ETSI EN 304 223 → ISO 27001 → SOC 2 Mapping Table

This table shows how the AI-specific security requirements in ETSI EN 304 223 map to existing ISO/IEC 27001 and SOC 2 controls.

In most cases, organisations can reuse existing controls and evidence, extending scope to explicitly include AI systems, models, data, and prompts.

Awareness of AI security threats and risks

SOC2

CC3.1, CC3.2 – Risk assessment and identification

Identification and understanding of AI-specific threats such as data poisoning, prompt injection, and model misuse

ISO27001

Clause 6.1.2 Information security risk assessment Clause 7.2 & 7.3 – Competence and awareness

Documentation of data, models, and prompts

SOC2

CC1.2 – Asset inventory CC5.1 – Data classification

Visibility and control over AI assets and dependencies

ISO27001

A.5.9 – Inventory of information assets A.8.12 – Data classification

Secure AI development

SOC2

CC8.1 – Change management CC5.2 – Change controls

Secure training, tuning, and integration of AI systems

ISO27001

A.8.25 – Secure development lifecycle A.8.28 – Secure coding

Secure deployment of AI systems

SOC2

CC6.1, CC6.2 – Logical access and authentication

Controlled release and configuration of AI systems

ISO27001

A.5.15 – Access control A.5.16 – Identity management

Incident management for AI systems

SOC2

CC7.4 – Incident response CC4.2 – Corrective action

Response to AI-specific security incidents

ISO27001

A.5.24 – Incident management A.5.26 – Lessons learned

Secure end-of-life and disposal

SOC2

CC5.3 – Data disposal CC8.3 – Data retention

Secure decommissioning of AI systems and associated data

ISO27001

A.5.11 – Asset disposal A.8.10 – Data deletion

Secure AI supply chain

SOC2

CC1.4, CC9.1, CC9.2 – Vendor management and risk mitigation

Risks arising from third-party AI models, datasets, APIs, and platforms

ISO27001

A.5.19–A.5.21 – Supplier relationships and ICT supply chain security

Secure AI design

SOC2

CC3.2 – Risk identification CC2.1 – Policy definition

Embedding security considerations early in AI system design

ISO27001

Clause 6.1 – Risk treatment planning A.5.8 – Information security in project management

Testing and evaluation of AI systems

SOC2

CC7.1 – Monitoring CC4.1 – Evaluation

Validation of AI behaviour, misuse cases, and security weaknesses

ISO27001

A.8.29 – Security testing A.5.35 – Independent review

Monitoring of AI system behaviour

SOC2

CC7.2, CC7.3 – Monitoring and logging

Detection of misuse, abnormal outputs, or model drift

ISO27001

A.8.16 – Monitoring activities A.5.30 – Logging

Secure maintenance and updates

SOC2

CC7.1 – System operations CC8.1 – Change controls

Ongoing security of retraining, tuning, and updates

ISO27001

A.8.8 – Vulnerability management A.8.32 – Change management