ISO 27001 Annex A 5.10 for AI Companies

ISO 27001 Annex A 5.10 Acceptable use of information and other associated assets is a security control that requires organizations to identify, document, and implement rules for asset handling. For AI companies, this control is essential to prevent unauthorized data exposure and Shadow AI risks, ensuring that your intellectual property remains secure throughout the model development lifecycle.

If you are working towards ISO 27001 certification, you might view ISO 27001 Annex A 5.10 Acceptable use of information as just another form to fill out. Viewing the Acceptable Use control as a bureaucratic hurdle is a mistake. This control is actually your foundation for managing the most unpredictable part of security: people.

For AI companies, this is even more critical. Your team constantly creates and moves your most valuable assets, proprietary data, unique algorithms, and intellectual property. The security of these assets depends on clear rules. This guide helps you break down ISO 27001 Annex A 5.10 for AI companies into simple steps. We will move past the “checkbox” mindset to build a culture of security that is compliant and strong.

The “No-BS” Translation: Decoding the Requirement
The Business Case: Why This Actually Matters for AI Companies
DORA, NIS2 and AI Regulation: The Human Firewall
ISO 27001 Toolkit vs SaaS Platforms: The Policy Trap
Decoding Annex A 5.10: What is Acceptable Use?
- The Official Mandate
- The Core Purpose: Your First Line of Defence
Building Your Cornerstone: The Acceptable Use Policy (AUP)
- Defining the Scope: What Assets Are Covered?
Navigating Modern IT: Cloud Services and Shadow AI
The Evidence Locker: What the Auditor Needs to See
Common Pitfalls & Auditor Traps
Handling Exceptions: The “Break Glass” Protocol
The Process Layer: “The Standard Operating Procedure (SOP)”

The “No-BS” Translation: Decoding the Requirement

Let’s strip away the consultant-speak. Annex A 5.10 isn’t about telling people not to watch Netflix on their lunch break. It is about stopping your engineers from accidentally leaking your IP.

The Auditor’s View (ISO 27001)	The AI Company View (Reality)
“Rules for the acceptable use of information and of associated assets shall be identified, documented and implemented.”	Write down exactly what devs can and cannot do. Can they paste code into ChatGPT? Can they download the training set to their local laptop? If you don’t say “No,” they will do it.
“Personnel… shall be made aware of the acceptable use of assets.”	Don’t hide the policy in a dusty SharePoint folder. Make them sign it on Day 1. If they leak data and you didn’t tell them not to, that is your fault, not theirs.
“Assets shall be returned upon termination of employment.”	When a dev quits, you need their MacBook back, but you also need to revoke their API keys and GitHub access immediately.

DO IT YOURSELF ISO 27001

STOP SPANKING £10,000s on CONSULTANTS and ISMS ONLINE PLATFORMS

The Ultimate ISO 27001 Toolkit

The Business Case: Why This Actually Matters for AI Companies

Why should a founder care about an “Acceptable Use Policy”? Because in the AI world, your assets are digital, fluid, and easy to steal.

The Sales Angle

Enterprise clients are terrified of “Shadow AI.” When they send you a security questionnaire, they will ask: “Do you have a policy preventing your staff from sending our data to third-party LLMs?”. If you can’t produce a signed AUP that explicitly forbids this, you look like a risk. A robust A 5.10 control proves you have discipline.

The Risk Angle

The “Oops” Leak: The biggest risk isn’t a hacker; it’s a well-meaning engineer pasting a proprietary algorithm into a public forum to debug it. Without a clear Acceptable Use Policy, you have no recourse. This control sets the legal and cultural guardrails to prevent accidental IP suicide.

DORA, NIS2 and AI Regulation: The Human Firewall

Regulators know that human error is the root cause of most breaches. Annex A 5.10 is your tool to demonstrate compliance with these emerging laws.

DORA (Article 16): Requires financial entities to have policies on the “use of ICT services.” If you sell to fintech, your AUP must align with their strict standards on data handling.
NIS2 Directive: Focuses on “Cyber Hygiene.” A core part of hygiene is ensuring staff know how to handle data securely. An AUP is the primary evidence for this.
EU AI Act: Implies strict governance over training data. Your AUP must explicitly state who is allowed to touch raw training data and how it can be used, preventing unauthorised “pollution” of your models.

ISO 27001 Toolkit vs SaaS Platforms: The Policy Trap

SaaS platforms love to “automate” policy acceptance. But ticking a box on a screen isn’t the same as understanding the rules. Here is why the ISO 27001 Toolkit wins on this control.

