- BlueVoyant will prioritize accuracy, safety, security, and privacy throughout the design, development and deployment of our AI products.
- BlueVoyant will strive to design, develop and deploy AI products that treat people fairly.
- BlueVoyant aims to design, develop and deploy AI products that are reliable and that help empower people to make efficient, informed, and socially beneficial decisions.
- BlueVoyant will maintain appropriate accountability measures for our AI products.
- BlueVoyant will implement practices intended to make our use of AI explainable.
BlueVoyant’s use of Generative AI is via dedicated API access through Microsoft Azure, Google Cloud Platform, and other trusted CSP’s.
BlueVoyant policy is to prohibit vendors from retaining or using BlueVoyant customer data to train their Generative AI models.
BlueVoyant policies are closely aligned with ISO and NIST standards and benchmarked regularly.
Overall, BlueVoyant uses a risk-based approach to assess key applications, technologies, and vendors by performing:
- Annual self-assessments
- ISO audits and risk assessments
- Internal assessments
- Application security and vulnerability testing
- Penetration testing
- Encryption of data in transit and at rest
BlueVoyant’s internal policies and standards also address key considerations and control requirements when using Generative AI tools, including:
- Data Classification and Information Handling
- Data Privacy
- Use of Open Source Components
- Third Party Vendor Risk Management
Many of our products also obtain a SOC 2 Type 2 report annually which evaluates all BlueVoyant and application specific security and organizational processes against 3rd party controls for privacy, security, integrity, confidentiality, and availability.