25-Point AI Security Checklist

All AI API endpoints require authentication (no unauthenticated endpoints)

Role-based or attribute-based access control (RBAC/ABAC) enforced on every endpoint

Rate limiting and throttling active on all AI-facing APIs

API documentation is not publicly accessible

Input validation and output sanitisation applied to all AI endpoints

System prompts stored separately from user-accessible databases

System prompt integrity monitoring in place

Prompt injection defences tested (direct, indirect, multi-turn)

Output filtering prevents PII leakage and harmful content generation

Model behaviour monitoring detects anomalous responses

AI input/output data flows are documented and mapped

Data minimisation principles applied — AI only accesses data it needs

Prompt history and chat logs encrypted at rest and in transit

PII handling compliant with GDPR/PDPA/HIPAA as applicable

Third-party AI service data processing agreements reviewed

RAG document access controls enforce user-level permissions

Cross-tenant data isolation validated in multi-user RAG systems

Training data provenance verified — no tainted data sources

Vector store access restricted and monitored

External data ingestion validated for injection payloads

Inventory of all AI tools in use across the organisation (including Claude Code, Copilot, etc.)

AI tool configurations in repositories reviewed as part of code review process

API keys and credentials for AI services rotated regularly and monitored

EU AI Act risk classification completed for all AI systems

Adversarial testing (red teaming) scheduled before August 2, 2026 compliance deadline