Home
Browse frameworks
Contact us
SAMMY premium
Sign in
SAMMY UI is optimized for resolutions with a width 1024px and higher.
AIMA
Browse AIMA
AIMA
ASVS
BSIMM 15
CIS Critical Security Controls
Cloud Controls Matrix
Cybersecurity Fundamentals
Cybersecurity Fundamentals 2.0
DSOMM
NIS2
NIST 800-171 Rev 2
NIST 800-171 Rev 3
NIST 800-34
NIST 800-53 v5
NIST CSF 2.0
NIST SSDF
OpenSAMM1.5
SAMM
Secure Controls Framework
Responsible AI Principles
Ethical and Societal Impact
Transparency and Explainability
Fairness and Bias
Governance
Strategy and Metrics
Policy and Compliance
Education and Awareness
Data Management
Data Quality and Integrity
Data Governance and Accountability
Data Training
Privacy
Data Minimization and Purpose Limitation
Privacy by Design and Default
User Control and Transparency
Design
Threat Assessment
Security Architecture
Security Requirements
Implementation
Secure Build
Secure Deployment
Defect Management
Verification
Security Testing
Requirement-based Testing
Architecture Assessment
Operations
Incident Management
Event Management
Operational Management
R-ES-A: Stream A
R-ES-B: Stream B
Maturity Level 1
Maturity Level 2
Maturity Level 3
R-ES-A-1
R-ES-A-1: Is there informal awareness of the potential ethical and societal impacts of AI systems?
Incident-Driven:
Ethical concerns addressed post-incident without consistent practices.
Informal Accountability:
Ethical responsibilities assigned ad-hoc with minimal documentation.
Limited Follow-Up:
Post-incident documentation with little structured learning or improvement.
0
1
2
3
Description
Incident-Driven:
Ethical concerns addressed post-incident without consistent practices.
Informal Accountability:
Ethical responsibilities assigned ad-hoc with minimal documentation.
Limited Follow-Up:
Post-incident documentation with little structured learning or improvement.
R-ES-A-2
R-ES-A-2: Are ethical considerations occasionally discussed in an informal manner?
Defined Ethical and Environmental Policy:
Explicit policy outlines values, principles, and responsibilities.
Ethics Governance:
Designated Ethics Officers or Committees oversee ethical practices and governance.
Integrated Assessments:
Ethical and Environmental impact assessments systematically embedded into planning and documentation.
0
1
2
3
Description
Defined Ethical and Environmental Policy:
Explicit policy outlines values, principles, and responsibilities.
Ethics Governance:
Designated Ethics Officers or Committees oversee ethical practices and governance.
Integrated Assessments:
Ethical and Environmental impact assessments systematically embedded into planning and documentation.
R-ES-A-3
R-ES-A-3: Have formal processes been established to assess AI's ethical and societal impacts?
Continuous Monitoring:
Ethical and environmental KPIs actively tracked and aligned with organizational performance metrics.
Policy Evolution:
Regular updates based on stakeholder feedback and real-world insights.
Automated Integration:
Ethics and environmental tools and processes embedded throughout all project lifecycle phases.
0
1
2
3
Description
Continuous Monitoring:
Ethical and environmental KPIs actively tracked and aligned with organizational performance metrics.
Policy Evolution:
Regular updates based on stakeholder feedback and real-world insights.
Automated Integration:
Ethics and environmental tools and processes embedded throughout all project lifecycle phases.