Generative AI Security Standard

1.0 Purpose

The purpose of this standard is to communicate expectations and requirements related to use of Generative AI at Â鶹ÎÞÂë°æ (UAA), including what data is appropriate, the process for selecting and procuring Generative AI tools, as well as awareness of the risk associated with it.

2.0 Standard

2.1 Scope of Standard

This standard applies to the Â鶹ÎÞÂë°æ inclusive of all university campuses, IT systems, networks, and university administrative and operational data. 

2.2 Standard

2.2.1 Compliance with UA System Standard

The UAA will comply with the University of Â鶹ÎÞÂë°æ System Generative AI Security Standard in its entirety. UAA may add additional standards to add to and extend the system standard. Additions are found below in this standard.

2.2.2 Use and Selection of Generative AI Tools

UAA constituents should follow the University of Â鶹ÎÞÂë°æ System Generative AI Guidance and use the GenAI Tool Risk Assessment guidance to determine what university data can be used with what GenAI Tools. 

2.2.3 Prohibited AI Tools at UAA

UAA ITS will evaluate when specific GenAI tools are invasive or otherwise deemed to be high risk for the UAA community. ITS will maintain a list of Prohibited AI Tools on the ITS website that have been determined to be too invasive or high risk and may therefore not be used with UAA data, with UAA accounts, or used on UAA systems or network. This does not mean that the underlying LLM model is prohibited, only the specific AI tool or product.

3.0 Procedures

3.1 Maintaining the list of Prohibited AI Tools

Additions or subtractions to the list of Prohibited AI Tools must be proposed to ITS and approved by the Chief Information Officer. 

4.0 Definitions

See IT Policies and Standards Definitions.

5.0 References

Generative AI Security Standard - UA System IT Standard
 

University GenAI Policies and Guidance
 

University of Â鶹ÎÞÂë°æ Board of Regents Policy & Regulations

6.0 Standard Information

Standard Effective Date: 11/15/2025
Standard Revision Date: 11/15/2025
Standard Owner: Ryan McDaniel - Associate Vice Chancellor and CIO
Standard Author: Ryan McDaniel - Associate Vice Chancellor and CIO

Revision History:
1.0: Initial version.