# AI Control Gap Assessment
Executive Summary
This assessment maps AI controls to their real state: missing, partial, implemented, or validated. It connects each control to an owner, evidence, remediation action, buyer impact, and release-blocker status.
The sample posture is not immature, but it is not yet enterprise-ready. Most controls exist in partial form. The biggest gaps are retrieval authorization proof, agent tool authority, approval context, trace retention, and provider boundary evidence.
Public sample notice
Control gap decision
Continue constrained pilot operation, but do not expand enterprise rollout until the seven release-blocking control gaps have remediation owners, evidence, and validation results.
Control Gap Snapshot
Control maturity is evidence maturity
Control gap map
AI Control Gap Assessment
The control gap map connects controls, states, owners, evidence, remediation, release blockers, and buyer impact.
Control summary
Control state summary
| Control | Domain | State | Owner | Release blocker |
|---|---|---|---|---|
| AI system inventory | governance | implemented | Product Security | no |
| AI risk tiering | governance | partial | Product Security | no |
| Model provider boundary statement | third-party risk | partial | Vendor Management and Legal | yes |
| Gateway-only model routing | architecture | implemented | AI Platform Engineering | no |
| Authorization-preserving retrieval | data access | partial | Search Platform | yes |
| Source trust labeling | RAG security | partial | Product Security | yes |
| Agent tool inventory | agentic controls | partial | AI Platform Engineering | yes |
| Agent tool permission matrix | agentic controls | partial | AI Platform Engineering | yes |
| Approval context bundles | oversight | partial | Product Operations | yes |
| AI trace logging | observability | implemented | Security Engineering | no |
| AI trace retention and access control | privacy | partial | Security Engineering and Privacy | yes |
| AI release gate | SDLC | partial | Product Security | no |
| AI incident response playbook | operations | missing | Security Operations | no |
| Enterprise AI questionnaire answer bank | enterprise readiness | partial | Trust and Security | no |
Priority findings
Priority Control Gaps
No controls are yet validated
Several controls are implemented or partially implemented, but none have enough validation evidence to be marked validated across the assessment scope.
Seven control gaps block safe expansion
Provider boundary, RAG authorization, source trust, tool inventory, permission matrix, approval bundles, and trace retention are release-blocking gaps.
AI incident response is missing
The AI incident response playbook is the only fully missing control in this sample, but it matters for trust-center readiness and operational maturity.
Buyer-facing gaps are concentrated in evidence
Many gaps are not purely technical. They affect what the company can safely claim to enterprise buyers.
Remediation waves
Control remediation waves
| Wave | Theme | Controls |
|---|---|---|
| 0-30 days | Block critical expansion | RAG authorization, tool inventory, permission matrix, approval bundles |
| 31-60 days | Convert posture into evidence | provider boundary, trace retention, answer bank, source trust labeling |
| 61-90 days | Operationalize repeatability | release gate, incident response, risk tiering, trace logging |
Remediation sequence decision
Do not start with policy writing. Start with the release-blocking controls that protect retrieval, tools, approvals, traces, and provider claims.
Evidence expectations
Evidence required to move from partial to validated
Related artifacts
Related artifact: AI Risk Register
The risk register turns control gaps into owned risk decisions.
Related artifact: AI Security Remediation Roadmap
The roadmap sequences remediation waves into owner-driven execution.
Related artifact: AI Governance Evidence Matrix
The evidence matrix maps control gaps to governance and buyer proof.