GRC Store

Search / finos-ccc/ccc.genai.cn / v2026.06-rc5

Release · v2026.06-rc5

FINOS-CCC/CCC.GenAI.CN Control Catalog

FINOS-CCC/CCC.GenAI.CN

Controls for Generative AI Platform technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.genai.cn --tag v2026.06-rc5
Coordinate
oci.grc.store/finos-ccc/ccc.genai.cn:v2026.06-rc5
Manifest digest
sha256:a8efeba02b8f113f1f2dec5289059c61eb3a08a4b566a2f461118ed176c1fbf0

Provenance

1 layer
Digest Media type Size
36c191d881d6… application/vnd.gemara.artifact.v1+yaml 16.5 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.GenAI.CN",
            "type": "ControlCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.genai.cn",
            "tag": "v2026.06-rc5"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26771723499",
          "GITHUB_SHA": "a9503345caf59a144d8ab9b4bede212b393ca56a",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/ai-ml/gen-ai/controls.yaml",
            "uri": "file://artifacts/ai-ml/gen-ai/controls.yaml",
            "digest": {
              "sha256": "36c191d881d6c3eac71017cc06aff1ccbd2f1ce2fe4e742d3c1f66713bca77bc"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@a9503345caf59a144d8ab9b4bede212b393ca56a",
            "digest": {
              "gitCommit": "a9503345caf59a144d8ab9b4bede212b393ca56a"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26771723499",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26771723499-1",
          "startedOn": "2026-06-01T17:46:28.228375811Z",
          "finishedOn": "2026-06-01T17:46:28.353861101Z"
        },
        "byproducts": [
          {
            "name": "controls.yaml",
            "digest": {
              "sha256": "36c191d881d6c3eac71017cc06aff1ccbd2f1ce2fe4e742d3c1f66713bca77bc"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "controls.yaml",
      "type": "ControlCatalog",
      "id": "CCC.GenAI.CN",
      "role": "artifact"
    }
  ]
}

CCC Generative AI Platform Controls

Controls for Generative AI Platform technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.GenAI.CN
Version
v2026.06-rc5
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Machine Learning

The Machine Learning group covers entries related to building, training, deploying, and managing ML models and AI systems. This includes development environments, experiment tracking, model registries, inference, generative AI, prompt engineering, and model governance.

  1. CCC.GenAI.CN01 Model Input Filtering and Sanitisation

    Objective

    Inspect and validate input before it is passed to a GenAI model in order to filter or sanitise adversarial queries and prevent sensitive data leakage.

    Assessment requirements

    1. Untrusted input such as user queries, RAG data or tool output MUST be validated before it is passed to a GenAI model.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    2. If malicious patterns such as prompt injection or sensitive data are detected during input validation, the input MUST be blocked or sanitised.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-PREV-003User/App/Model Firewalling/Filtering
      • AIR-PREV-017AI Firewall Implementation and Management
      • AIR-PREV-002Data Filtering From External Knowledge Bases
      • AIR-DET-001AI Data Leakage Prevention and Detection
    • SAIF
      • Input Validation and Sanitization
    • MITRE-ATLAS
      • AML.M0020Generative AI Guardrails
      • AML.M0021Generative AI Guidelines
      • AML.M0015Adversarial Input Detection
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH01Prompt Injection
      • CCC.GenAI.TH03Sensitive Information Disclosure

  2. CCC.GenAI.CN02 Model Output Filtering and Sanitisation

    Objective

    Inspect and validate GenAI model output before passing it to users, applications or plugins in order to filter or sanitise insecure or unreliable output and prevent sensitive data leakage.

    Assessment requirements

    1. GenAI model output MUST be validated for format conformance, malicious patterns, sensitive data and inapropriate content before being passed to users, application or plugins.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    2. In the event of policy violations, the AI-generated content MUST be redacted, encoded or rejected.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-PREV-003User/App/Model Firewalling/Filtering
      • AIR-PREV-017AI Firewall Implementation and Management
      • AIR-PREV-002Data Filtering From External Knowledge Bases
      • AIR-DET-001AI Data Leakage Prevention and Detection
    • SAIF
      • Output Validation and Sanitization
    • MITRE-ATLAS
      • AML.M0020Generative AI Guardrails
      • AML.M0002Passive AI Output Obfuscation
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH01Prompt Injection
      • CCC.GenAI.TH03Sensitive Information Disclosure
      • CCC.GenAI.TH04Insecure / Unreliable Model Output
      • CCC.GenAI.TH05Model Overreliance
      • CCC.GenAI.TH06Unintended Action by a Model-Based Agent

  3. CCC.GenAI.CN03 Data Provenance and Source Vetting

    Objective

    Ensure that all data for training, fine-tuning or RAG comes from trusted, approved sources and is authorised for the intended purposes in order to prevent the initial introduction of malicious content or leaked sensitive data.

