GRN 6.1 - 3rd Party Risk Policies

NIST AI RMF (in the playbook companion) states:

GOVERN 6.1

Policies and procedures are in place that address risks associated with third-party entities.

About

Organizations usually engage multiple third parties for external expertise, data, software packages (both open source and commercial), and software and hardware platforms across the AI lifecycle.

The need to rely on external resources or expertise may heighten existing challenges in an already complex undertaking, increasing the difficulty of risk management efforts.

Organizational approaches to managing third-party risk should be tailored to the resources, risk profile, and use case for each system. Organizations should strive to apply governance approaches to third-party AI system and data as they would for internal resources — including open source software, publicly available data, and commercially available models.

Actions

• Collaboratively establish policies that address third-party AI systems and data.

• Establish policies related to:

  • Transparency into third-party system functions, including knowledge about training data, training and inference algorithms, and assumptions and limitations.

  • Thorough testing of third-party AI systems.

  • Requirements for clear and complete instructions for third-party system usage.

Transparency and Documentation

Organizations can document the following:

• Did you establish mechanisms that facilitate the AI system’s auditability (e.g. traceability of the development process, the sourcing of training data and the logging of the AI system’s processes, outcomes, positive and negative impact)?

• If a third party created the AI, how will you ensure a level of explainability or interpretability?

• Did you ensure that the AI system can be audited by independent third parties?

• Did you establish a process for third parties (e.g. suppliers, end-users, subjects, distributors/vendors or workers) to report potential vulnerabilities, risks or biases in the AI system?

• To what extent does the plan specifically address risks associated with acquisition, procurement of packaged software from vendors, cybersecurity controls, computational infrastructure, data, data science, deployment mechanics, and system failure?