AI tooling has overly broad data access
Backend retrieves customer context by ticket id without proving the support agent has rights to that specific record.
BLUEPRINT v1.0 · ExampleAI B.V., Support Assistant POC · SAMPLEThis is the anonymised exhibit I hand to a CTO at the end of the audit, a readiness score, every domain graded, findings ranked by severity, and a plain next step. The numbers below are the same ones shown on the homepage scorecard.
One headline score, then every domain graded out of five. Weakest domains are listed first, that is where the audit spends its evidence.
A full report ranks ten findings P0 to P3, each with evidence, an owner and acceptance criteria. This exhibit shows the top of that list. Each severity carries a written label, never a bare colour.
Backend retrieves customer context by ticket id without proving the support agent has rights to that specific record.
Application logs contain customer questions, names, e-mail addresses and ticket bodies, with no defined retention.
Model-call endpoints have no per-user or per-tenant limits and no cost guardrails.
Anonymised excerpt. Real reports include 10 ranked findings, detailed evidence and acceptance criteria for each.
Two P0 findings: broad AI data access and full prompt/output logging, must be closed before real customers touch the system.
Object-level authorisation, privacy-safe logging, central secrets management, rate limiting and a minimal incident runbook. This clears the P0s and the load-bearing P1s.
Once logging, monitoring and incident response are in place, a scoped pilot is defensible, with an evidence pack ready for the first client questionnaire.
The Blueprint™ is senior-engineer technical work. It is not a pentest, a DPIA or a legal opinion. Where one of those is required, I say so and point you to the right specialist: a certification auditor, legal counsel or a penetration tester.
Technical readiness support, not legal advice or a compliance guarantee.
A 30-minute call confirms whether the Blueprint™ is the right next step, what scope is realistic, and what risks are likely already in your system.
Thirty minutes is enough to know whether the Blueprint™ fits, what scope is realistic, and what risks are likely already in your system.
Whether you need a Blueprint, senior engineering by the day, or a bounded governance deliverable, the call is where we scope it.
Calendar not loading? Email [email protected]