Alibaba Cloud meets AIC4 criteria for AI in the cloud

Share your love

With the Criteria catalog AIC4 (Artificial Intelligence Cloud Service Compliance Criteria Catalog) the Federal Office for Information Security (BSI) formulated minimum requirements for providers who offer services related to artificial intelligence in the cloud in February 2021. The Chinese cloud provider Alibaba Cloud has now successfully undergone an audit that verifies compliance with these criteria.

The audit and management consultancy PwC carried out the audit. Petra Justenhoven, member of the management team at PwC Germany, can be quoted as follows: “The adoption of the criteria in the areas of security, reliability, performance and functionality, data quality and management, bias and explainability was the basis for our examination at Alibaba. As an independent auditor, PwC confirms compliance with these criteria. “

According to Alibaba Cloud, this makes them the first non-German company to meet the AIC4 criteria. Checking this is not easy: the BSI itself only lays down the minimum criteria firmly and does not carry out any audits itself and does not award any seals. Besides, it leads no list of audited companies or trusted auditorsas stated on its homepage. Chapter 4 of the criteria catalog only describes which conditions the auditors must meet.

Because the BSI does not carry out the tests itself, it also somewhat restricts the informative value in the FAQ section of its homepage: “The existence of a test report alone does not necessarily imply that aspects such as robustness, performance, reliability, data quality, explainability or bias are appropriate for a It is therefore up to the users to use the transparency created by the test report and to carry out their own risk assessment as to whether the level of information security of the AI ​​service is sufficient, taking into account the planned application. “

Read Also   Freenet Flex: More data volume in two tariffs

Alibaba Cloud now has a certain routine with auditing: Also an audit for the BSI’s C5 criteria catalog they have already successfully undergone. New to the list of successful audits is the third stage of the latest version of the “Trusted Information Security Assessment Exchange (TISAX)”, a catalog of criteria of the Association of the automotive industry (VDA).


Article Source

Share your love