As an AI company, you operate at the cutting edge of technology, heavily relying on cloud services for everything from computationally intensive model training to real-time inference and data storage. The agility and scalability of the cloud are foundational to your innovation. Recognising this shift, the ISO 27001:2022 standard introduced ISO 27001 Annex A 5.23 Information security for use of cloud services, a crucial new control that directly addresses the security of cloud services. This guide is designed to demystify this control, analyse the unique cloud security risks faced by AI companies, provide a clear and actionable plan for compliance, and present a practical solution to streamline the entire process.
Table of contents
Understanding Control A.5.23: What It Means for Your AI Company
Before diving into the specific risks that impact AI workflows, it’s essential to understand the fundamental requirements and purpose of Control A.5.23. At its core, this control is about moving beyond ad-hoc cloud adoption and establishing a formal, lifecycle-based process for managing all your cloud services securely.
The objective of Annex A Control 5.23 is to ensure that “Processes for acquisition, use, management and exit from cloud services should be established in accordance with the organisation’s information security requirements.” In simple terms, its purpose is to ensure that the information security risks tied to using any cloud service are identified and managed effectively throughout your entire relationship with the provider, protecting the confidentiality, integrity, and availability of your data.
This control applies to the full spectrum of cloud services that modern AI companies depend on, including:
- Infrastructure as a Service (IaaS) (e.g., AWS EC2, Azure Virtual Machines)
- Platform as a Service (PaaS) (e.g., Google App Engine, Heroku)
- Software as a Service (SaaS) (e.g., Microsoft 365, Salesforce, Dropbox)
The control’s requirements are consistent regardless of whether the service is delivered via a public, private, or hybrid cloud model. While these principles apply to any business using the cloud, they carry significantly higher stakes for companies whose most valuable assets – data and algorithms – live within these environments.
The High Stakes: Unique Cloud Security Risks in AI Workflows
While any company faces cloud security risks, for an AI business, these risks are existential. A breach is not just a data leak; it’s the potential theft of your core intellectual property and the poisoning of your algorithmic well. A failure to properly manage your cloud services can compromise your most valuable assets, disrupt your core algorithmic processes, and create vulnerabilities across your entire AI supply chain.
Exposure of Sensitive Training Datasets
Your AI models are built on unique data assets that constitute your competitive moat. A failure to secure cloud services can lead to the catastrophic loss of proprietary labeled datasets, feature stores, or vector databases. This risk extends beyond PII breaches to the theft of the core intellectual property that underpins your algorithms. This directly compromises the fundamental security properties of confidentiality and integrity, potentially destroying your competitive advantage and eroding customer trust.
Disruption of Algorithmic Processes
Your business relies on the continuous availability and integrity of cloud infrastructure for mission-critical operations. A security incident or service failure can interrupt critical MLOps pipelines, cause model drift to go undetected, or compromise the real-time decisioning systems that are customer-facing. Such disruptions can halt operations, trigger direct financial loss, and inflict significant reputational damage.
Vulnerabilities in the AI Supply Chain
The AI development lifecycle is a complex supply chain that relies on third-party data sources, pre-trained models, and cloud-based development platforms. Each component introduces a potential attack vector. For example, data poisoning or model poisoning attacks can be introduced via a compromised third-party model repository (like Hugging Face) or a data labeling service. Inheriting these vulnerabilities underscores the critical importance of scrutinising the security of every cloud-based supplier in your AI supply chain.
Mitigating these critical risks requires moving from awareness to action with a practical, structured plan for compliance.
Your Action Plan: A Step-by-Step Guide to Compliance
Compliance here is not about bureaucratic box-checking; it is about building a robust operational framework to protect your innovation. This lifecycle approach ensures security is embedded from vendor selection to decommissioning.
Acquisition: Selecting and Onboarding Cloud Providers
Establish a disciplined acquisition process; this is your first and most critical line of defense.
- Define your requirements: Start by establishing clear, topic-specific security requirements before you engage with providers. These should be tailored to the specific service and the data it will handle.
- Perform AI-centric risk assessments: Go beyond standard supplier assessments. Evaluate the provider’s specific controls for protecting large-scale data transfers during training runs, their architecture’s resilience against inference-as-a-service DDoS attacks, and their data segregation guarantees in multi-tenant GPU environments.
- Scrutinise agreements: Ensure cloud service agreements clearly define responsibilities for confidentiality, integrity, and availability. Verify that the contracts include specific provisions for incident management, data recovery, secure storage protocols, and a clear, secure exit strategy.
Use: Implementing Policies and Controls
Once a service is onboarded, security becomes an operational discipline.
- Establish topic-specific policies: Document and communicate a formal Cloud Security Policy. Crucially, as advised by ISO guidance, tailor this policy for different types of cloud services. The requirements for a SaaS CRM are fundamentally different from those for an IaaS platform used for training foundational models.
