mirror of
https://github.com/Shiva108/ai-llm-red-team-handbook.git
synced 2026-05-14 12:48:16 +02:00
shiva108
b3d3bac51f
- Extracted all code examples from handbook chapters - Organized into 15 attack categories - Created shared utilities (api_client, validators, logging, constants) - Added workflow orchestration scripts - Implemented install.sh for easy setup - Renamed all scripts to descriptive functional names - Added comprehensive README and documentation - Included pytest test suite and configuration
79 lines
2.4 KiB
Python
79 lines
2.4 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
40.10.2 Financial Services (SOX + Model Risk Management)
|
|
|
|
Source: Chapter_40_Compliance_and_Standards
|
|
Category: compliance
|
|
"""
|
|
|
|
import argparse
|
|
import sys
|
|
|
|
class FinancialModelGovernance:
|
|
"""
|
|
Implements SR 11-7 Model Risk Management for AI/ML models
|
|
used in financial decision-making.
|
|
"""
|
|
|
|
def __init__(self, model_id: str):
|
|
self.model_id = model_id
|
|
self.validation_results = {}
|
|
|
|
def validate_model_documentation(self) -> bool:
|
|
"""
|
|
SR 11-7 requires:
|
|
- Model purpose and business use
|
|
- Model methodology and limitations
|
|
- Model validation procedures
|
|
- Model monitoring procedures
|
|
"""
|
|
required_docs = [
|
|
"model_purpose.md",
|
|
"methodology.md",
|
|
"validation_plan.md",
|
|
"monitoring_plan.md",
|
|
"model_card.json"
|
|
]
|
|
# Check documentation exists
|
|
return True # Simplified for example
|
|
|
|
def perform_backtesting(self, predictions: List, actuals: List) -> Dict:
|
|
"""
|
|
Compare model predictions vs actual outcomes.
|
|
Required for credit scoring, fraud detection models.
|
|
"""
|
|
if len(predictions) != len(actuals):
|
|
raise ValueError("Mismatched prediction/actual lengths")
|
|
|
|
accuracy = sum(p == a for p, a in zip(predictions, actuals)) / len(predictions)
|
|
|
|
return {
|
|
"backtest_period": "Q4 2024",
|
|
"sample_size": len(predictions),
|
|
"accuracy": accuracy,
|
|
"compliant": accuracy >= 0.85 # Threshold per policy
|
|
}
|
|
|
|
def adverse_action_notice_check(self, decision: str, explanation: str) -> bool:
|
|
"""
|
|
Fair Credit Reporting Act (FCRA) compliance.
|
|
If model denies credit, must provide specific adverse action reasons.
|
|
"""
|
|
if decision == "deny":
|
|
# Explanation must be specific, not "AI said no"
|
|
vague_phrases = ["algorithm", "model", "system", "AI"]
|
|
return not any(phrase in explanation.lower() for phrase in vague_phrases)
|
|
return True
|
|
|
|
|
|
def main():
|
|
"""Command-line interface."""
|
|
parser = argparse.ArgumentParser(description=__doc__)
|
|
parser.add_argument("--verbose", "-v", action="store_true", help="Verbose output")
|
|
args = parser.parse_args()
|
|
|
|
# TODO: Add main execution logic
|
|
pass
|
|
|
|
if __name__ == "__main__":
|
|
main() |