AI & Data Companies

AI and data companies face risks that standard startup control sets often miss: prompt injection, sensitive information disclosure, model and data poisoning, supply-chain vulnerabilities, and excessive agent autonomy. These risks are documented in frameworks like NIST AI RMF, NIST's GenAI SSDF profile, and the OWASP GenAI/LLM Top 10.

Our approach: Standard SOC 2 readiness first. AI and data-specific hardening second. The advisory modules below are optional enhancements on top of mandatory Trust Services Criteria controls — they are not a separate AICPA standard.

Standard Controls vs. AI/Data Enhancements

Standard SOC 2 Readiness

Mandatory controls required for every SOC 2 audit:

Logical access and privileged access
Change management
Incident response
Risk management
Vendor management
Backup and availability
Logging and monitoring
Confidentiality and privacy (where applicable)

View all 12 control domains →

AI/Data Advisory Enhancements

Optional modules justified by AI-risk frameworks:

Data lineage and training data governance
Prompt/response telemetry
RAG and retrieval governance
Model/provider vendor review
Agent approval gates
AI-assisted SDLC controls
Warehouse and analytics governance

Advisory Modules

Each module adds specific controls and documentation practices to address risks unique to AI and data-intensive products.

Training/Inference Data Governance

NIST AI RMF and NIST's GenAI profile emphasize AI-specific risk management; data lineage is an established governance concept.

What This Module Adds

Dataset inventory with lineage map
Approved data sources registry
Retention and deletion rules for training data
Production-data-use approval workflows

RAG and Vector-Store Controls

OWASP 2025 highlights vector and embedding weaknesses, sensitive information disclosure, and prompt injection risks.

What This Module Adds

Retrieval source allowlists
Embedding-store access controls
Chunk and source traceability
Redaction controls for sensitive content
Test prompts for injection resistance

Prompt/Response/Model-Operation Logging

Inferred from NIST/OWASP risk guidance for investigation, oversight, and abuse detection. Not an explicit SOC 2 requirement.

What This Module Adds

Prompt/response telemetry policy
Redaction rules for logged content
Retention rules for model operation logs
Abuse-event review workflow
Log access restrictions

Human Review and Agent Approval Gates

NIST AI RMF emphasizes defined human roles; OWASP recommends human approval for high-risk actions and human-in-the-loop for privileged operations.

What This Module Adds

Approval gates for destructive actions
Human review for system-prompt changes
Authorization for customer-data exports
Approval for external tool execution
Review gates for automated account changes

Model/Provider Vendor Risk

OWASP explicitly calls out supply-chain vulnerabilities; cloud/vendor guidance emphasizes IAM and data-exfiltration controls.

What This Module Adds

Model provider register with risk assessment
Data processing agreement (DPA) review
Training-on-customer-data policy review
Subprocessors inventory
Failover and provider exit plan

AI-Assisted SDLC Controls

NIST's GenAI SSDF profile extends secure-development practices into AI model development and AI-assisted coding.

What This Module Adds

Rules for use of coding copilots
Review requirements for AI-generated code
Secrets scanning in AI-generated output
Provenance and approval of model artifacts

Warehouse and Analytics Governance

Official lineage and audit-log documentation supports governance of high-value data estates and analytics infrastructure.

What This Module Adds

Database-role review for analytics access
Query and audit logs for sensitive datasets
Break-glass controls for emergency access
Tagging and classification of critical data assets

Need AI-Specific Readiness Support?

We help AI and data companies build a SOC 2 control environment that satisfies enterprise buyers and addresses the unique risks of AI products.

Get in Touch