Home
Browse frameworks
Contact us
SAMMY premium
Sign in
SAMMY UI is optimized for resolutions with a width 1024px and higher.
AIMA
Browse AIMA
AIMA
ASVS
BSIMM 15
CIS Critical Security Controls
Cloud Controls Matrix
Cybersecurity Fundamentals
Cybersecurity Fundamentals 2.0
DSOMM
NIS2
NIST 800-171 Rev 2
NIST 800-171 Rev 3
NIST 800-34
NIST 800-53 v5
NIST CSF 2.0
NIST SSDF
OpenSAMM1.5
SAMM
Secure Controls Framework
Responsible AI Principles
Ethical and Societal Impact
Transparency and Explainability
Fairness and Bias
Governance
Strategy and Metrics
Policy and Compliance
Education and Awareness
Data Management
Data Quality and Integrity
Data Governance and Accountability
Data Training
Privacy
Data Minimization and Purpose Limitation
Privacy by Design and Default
User Control and Transparency
Design
Threat Assessment
Security Architecture
Security Requirements
Implementation
Secure Build
Secure Deployment
Defect Management
Verification
Security Testing
Requirement-based Testing
Architecture Assessment
Operations
Incident Management
Event Management
Operational Management
M-DT-A: Stream A
M-DT-B: Stream B
Maturity Level 1
Maturity Level 2
Maturity Level 3
M-DT-A-1
M-DT-A-1: Is training data gathered informally, with minimal consistency or curation standards?
Unstructured Collection:
Data gathered without structured processes, inconsistent quality.
No Labeling Standards:
Absence of formal labeling guidelines or dataset curation practices.
Manual Validation:
Minimal or no validation; data quality highly variable.
0
1
2
3
Description
Unstructured Collection:
Data gathered without structured processes, inconsistent quality.
No Labeling Standards:
Absence of formal labeling guidelines or dataset curation practices.
Manual Validation:
Minimal or no validation; data quality highly variable.
M-DT-A-2
M-DT-A-2: Are there minimal or no compliance checks for third-party data usage?
Guidelines Established:
Initial standards for dataset collection, labeling, and validation set.
Partial Validation:
Manual validation and checks performed on subsets of training data.
Early-stage Curation:
Early stages of data quality management and documentation established.
0
1
2
3
Description
Guidelines Established:
Initial standards for dataset collection, labeling, and validation set.
Partial Validation:
Manual validation and checks performed on subsets of training data.
Early-stage Curation:
Early stages of data quality management and documentation established.
M-DT-A-3
M-DT-A-3: Are standardized processes for dataset collection and labeling formally defined?
Automated Pipelines:
Standardized, automated pipelines for data preparation, quality control, deduplication, and labeling accuracy checks fully operational.
Continuous Validation:
Real-time or regular validation ensuring high-quality, representative, and reliable training data.
Dynamic Curation:
Active dataset curation based on model feedback, performance metrics, and evolving requirements.
0
1
2
3
Description
Automated Pipelines:
Standardized, automated pipelines for data preparation, quality control, deduplication, and labeling accuracy checks fully operational.
Continuous Validation:
Real-time or regular validation ensuring high-quality, representative, and reliable training data.
Dynamic Curation:
Active dataset curation based on model feedback, performance metrics, and evolving requirements.