Governance  ·  Glossary

Secure by Design (AI-specific software assessment)

A widely-used checklist and methodology (from CIS and SAFECode, building on NIST's Secure Software Development Framework) that helps procurement teams and assessors judge whether a vendor built their software — including AI features — with security baked in from the start, rather than bolted on afterward. The newest version adds specific criteria for assessing AI components.
Procurement and vendor-risk teams now have a concrete, referenceable standard to demand evidence of secure AI development practices before signing a contract, rather than taking a vendor's word for it.
CIS Secure by Design v1.1
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →