CERRIX AI FAQ

PreviousControl Design & Implementation, Execution & Effectiveness Testing: What's the Difference?NextImplementation Guide

Last updated 2 months ago

CERRIX AI FAQ

General AI FAQs

Is my data secure?

Yes, your data is handled with the utmost security. All data sent to the Azure OpenAI API is encrypted in transit and at rest. Microsoft Azure as well as CERRIX comply with strict security standards, including GDPR and ISO certifications. We store your input and the AI-generated output securely within our platform to enhance and improve the functionality of this feature.

Will the AI learn from my data?

The data you provide (both input and AI-generated output) contributes to improving the quality of the AI features. However, this data is anonymized and aggregated before being used for any analysis or updates to the feature. Only CERRIX employees will use the data to improve the feature. Microsoft Azure or OpenAI will not use the data to improve their models.

Will my input be shared with other customers?

No, your input and the AI-refined descriptions are not shared with other customers. The data is stored securely and used only to improve the functionality of the feature within the platform.

Do I have infinite usage of CERRIX AI features?

Using AI incurs costs for CERRIX, so we reserve the right to restrict usage for any customer at any time if usage patterns exceed reasonable limits or impact the service quality for other users.

Where can I read more about the Azure OpenAI services being used by CERRIX?

You can read more on this link:

AI Risk & Control Refinement FAQ

How does the AI work for risk & control description refinement?

The AI leverages the Azure OpenAI APIs together with custom prompting and workflows by CERRIX AI to process and enhance the descriptions you provide. It uses advanced natural language processing models to refine descriptions.

What data does the AI use to refine descriptions?

The AI uses only the text you provide when describing a risk or control, along with the best practices CERRIX has defined. It does not access or analyze any other data from your account or organization.

Why does CERRIX store my input and the AI-generated output?

We store both your input and the AI-generated text to continuously improve the feature’s performance and ensure it aligns with industry best practices. Additionally, we track whether the refined descriptions are used to help refine the AI’s suggestions and tailor the tool to user needs.

What if the refined description doesn’t meet my needs?

We provide five different variations of refined descriptions. We recommend choosing the best one, and refining the generated description further using your expertise and the AI suggestions as a foundation. The feature is designed to assist, not replace, your judgment.

How can I ensure the refined descriptions align with my organization’s standards?

The AI is designed to use industry best practices, but you can always edit the descriptions to align with your organization's unique standards and compliance requirements.