- Understand the Shared Responsibility Model: Clearly delineate which security controls are managed by the provider and which are your responsibility. This is the most common point of failure; create a specific matrix that maps every key security function to either you or the provider to present to auditors.
- Implement robust access controls: Protect your data and models by using strong encryption for data at rest and in transit. Enforce multi-factor authentication (MFA) and implement strong identity and access management controls. Enforce the principle of least privilege not just for engineers, but for the service accounts and roles used by your automated MLOps and CI/CD pipelines to access data stores and model registries.
- Train your people: Ensure employees are aware of the security risks associated with cloud services and are trained on how to use the available security features correctly.
Management: Monitoring and Review
Treat cloud security as a continuous discipline, not a one-time setup. Implement the following ongoing management controls.
- Conduct continuous monitoring: Implement a framework to ensure the provider’s performance aligns with contractual obligations. Monitor for operational issues and security events using audit logs and alerts.
- Manage service changes: Your provider agreement should require advance notification for any significant changes, such as updates to their technical infrastructure, relocations of data to different jurisdictions, or the integration of new key subcontractors.
- Perform regular security assessments: Periodically review the provider’s security posture. This can be done by reviewing their independent audit reports and security certifications (e.g., their own ISO 27001 certificate).
- Maintain a register: Keep an up-to-date Cloud Security Register of all cloud services your organization uses to ensure nothing is overlooked.
Exit: Securely Transitioning Away from a Service
Every service relationship eventually ends. A planned and secure exit is just as important as a secure onboarding.
- Design a secure exit strategy: Proactively document the procedures for retrieving your data, ensuring its secure deletion from the provider’s systems, and transferring it to a new service or back on-premises without disruption.
- Ensure model and data portability: Verify that your exit strategy allows for the complete, versioned recovery of not just data, but also model weights, training logs, and environment configurations to prevent catastrophic setbacks to your research and development.
Documenting and managing these processes demands time and expertise, which can be a significant burden for a fast-moving AI company. This is where a structured, expert-built solution becomes invaluable.
The Solution: Achieving Compliance with the High Table ISO 27001 Toolkit
Instead of starting from scratch and risking critical oversights, you can use a structured, expert-built toolkit to accelerate compliance with Control A.5.23. The High Table toolkit provides the policies, processes, and registers you need to build a compliant and auditor-ready cloud security program.
| Compliance Task | High Table Toolkit Solution |
|---|---|
| Establish a formal process for managing cloud suppliers | Use the expert-written Supplier Management Process to guide your entire lifecycle. |
| Define clear rules for cloud service use | Implement the ready-to-use Cloud Security Policy Template to set clear requirements. |
| Keep a record of all cloud services | Maintain a clear and organised Cloud Security Register using the provided template. |
| Ensure agreements cover security requirements | Leverage the guidance within the toolkit to ensure your Cloud Service Agreements address all key security clauses. |
| Conduct security assessments of cloud providers | Follow the structured Risk Assessment process to evaluate suppliers effectively. |
The comprehensive toolkit for achieving this is the High Table ISO 27001 Templates Toolkit. https://hightable.io/product/iso-27001-templates-toolkit/
Why a Toolkit is a Strategic Choice
For a dynamic AI company, a downloadable toolkit is often a better strategic fit than a subscription-based online platform. It provides full ownership of your documentation with a single upfront cost, eliminating recurring fees. This model offers greater flexibility for customisation, allowing you to adapt the expert-written templates to fit your unique AI workflows, technologies, and risk appetite without being locked into a specific vendor’s platform. The toolkit provides the expert content and structure needed to satisfy auditors and, more importantly, to securely manage your cloud services effectively.
Own Your ISMS, Don’t Rent It
Do it Yourself ISO 27001 with the Ultimate ISO 27001 Toolkit
Conclusion
While AI companies face unique and heightened cloud security risks, complying with ISO 27001 Annex A 5.23 is not about slowing innovation – it is about protecting it. By formalising how you acquire, use, manage, and exit cloud services, you build a resilient foundation for your technology. A structured approach, guided by a practical solution like the High Table toolkit, removes the guesswork and provides the confidence and security needed to protect your data, algorithms, and reputation as you continue to grow your business.
About the author
Stuart Barker is a veteran practitioner with over 30 years of experience in systems security and risk management.
Holding an MSc in Software and Systems Security, Stuart combines academic rigor with extensive operational experience. His background includes over a decade leading Data Governance for General Electric (GE) across Europe, as well as founding and exiting a successful cyber security consultancy.
As a qualified ISO 27001 Lead Auditor and Lead Implementer, Stuart possesses distinct insight into the specific evidence standards required by certification bodies. He has successfully guided hundreds of organizations – from high-growth technology startups to enterprise financial institutions – through the audit lifecycle.
His toolkits represents the distillation of that field experience into a standardised framework. They move beyond theoretical compliance, providing a pragmatic, auditor-verified methodology designed to satisfy ISO/IEC 27001:2022 while minimising operational friction.
