AI Risk · ISO/IEC 27001:2022 — GAP AnalysisMaturity and Priority Console

8 risk domains · 4 archetypes · 70 controls · scoring scale 0–2 (granularity), 1–5 (maturity level)
scope: Organizational and Technological
missing: People (P) and Physical (P) controls
ISO 27001:2022 AI Risk
Controls in total
70
scored in the heatmap
Critical
6/ 8.6%
Quota = 20
High
31/ 44.3%
Quota 15–16
Medium
33/ 47.1%
Quota = 12
Average gap
3.8/ 5
target − current
Direct avg. maturity
0.17/ 2
critical gap

Critical controls [6]

Every critical control is organizational (O family), concentrated in incident management and supply chain. The signal: AI-ready response capability today ≈ 0.
CHART/01

Priority distribution

Quota = Urgency × Capability Gap. Critical ≥ 20, High 15–16, Medium 10–12.
Critical (Quota ≥ 20) High (Quota 15–16) Medium (Quota 10–12)
By control family
CHART/02

Maturity level by AI archetype

Mean maturity value (0–2) across the 71-control nominal Organizational + Technological scope, computed separately for the four AI integration archetypes. The active priority heatmap contains 70 scored rows.
Direct (Foundation Model)
0.17/ 2
controls have maturity > 0
Enterprise (Hosted)
/ 2
controls covered
Application (Embedded)
/ 2
controls covered
Fine-Tuned (Custom)
/ 2
controls covered
Observation: The Direct archetype's mean maturity () is lower than the other archetypes. This means ISO 27001 controls are barely applicable to direct foundation-model use — the largest unmitigated risk surface.
INSIGHT 01 · CRITICAL

Incident management — 5 of 6 critical controls

O24–O28 and O21 all sit at current_maturity = 1 against target = 5. The intersection with Model Poisoning, Adversarial Examples and Prompt Injection — the domains where an incident first surfaces as "unclear model behaviour" rather than a classical IT incident.

  • Action: AI-specific IR playbook (NIST AI 100-2 and ATLAS mapping)
  • Near-term target: Lift maturity from 1 to 3 within 90 days.
INSIGHT 02 · SCOPE GAP

People and Physical controls not scored

ISO/IEC 27001:2022 contains 93 controls (37 O + 8 People + 14 Physical + 34 T). The nominal Organizational + Technological scope is 71; the active scoring instrument contains 70 rows (T34 is not scored). The People and Physical themes are outside the instrument.

  • Risk: Shadow AI (RS8) will trigger prompt injection through people, not technology
  • Recommendation: Expand the scope to the full A.6 / A.7
INSIGHT 03 · ARCHETYPE

Direct is the AI security blind spot

When a foundation model is used directly (via API or locally, with no intermediate layer), the classical ISO controls barely apply. Mean maturity 0.17 across the 71-control nominal Step 3 scope. Only 12 controls have maturity > 0.

  • Mapping: ISO 42001 (AI MS) and ISO 23894 (AI risk)
  • Control layer: AI Gateway / LLM Firewall
MATRIX/03

Controls and archetypes maturity heatmap

Cell colour = single maturity value (0–2) for that archetype. On hover — Coverage / Specificity / Operationalizability / Adaptability dimensions.
Showing: /
ID Control name Direct Enterprise Application Fine-Tuned Gap Priority
0 — Not covered 1 — Partial 2 — Covered O · Organizational T · Technological