| AID | 7 |
|---|---|
| Domain | Audit & Assurance |
| CID | A&A-06 |
| Control | Remediation |
| Control Specification | Establish, document, approve, communicate, apply, evaluate and maintain a risk-based corrective action plan to remediate audit findings, regularly review and report remediation status to relevant stakeholders. |
| Control Type | Cloud & AI Related |
| AI CAIQ ID | A&A-06.1 |
| AI CAIQuestionnaire | Is a risk-based corrective action plan established, documented, approved, communicated, applied, evaluated, and maintained to remediate audit findings, regularly review, and report remediation status to relevant stakeholders? |
| NIST AI 600-1 Mapping | GV-1.3-007<br /> MG-4.2-002<br /> MG-1.3-001 |
Reference: https://cloudsecurityalliance.org/artifacts/ai-controls-matrix