    Assessment requirements

    1. When data is designated for model training or RAG ingestion, then its source MUST be explicitly approved and its provenance documented.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    2. Data from unvetted sources MUST NOT be used in production systems.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-PREV-006Data Quality & Classification/Sensitivity
    • SAIF
      • Training Data Management
    • MITRE-ATLAS
      • AML.M0025Maintain AI Dataset Provenance
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH02Data Poisoning
      • CCC.GenAI.TH03Sensitive Information Disclosure

  4. CCC.GenAI.CN04 Sanitisation of Ingested Data

    Objective

    Validate and sanitise all data ingested by GenAI systems from extenal sources or internal knowledge bases, whether for training, conversion to vector embeddings, or real-time retireval, in order to remove or redact poisoned or sensitive data before further processing.

    Assessment requirements

    1. When data is ingested for training, fine-tuning or conversion to vector embeddings, it MUST be validated for sensitive information or malicious content.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    2. If sensitive data or malicious content is detected, it must be rejected, redacted or flagged for manual review.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-PREV-002Data Filtering From External Knowledge Bases
    • SAIF
      • Training Data Sanitization
    • MITRE-ATLAS
      • AML.M0007Sanitize Training Data
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH02Data Poisoning
      • CCC.GenAI.TH03Sensitive Information Disclosure

  5. CCC.GenAI.CN05 Citations and Source Traceability

    Objective

    Require the GenAI system to provide citations or direct links back to the source documents used to generate a response, in to enhance the transparency, trustworthiness, and verifiability of AI-generated content.

    Assessment requirements

    1. When a RAG-enabled system generates a response containing information retrieved from its knowledge base, then the response MUST include a verifiable citation that links back to the specific source document.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-DET-013Providing Citations and Source Traceability for AI-Generated Information
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH09Lack of Explainability
      • CCC.GenAI.TH04Insecure / Unreliable Model Output

  6. CCC.GenAI.CN07 Model Version Pinning

    Objective

    Mandate that applications are locked ("pinned") to a specific, tested version of a foundational model to prevent unexpected behaviour changes introduced by provider-side updates.

    Assessment requirements

    1. When an application makes an API call to a foundational model in a production environment, then it MUST specify an explicit version identifier.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-PREV-010AI Model Version Pinning
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH10Model Version Drift

  7. CCC.GenAI.CN08 Quality Control and Red Teaming

    Objective

    Establish a formal program for quality evaluation and adversarial testing (red teaming) to ensure GenAI system meet all business, quality, security and compliance requirements before getting deployed into production environments.

    Assessment requirements

    1. When a new AI model is considered for production deployment, it MUST undergo a formal red teaming and quality assurance review.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    2. If model quality review or red teaming identifies an issue that exceeds the organization's risk tolerance, the model MUST NOT be deployed until the issue is remediated.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • FINOS-AIGF
      • AIR-PREV-005System Acceptance Testing
    • SAIF
      • Adversarial Training and Testing
      • Red Teaming
      • Product Governance
    • MITRE-ATLAS
      • AML.M0008Validate AI Model
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH01Prompt Injection
      • CCC.GenAI.TH02Data Poisoning
      • CCC.GenAI.TH04Insecure / Unreliable Model Output
      • CCC.GenAI.TH08Model Tampering
      • CCC.GenAI.TH10Model Version Drift

Access Control

The Access Control group covers entries related to authentication, authorization, and trust perimeter enforcement. This includes multi-factor authentication, least privilege access, network access rules, and prevention of unauthorized access or reconnaissance.

  1. CCC.GenAI.CN06 Least Privilege for Plugins

    Objective

    Restricts the permissions of any external tools the GenAI system can call to limit the potential damage if an agent is coerced to perform unintended actions or vulnerabilities in the tools are exploited.

    Assessment requirements

    1. When an LLM invokes an external tool (e.g., an API, a plugin), then the tool MUST operate with the least privileges required for performing its intended functionality.

      Applicability: tlp-clear, tlp-green, tlp-amber, tlp-red

    Guidelines
    • SAIF
      • Agent Permissions
    Threats
    • CCC.GenAI.Threats
      • CCC.GenAI.TH07Insecure Plugin
      • CCC.GenAI.TH06Unintended Action by a Model-Based Agent