責任與治理 · Updated 2026-04-26
Guidelines and Companion Guide on Securing AI Systems
Core Point
Best practices for AI system security across the full lifecycle — filling a gap in AI security governance.
Detailed Note
Issued by CSA in October 2024, the guidelines cover the full AI system lifecycle: threat modelling at the planning and design stage, data and model security during development, security testing at deployment, and monitoring and incident response in operations. Particular focus is given to AI-specific risks such as adversarial attacks, data poisoning, model theft and supply-chain security. A 2025 companion paper, "Securing Agentic AI", extends the framework to agentic AI use cases.
Position in the Legal Framework
原則到工具到執法的漸進式路徑——FEAT → Veritas → MindForge → AI Risk Management Guidelines。