• AI Governance Overview
  • 358 pages and 90 vendors
  • 90 controls and 25 case studies
  • Mappings to EU AI Act and NIST AI RMF

YDC AI Governance Artifacts Open Sourced on Hugging Face With Propagation & Maturity Assessment in Microsoft Purview and Power BI

Sunil Soares, Founder & CEO, YDC | May 23, 2024

I recently published a book on AI Governance with 215 pages, 76 controls and mapping to the EU AI Act, NIST, and other regulations. The book is free-to-download here.

The overall AI Governance Framework is shown in Figure 1.


Figure 1: AI Governance Framework

With the rapidly evolving AI marketplace, this framework needs to be updated frequently. As a consequence, the YDC team has made the decision to open source our AI Governance Framework. YDCAIGOV is now available in its own space on Hugging Face under the cc-by-nc-4.0 license.

From the Gradio-based user interface on Hugging Face, the user selects the component of AI Governance for which they need to view the artifacts, or selects all (see Figure 2).


Figure 2: User interface on Hugging Face

The user selected Component 1. Establish Accountability for AI from the dropdown menu (see Figure 3).


Figure 3: User selects the AI Governance component from dropdown

The output section displays the AI Governance artifacts in JSON format including component, control, regulation, citation, and jurisdiction (see Figure 4).


Figure 4: User views the AI Governance artifacts in JSON format

The user may then use the copy button to select the artifacts. Alternatively, the AI Governance artifacts may then be propagated to third party applications such as Microsoft Purview using the Hugging Face API. We customized the operating model in Purview to add custom assets, attributes, and relations. Users may then add additional information such as Maturity Rating and Maturity Rating Explanation natively in Purview (see Figure 5).


Figure 5: AI Governance artifacts propagated to Microsoft Purview with maturity ratings appended

Figure 6 shows the AI Governance artifacts in a traceability diagram in Microsoft Purview.


Figure 6: AI Governance artifacts viewable as traceability diagram in Microsoft Purview

Figure 7 shows the reporting of the AI Governance maturity score by component and control in Microsoft Power BI.


Figure 7: AI Governance maturity scores by component and control in Microsoft Power BI

Full disclosure – With the 2023 sale of my previous company, neither YDC nor I are in the data governance business anymore.

Fairness & Accessibility

Component

Component ID: 5.0

Mitigate bias and manage AI accessibility.

List of Controls:

  • Bias
  • Accessibility

Improve Security
Component

Component ID: 10

Address emerging attack vectors impacting availability, integrity, abuse, and privacy.  

List of Controls:

  • Prevent Direct Prompt Injection Including Jailbreak
  • Avoid Indirect Prompt Injection
  • Avoid Availability Poisoning
    • Manage Increased Computation Attack
    • Detect Denial of Service (DoS) Attacks
    • Prevent Energy-Latency Attacks
  • Avoid Data and Model Poisoning Attacks
    • Detect Data Poisoning Attacks
    • Avoid Targeted Poisoning Attacks
    • Avoid Backdoor Poisoning Attacks
    • Prevent Model Poisoning Attacks
  • Support Data and Model Privacy
    • Prevent Data Reconstruction Attacks
    • Prevent Membership Inference Attacks
    • Avoid Data Extraction Attacks
    • Avoid Model Extraction Attacks
    • Prevent Property Inference Attacks
    • Prevent Prompt Extraction Attacks
  • Manage Abuse Violations
    • Detect White-Box Evasion Attacks
    • Detect Black-Box Evasion Attacks
    • Mitigate Transferability of Attacks
  • Misuse of AI Agents
    • Prevent AI-Powered Spear-Phishing at Scale
    • Prevent AI-Assisted Software Vulnerability Discovery
    • Prevent Malicious Code Generation
    • Identify Harmful Content Generation at Scale
    • Detect Non-Consensual Content
    • Detect Fraudulent Services
    • Prevent Delegation of Decision-Making Authority to Malicious Actors

Identify Executive Sponsor

ID : 1.1 

Appoint an executive who will be accountable for the overall success of the program.

ComponentRegulationVendors
1. Establish Accountability for AIEU AI Act 
We use cookies to ensure we give you the best experience on our website. If you continue to use this site, we will assume you consent to our privacy policy.