MAP 4.1 - Mapping 3rd-Party Risk

NIST AI RMF (in the playbook companion) states:

MAP 4.1

Approaches for mapping third-party technology risks are in place and documented.

About

Technologies and personnel from third-parties are another source of risk to consider during AI risk management activities. Such risks may be difficult to map since third-party provider risk tolerances may not be the same as the contracting institution.

For example, the use of pre-trained models, which tend to rely on large uncurated web dataset or often have undisclosed origins, has raised concerns about privacy, bias, and unintended effects along with possible introduction of increased levels of statistical uncertainty, difficulty with reproducibility, and issues with scientific validity.

Actions

• Review audit reports, testing results, product roadmaps, warranties, terms of service, end-user license agreements, contracts, and other documentation related to third-party entities to assist in value assessment and risk management activities.

• Review third-party software release schedules and software change management plans (hotfixes, patches, updates, forward- and backward- compatibility guarantees) for irregularities that may contribute to AI system risks.

• Inventory third-party material (hardware, open-source software, foundation models, open source data, proprietary software, proprietary data, etc.) required for system implementation and maintenance.

• Review redundancies related to third-party technology and personnel to assess potential risks due to lack of adequate support.

Transparency and Documentation

Organizations can document the following:

• Did you establish a process for third parties (e.g. suppliers, end-users, subjects, distributors/vendors or workers) to report potential vulnerabilities, risks or biases in the AI system?

• If your organization obtained datasets from a third party, did your organization assess and manage the risks of using such datasets?

• How will the results be independently verified?