Skip to content
Home/Blog/Article
Blog

What a CISO should ask before approving an enterprise AI assistant

A practical checklist for security leaders evaluating an internal AI assistant or copilot: access, inference, memory, audit and shadow AI.

Enterprise AI Control PlaneBy Amarsh Chaturvedi, Chief Technology Officer, ProduktivMarch 10, 2026

When a team brings you an internal AI assistant to approve, the demo will look great. Your job is to ask the questions the demo doesn't answer. Here's a practical checklist.

What can it access and how do you know?

Ask for an inventory of every source the assistant can reach, structured and unstructured. If no one can produce that list, you can't govern it. Insist on a complete view, including sources added informally.

Is access decided by role, intent and sensitivity or just by who's logged in?

A shared assistant over a shared knowledge base will overshare unless retrieval is constrained per user and per purpose. Confirm that the same knowledge base returns different results to different roles, automatically.

What can it infer?

This is the question most teams miss. Even with access controls, a model can combine permitted fragments into a restricted conclusion. Ask how the system handles aggregation and inference, not just file access and whether it can prevent a sensitive conclusion that no single source revealed.

What does it remember?

If the assistant has memory, ask what's retained, who can recall it and whether one user's session can surface in another's. Ungoverned memory is a leak that grows over time.

Can you prove what happened?

Require an immutable audit trail and lineage: which sources and reasoning steps produced a given answer. Without it, you can't investigate an incident or satisfy a regulator. "We think it's fine" is not evidence.

What happens at the boundary?

If the assistant reaches across clouds, models or vector stores, ask whether governance follows it or stops at the platform edge. Cross-system seams are where leakage concentrates.

How will you find the next one?

Approving this assistant doesn't help with the shadow AI already running. Ask how ungoverned AI gets discovered and brought under the same policy.

If the answers are vague, the right response isn't to block AI, it's to require a governance layer that can answer all seven before the assistant reaches production. The teams that ask these questions early ship AI that stays shipped.

Get started

See Kynexa govern your AI — in 30 minutes.

Bring a real use case. We'll show governed retrieval, reasoning and audit on your stack.