties
ViewAC-16 Security And Privacy Attributes
ViewAC-19 Access Control For Mobile Devices
ViewMitigations
AC-20 Use Of External Systems
ViewAC-21 Information Sharing
ViewAC-22 Publicly Accessible Content
ViewAT-2 Literacy Training And Awareness
ViewAT-3 Role-based Training
ViewAU-3 Content Of Audit Records
ViewAU-6 Audit Record Review, Analysis, And Reporting
ViewMitigations
AIR-PREV-012Role-Based Access Control for AI Data
AIR-DET-015Using Large Language Models for Automated Evaluation (LLM-as-a-Judge)
AIR-DET-016Preserving Source Data Access Controls in AI Systems
AIR-DET-021Agent Decision Audit and Explainability
AIR-PREV-023Agentic System Credential Protection Framework
AIR-DET-004AI System Observability
AU-10 Non-repudiation
ViewAU-11 Audit Record Retention
ViewMitigations
AU-12 Audit Record Generation
ViewMitigations
AU-13 Monitoring For Information Disclosure
ViewCA-3 Information Exchange
ViewCA-6 Authorization
ViewMitigations
CA-7 Authorization
ViewMitigations
AIR-DET-011Human Feedback Loop for AI Systems
AIR-DET-015Using Large Language Models for Automated Evaluation (LLM-as-a-Judge)
AIR-DET-016Preserving Source Data Access Controls in AI Systems
AIR-DET-001AI Data Leakage Prevention and Detection
AIR-DET-021Agent Decision Audit and Explainability
AIR-DET-004AI System Observability
AIR-PREV-006Data Quality & Classification/Sensitivity
AIR-PREV-008Quality of Service (QoS) and DDoS Prevention for AI Systems
AIR-DET-009AI System Alerting and Denial of Wallet (DoW) / Spend Monitoring
CA-8 Penetration Testing
ViewCM-2 Baseline Configuration
ViewMitigations
CM-3 Configuration Change Control
ViewCM-4 Impact Analyses
ViewCM-8 System Component Inventory
ViewMitigations
CM-12 Information Location
ViewCM-13 Data Action Mapping
ViewCP-9 System Backup
ViewMitigations
IA-2 Identification And Authentication (organizational Users)
ViewIA-4 Identifier Management
ViewIA-5 Authenticator Management
ViewIR-5 Incident Monitoring
ViewMitigations
IR-6 Incident Reporting
ViewIR-9 Information Spillage Response
ViewMP-6 Media Sanitization
ViewPM-11 Mission And Business Process Definition
ViewPM-22 Personally Identifiable Information Quality Management
ViewPM-23 Data Governance Body
ViewPM-26 Complaint Management
ViewMitigations
PM-30 Supply Chain Risk Management Strategy
ViewPS-7 External Personnel Security
ViewPT-2 Authority To Process Personally Identifiable Information
ViewRA-2 Security Categorization
ViewRA-3 Risk Assessment
ViewRA-5 Vulnerability Monitoring And Scanning
ViewMitigations
RA-10 Threat Hunting
ViewSA-4 Acquisition Process
ViewSA-8 Security And Privacy Engineering Principles
ViewSA-10 Developer Configuration Management
ViewMitigations
SA-11 Developer Testing And Evaluation
ViewSA-12 Supply Chain Protection
ViewMitigations
SA-22 Unsupported System Components
ViewMitigations
SC-3 Security Function Isolation
ViewSC-4 Information In Shared System Resources
ViewSC-5 Denial-of-service Protection
ViewSC-6 Resource Availability
ViewSC-7 Boundary Protection
ViewSC-8 Transmission Confidentiality And Integrity
ViewSC-12 Cryptographic Key Establishment And Management
ViewMitigations
SC-13 Cryptographic Protection
ViewMitigations
SC-28 Protection Of Information AT Rest
ViewSC-32 System Partitioning
ViewSI-2 Flaw Remediation
ViewSI-3 Malicious Code Protection
ViewSI-4 System Monitoring
ViewMitigations
AIR-DET-011Human Feedback Loop for AI Systems
AIR-DET-015Using Large Language Models for Automated Evaluation (LLM-as-a-Judge)
AIR-DET-016Preserving Source Data Access Controls in AI Systems
AIR-PREV-017AI Firewall Implementation and Management
AIR-DET-001AI Data Leakage Prevention and Detection
AIR-PREV-020MCP Server Security Governance
AIR-PREV-002Data Filtering From External Knowledge Bases
AIR-PREV-003User/App/Model Firewalling/Filtering
AIR-DET-004AI System Observability
AIR-PREV-008Quality of Service (QoS) and DDoS Prevention for AI Systems
AIR-DET-009AI System Alerting and Denial of Wallet (DoW) / Spend Monitoring
SI-6 Security And Privacy Function Verification
ViewMitigations
SI-7 Software, Firmware, And Information Integrity
ViewMitigations
AIR-DET-013Providing Citations and Source Traceability for AI-Generated Information
AIR-DET-015Using Large Language Models for Automated Evaluation (LLM-as-a-Judge)
AIR-DET-016Preserving Source Data Access Controls in AI Systems
AIR-DET-004AI System Observability
AIR-PREV-006Data Quality & Classification/Sensitivity
SI-10 Information Input Validation
ViewSI-12 Information Management And Retention
ViewSI-13 Predictable Failure Prevention
ViewSI-15 Information Output Filtering
ViewMitigations
SI-18 Personally Identifiable Information Quality Operations
ViewSI-19 De-identification
ViewSI-20 Tainting
ViewSR-2 Supply Chain Risk Management Plan
ViewSR-3 Supply Chain Controls And Processes
ViewSR-4 Provenance
ViewMitigations