Skip to main content
โ† All controls
A.5.34 / A.5.35 / A.5.19 ISO/IEC 27001:2022 Annex A

Enterprise tier / DPA covering training opt-out

Demonstrate that the organization has executed a Data Processing Agreement with AI service providers that contractually prohibits the use of organizational data for model training and that this opt-out is technically enforced in the service configuration.

Description

What this control does

This control ensures that an organization using enterprise-tier AI services (such as GitHub Copilot Enterprise, OpenAI API, or similar large language model platforms) has negotiated and documented a Data Processing Agreement (DPA) or addendum that explicitly opts out of using organizational code, data, or prompts for model training by the vendor. Enterprise tiers typically offer contractual guarantees that customer inputs will not be retained or used to improve base models, unlike free or individual-tier services. This control protects intellectual property, trade secrets, and sensitive information from inadvertent exposure or competitive disadvantage through model fine-tuning accessible to other customers.

Control objective

What auditing this proves

Demonstrate that the organization has executed a Data Processing Agreement with AI service providers that contractually prohibits the use of organizational data for model training and that this opt-out is technically enforced in the service configuration.

Associated risks

Risks this control addresses

  • Proprietary source code, algorithms, or business logic submitted to AI tools is ingested into training datasets and subsequently exposed to competitors or the public through model outputs
  • Confidential customer data, API keys, or credentials included in prompts or code are retained by the vendor and used to train models accessible to other customers
  • Regulatory non-compliance with data residency, GDPR, CCPA, or HIPAA requirements due to uncontrolled secondary use of organizational data by third-party AI vendors
  • Intellectual property theft or loss of trade secret protection when proprietary information is incorporated into a vendor's model without explicit legal safeguards
  • Lack of contractual recourse or liability assignment if organizational data is leaked, misused, or improperly retained by the AI service provider
  • Vendor lock-in or difficulty migrating to alternative AI platforms if training opt-out provisions are not portable or interoperable
  • Inability to demonstrate due diligence in vendor risk management during audits, regulatory inquiries, or breach investigations

Testing procedure

How an auditor verifies this control

  1. Obtain and review the current Data Processing Agreement, Master Service Agreement, or Terms of Service for all enterprise AI platforms in use (e.g., GitHub Copilot for Business/Enterprise, OpenAI API, Anthropic Claude, Microsoft Copilot for Microsoft 365).
  2. Identify and extract specific clauses or addenda that address training data usage, model improvement, and data retention policies, highlighting any opt-out or exclusion provisions.
  3. Request and review vendor-provided documentation or account settings screenshots demonstrating that training opt-out is enabled at the organizational account or tenant level.
  4. Select a sample of three to five active AI service subscriptions and verify via vendor admin console or API that the training opt-out setting is configured and enforced for all users within the organization.
  5. Interview the procurement or legal team to confirm that training opt-out was a mandatory negotiation point during vendor selection and contract execution.
  6. Review vendor onboarding or configuration change logs to verify that training opt-out was implemented immediately upon service activation and has not been reverted.
  7. Cross-reference the DPA with the organization's data classification policy to confirm that all AI services handling confidential or proprietary data have contractual training opt-out protections.
  8. Test a sample interaction with the AI service (using non-sensitive test data) and request vendor confirmation or audit logs proving the input was not retained for training purposes.
Evidence required Collect signed Data Processing Agreements or contract addenda with explicit training opt-out clauses, dated and executed by authorized signatories. Capture screenshots or configuration exports from vendor admin consoles showing organizational-level training opt-out settings enabled. Obtain vendor compliance attestations, audit reports (SOC 2 Type II, ISO 27001 certificates), or written confirmation from the vendor's legal or privacy team verifying that organizational data is excluded from model training datasets.
Pass criteria All in-scope enterprise AI services have executed DPAs or contractual terms explicitly prohibiting training data usage, and vendor-provided configuration evidence confirms that training opt-out is enabled and enforced at the organizational level for all users.

Where this control is tested

Audit programs including this control

AI Vendor & Data-Sharing Risk

Most "AI risk" is really 3rd-party risk: data egress to OpenAI/Anthropic/Google + training opt-outs + retention. Quick check.

7 controls ยท v1.0