Feature	ISO 27001 Toolkit (Hightable.io)	Online SaaS Platform
Ownership	You keep the signed PDF. It sits in your legal drive. If you get sued, you have the document ready.	Rented Evidence. If you stop paying the subscription, you lose the logs proving your staff accepted the policy.
Customisation	100% Editable. Add specific clauses about “Hugging Face” or “Github Copilot” in seconds using Word.	Generic Templates. Most SaaS tools offer a vanilla AUP that doesn’t cover modern AI risks, leaving you exposed.
Simplicity	No login required. Send the doc via DocuSign or email. Zero friction for new hires.	Login Fatigue. Forcing a contractor to create an account on your GRC platform just to sign a policy is a waste of time.
Cost	One-off fee. Pay once, use forever.	Per-User Pricing. As you hire more devs, the cost of just “hosting” your policy goes up.

Decoding Annex A 5.10: What is Acceptable Use?

Before implementing controls, you need to understand their purpose. A clear grasp of Annex A 5.10 is vital for building a framework that passes an audit. Here is what the official mandate means for you.

The Official Mandate

The ISO 27001 standard gives a direct definition for control A 5.10. It states that rules for acceptable use and procedures for handling information must be identified, documented, and implemented. An auditor will check this against a three-part structure:

Identified: Have you defined specific rules for your AI context, or is it just a generic template?
Documented: Are these rules written down in a formal policy?
Implemented: Is there proof these rules are active in your company?

A well-written policy isn’t enough. You need proof that it is a living part of your system.

The Core Purpose: Your First Line of Defence

Think of Annex A 5.10 as a preventive measure. It sets the “ground rules” for everyone who accesses your assets. The goal is to remove “plausible deniability.” You cannot hold someone responsible for breaking a rule if they didn’t know it existed.

By ensuring every user knows the boundaries, you build a strong defence against insider threats. This applies to everyone, from your lead data scientists to third-party contractors.

Building Your Cornerstone: The Acceptable Use Policy (AUP)

The Acceptable Use Policy (AUP) is the main document for Annex A 5.10. It is more than a list of rules; it is the bedrock of accountability. Platforms like hightable.io can be excellent resources for structuring these policies effectively.

Defining the Scope: What Assets Are Covered?

Your AUP covers more than just laptops. It applies to all assets in your organisation. An auditor will check if your scope matches your inventory. Make sure to include:

Hardware: Laptops, phones, and GPU servers.
Software: Operating systems, AI models, and code libraries.
Services: Cloud platforms (SaaS, IaaS), email, and hosting.
Data: Training datasets, databases, and documents.

Navigating Modern IT: Cloud Services and Shadow AI

ISO 27001 Annex A 5.10 for AI companies extends beyond your physical office. Auditors look closely at how you handle external services. Since AI relies heavily on cloud infrastructure, this is non-negotiable.

You are responsible for assets outside your network perimeter. First, identify all cloud resources and add them to your inventory. This links back to control A 5.9.

The Risk of Shadow AI “Shadow IT” happens when employees use unapproved tools to work faster. For an AI firm, this might mean pasting code into an unapproved online tool like a PDF summariser or a code optimiser. This violates handling rules.

To an auditor, this looks like a lack of control. Your AUP must clearly state the approval process for new tools. If you need a robust way to track these assets and risks, tools like hightable.io can help centralise your inventory and policy management.

The Evidence Locker: What the Auditor Needs to See

When the audit comes, you need proof. Do not scramble. Prepare these 3-5 specific artifacts to turn “audit panic” into a simple file-gathering exercise.

Signed AUPs (PDFs/DocuSign): A folder containing the signed policy for every active employee and contractor.
Onboarding Checklist (Ticket Export): Jira/Linear tickets for recent hires showing “Policy Acceptance” was a completed task.
Asset Return Log (Spreadsheet): A log showing that when “John Doe” left, his laptop was returned, and his AWS access was revoked on the same day.
Policy Review Record (Meeting Minutes): Evidence that management reviewed the AUP in the last 12 months to ensure it covers new AI tools.

Common Pitfalls & Auditor Traps

Here are the top 3 ways AI companies fail this control, especially when using automated platforms:

The “Click-Through” Fatigue: You use a SaaS platform that forces users to click “I Accept” on 20 policies in 5 minutes. The auditor interviews a dev and asks, “What does the policy say about AI tools?” The dev has no idea. Instant non-conformity.
The “Ghost” Contractor: You have 5 freelance data labelers. They have access to your data but never signed the AUP because they aren’t in your HR system. This is a critical gap.
The “Generic” Policy: Your policy talks about “clean desks” and “fax machines” but says nothing about LLMs, Github, or S3 buckets. It proves you simply copy-pasted a template without reading it.

Handling Exceptions: The “Break Glass” Protocol

Sometimes, you need to break the rules to ship. Maybe you need to use a specific unapproved tool to fix a P0 incident. You need a protocol for this.

The Exception Workflow:

Request: Engineer logs a ticket: “Requesting exception to AUP to use Tool X for 4 hours to debug incident.”
Approval: CISO/CTO approves via the ticket.
Constraint: A time limit is set (e.g., access revoked after 4 hours).
Audit Trail: The ticket serves as evidence that the violation was managed, not ignored.

