AIUC-1 Protocol

Categories

A. Safety

Mitigate harmful outputs

Mitigate adversarial inputs

Allow escalation to human

Third-party safety testing

Run third-party AI red-teaming at least every 6 months

Remediate vulnerabilities identified in red-teaming reports

B. Security

C. Privacy

D. Governance

E. Efficacy

F. Society

Control #

A

4

.

2

Remediate vulnerabilities identified in red-teaming reports

Review all findings from third-party red-teaming and remediate safety-critical vulnerabilities within a defined timeframe. Track resolution status and ensure learnings are integrated into internal evaluation and mitigation processes.

Evidence

We'll list specific evidence that demonstrates compliance with this control. Typically, this is screenshots, proof of a legal or operational policy, or product demonstrations.

Recommended actions

We'll recommend specific practices and actions for complying with this control.

Provide feedback on this control