We think AI securely
We apply our in-depth, tried-and-tested experience in law, data protection, information security and IT security to ensure that you can use AI securely, compliantly and reliably – from drafting AI governance guidelines and creating AI inventories and guidelines to conducting risk assessments in accordance with Swiss law or the EU AI Act.
We support you in setting up, operating and continuously optimising your company-wide AI governance, including security and privacy. We assist you in drawing up overarching internal AI guidelines, implementing AI projects, clarifying individual questions and conducting independent audits.
In doing so, we support organisations in their role as users/operators, providers or developers of AI systems in accordance with both Swiss law and the EU AI Act.
To implement appropriate AI governance that complies with legal requirements and risk management, we recommend the following implementation steps, always in line with your specific needs and risks:
- Drafting, coordination and approval of a master directive on AI governance.
The directive sets out binding guidelines for the responsible, legally compliant and risk-aware use of AI, including ethical principles, lifecycle, risk management, training, testing, monitoring, logging, education and audits. The AI governance directive must be coordinated with the areas of information security, data protection, information protection, data governance, data management, records management, compliance and risk management. The master AI governance directive must not be confused with the directive on the use of AI systems intended for users. - Compilation of an inventory of all AI systems
The inventory documents all AI systems used, planned or developed by an organisation – in a structured, traceable and compliant manner. Among other things, the inventory enables the review of contracts with third parties involved and risk-based control of further activities. - Risk assessment of the AI systems deployed
- Definition of further necessary specifications and documentation
System- or topic-specific implementation provisions, user instructions for AI systems, data protection impact assessments, ISDS concepts, processing regulations, etc. - Development and implementation of the necessary risk minimisation measures
As a leading player in the field of integral security, we support you in all matters relating to AI governance, security and privacy, and beyond.
Our interdisciplinary approach and 360° security view guarantee that we don’t overlook any aspect of AI and that you have a single point of contact for everything related to governance/security and AI: us.
You can work with us to lay the foundations for responsible AI use – transparent, verifiable and future-proof – whether as part of a project or a mandate.
Find out more about our mandate proposal AI Governance Manager.
AI Governance
- Establishment, implementation and optimisation of AI governance, taking security and privacy into account
- Inventory of AI systems in use
- Risk assessment of AI systems in use
- Development of the necessary specifications and documentation
- Development and implementation of the necessary measures
AI and information security
AI makes many things easier, but it does not release anyone from the need for effective information security with a focus on AI. We support you with the following services:
- Ad hoc analysis
- Review of AI application(s) in terms of information security
- Detection and classification of AI-specific risks (e.g. bias, hallucinations, model drift, adversarial attacks)
- Preparation of basic documents (concepts, management commitment, rules and regulations)
- Management coaching
- Development of ISDS and governance documents
- Support in setting up an AI management system (AIMS) in accordance with ISO 42001
- Security assessments and risk analysis of AI applications
- Consideration and application risk management
- Development of plans for the detection and defence of security incidents
- Training and awareness
- Consideration and application of BCM
- Incident response for AI systems / emergency response plans with AI components
AI and data protection
Data protection and AI: does that even go together? It must! We support you in using AI in accordance with data protection requirements:
- Answering general questions in connection with data protection/AI (legal framework, role clarification)
- Data protection law support for the development, implementation, application and operation of AI services and systems
- Clarification of applicability of EU Artificial Intelligence Act
- Support in the assessment or in the preparation of the necessary foundations and contracts on the basis of legal requirements
- Preparation of processing regulations
- Data protection impact assessments
- Elaboration/recommendation of technical and organisational measures or their adaptation
- Support in the implementation of information requirements and accountability
- Formulation of user agreements and disclaimers
- Completion or development of privacy statements with a focus on transparency about data use for AI
- Review of provider contracts for AI re-use
AI and IT security
Our IT security specialists know best practice measures that are specifically recommended for AI systems and support you with the following services:
- Penetration tests of GenAI applications (e.g. LLMs)
- Evaluation of particularly vulnerable components of an AI system
- Recommendation of security measures
- Security support for the development, implementation, application and operation of AI services and systems
- Support with the implementation of Machine Learning Operations (MLOps)
- Accompaniment of the model training / machine learning
- Development of an AI security concept
- Development and review of AI security architectures
- Audits of AI infrastructures and AI systems
AI eLearning
Sensitise your employees to the highly topical subject of artificial intelligence (AI). Our eLearning modules address important issues around security and data protection in AI applications:
- Introduction AI
- Secure use of AI – part 1
- Secure use of AI – part 2
- Deepfakes & Disinformation