The Process Layer: “The Standard Operating Procedure (SOP)”

How to operationalise A 5.10 using your existing stack (Google Workspace, Linear).

Step 1: Onboarding (Automated). New user created in Google Workspace. A script sends the “Welcome” email containing the AUP link (DocuSign/PandaDoc).
Step 2: Verification (Manual). HR or Ops checks the signature status before unlocking the “Developers” group in AWS/Google. No signature, no access.
Step 3: Enforcement (Automated). Use a tool like Gam” (Google Apps Manager) or MDM to block personal Gmail access on corporate devices, enforcing the “Work Use Only” policy.
Step 4: Offboarding (Manual). When a user leaves, a Linear ticket is created. The “Asset Return” checklist is mandatory before closing the ticket.

For an AI company, where value lies in data and IP, this control is your anchor. By implementing ISO 27001 Annex A 5.10 for AI companies correctly, you turn a static document into a dynamic tool for success.

ISO 27001:2022 Annex A 5.10 for AI Companies FAQ

What is ISO 27001 Annex A 5.10 for AI companies?

ISO 27001 Annex A 5.10 requires AI companies to define and communicate rules for the acceptable use of information and assets. For AI firms, this specifically covers 100% of interactions with Large Language Models (LLMs) and the handling of proprietary training datasets to prevent unauthorised data disclosure.

How does Annex A 5.10 prevent AI data leakage?

Annex A 5.10 prevents leakage by establishing strict “Acceptable Use” boundaries. By implementing a formal AI policy, organisations can reduce the risk of accidental PII exposure in public AI prompts by up to 60%, ensuring employees only use approved, enterprise-grade AI environments that respect data sovereignty.

What are the key requirements for an AI Acceptable Use Policy?

A compliant AI Acceptable Use Policy (AUP) must include specific technical and behavioural constraints. Key requirements include:

Approved Tooling: A defined whitelist of sanctioned AI platforms, LLMs, and APIs.
Data Input Rules: Explicit prohibitions on entering trade secrets, source code, or customer PII into public AI models.
Output Verification: Mandatory “Human-in-the-Loop” (HITL) reviews to validate the accuracy and safety of AI-generated content.
Access Governance: Strict GPU usage and cloud-compute limits to prevent resource abuse.

What is the risk of “Shadow AI” under Annex A 5.10?

Shadow AI refers to the unauthorised use of AI tools outside of corporate IT governance. Under Annex A 5.10, firms must mitigate this by providing safe alternatives; failing to do so leads to “Policy Drift,” where approximately 40% of employees may inadvertently use personal AI accounts for sensitive company tasks.

What evidence do auditors look for in Annex A 5.10 compliance?

Auditors require documented evidence of policy communication and enforcement. This includes a signed Acceptable Use Policy (AUP) containing AI-specific clauses, records of staff security awareness training, and technical logs from CASB tools demonstrating that only approved AI assets are being accessed.

About the author

Stuart Barker

ISO 27001 Ninja

Stuart Barker is a veteran practitioner with over 30 years of experience in systems security and risk management. Holding an MSc in Software and Systems Security, he combines academic rigor with extensive operational experience, including a decade leading Data Governance for General Electric (GE).

As a qualified ISO 27001 Lead Auditor, Stuart possesses distinct insight into the specific evidence standards required by certification bodies. His toolkits represent an auditor-verified methodology designed to minimise operational friction while guaranteeing compliance.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wp_woocommerce_session_*	2 days	WooCommerce sets this cookie to make a unique code for each customer so that it knows where to find the cart data in the database for each one.
yith_wcmcs_currency	7 days	Required for currency conversion.
__stripe_mid	1 year	Stripe sets this cookie to process payments.
__stripe_sid	1 hour	Stripe sets this cookie to process payments.

Cookie	Duration	Description
yt-player-headers-readable	never	The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience.
yt-remote-cast-available	session	The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player.
yt-remote-cast-installed	session	The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-fast-check-period	session	The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos.
yt-remote-session-app	session	The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player.
yt-remote-session-name	session	The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video.
ytidb::LAST_RESULT_ENTRY_KEY	never	The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future.

Cookie	Duration	Description
sbjs_current	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_current_add	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_first	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_first_add	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_migrations	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_session	1 hour	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_udata	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.

Cookie	Duration	Description
PREF	8 months	PREF cookie is set by Youtube to store user preferences like language, format of search results and other customizations for YouTube Videos embedded in different sites.
VISITOR_INFO1_LIVE	6 months	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
VISITOR_PRIVACY_METADATA	6 months	YouTube sets this cookie to store the user's cookie consent state for the current domain.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
m	1 year 1 month 4 days	No description available.
_monsterinsights_uj	1 year	Description is currently not available.

ISO 27001:2022 Annex A 5.10 Acceptable use of information and other associated assets for AI Companies

Table of contents