Mandate that applications are locked ("pinned") to a specific, tested version of a foundational model to prevent unexpected behaviour changes introduced by provider-side updates.
AI/ML / Gen AI / Controls / DEV
Model Version Pinning
CCC.GenAI.CN07 · MachineLearning
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP18 | Resource Versioning | The service automatically assigns versions to child resources which can be used to preserve, retrieve, and restore past iterations. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.GenAI.TH10 | Model Version Drift | An update to a managed GenAI model may cause unpredictable and breaking changes in its outputs, alignment, and performance. Systems built and tested against the previous version's specific behavior can suddenly fail or become insecure, as their functional and safety assumptions are no longer valid. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.GenAI.CN07.AR01 | When an application makes an API call to a foundational model in a production environment, then it MUST specify an explicit version identifier. | tlp-clear, tlp-green, tlp-amber, tlp-red |
Guideline Mappings
| Framework | ID | Remarks |
|---|---|---|
| FINOS-AIGF | AIR-PREV-010 | AI Model Version Pinning |