Least Privilege (AI)
The security principle of granting AI systems the minimum level of access, permissions and capabilities necessary to perform their intended function, reducing the risk of misuse or unintended harm.
In plain language
Giving AI only the minimum access it needs to do its job. An AI chatbot for customer service shouldn't have access to the company's financial systems or employee records. Limit what it can reach.
Why this matters
Least privilege is a fundamental security governance principle applicable to all AI systems. Your framework should mandate that AI systems receive only the minimum permissions needed to function. This reduces the blast radius if an AI system is compromised, jailbroken or behaves unexpectedly.
Relevance
GovernanceLeast privilege restricts potential harm from compromised or malfunctioning AI systems by limiting their access to sensitive data and systems.
Putting least privilege (ai) into practice in your organisation?
Ready to transform your AI strategy?
Partner with Australia's AI strategy and governance specialists. From adoption roadmaps to ISO 42001 audit readiness.