You can use the SAIF map to:

• follow a single risk throughout the AI development process
• see the specific risks that affect a certain component area or type of organization
• or better understand how your own organization’s development structure might be affected by AI risks

The SAIF map is divided into four component areas: Data, Infrastructure, Model, and Application. Some approaches to AI security focus primarily on the model, whereas SAIF addresses risks and controls throughout the entire AI development lifecycle.

The top half of the map shows the path a model takes to deployment in an application and how a user queries the model through that application. This content is most relevant to Model Consumers—those who use AI models to build AI-powered products and applications.

The bottom half of the map shows the path to developing a model and is most relevant to Model Creators—those who train or finetune models for use by themselves or others.

Depending on how you use AI, certain risks may be more relevant to you than others. Use the SAIF Map and the Risk Self Assessment to discover which risks you should investigate.