A ARKSOFT software development agency

Policy

Responsible AI and Secure AI

Effective May 26, 2026

ARKSOFT applies Responsible AI and Secure AI principles to AI-assisted engineering, model integration, and production deployment activities.

Policy Objectives

  • Deliver AI-enabled systems that are useful, safe, secure, and aligned with agreed business purpose.
  • Reduce misuse risk, privacy risk, and security risk throughout the AI lifecycle.
  • Maintain accountable human oversight for high-impact technical and product decisions.

Core Responsible AI Principles

  • Human accountability: humans remain responsible for final decisions and approvals.
  • Transparency: communicate AI system role, limitations, and confidence boundaries where practical.
  • Fairness: evaluate known bias and harmful outcomes relevant to intended use context.
  • Reliability and safety: test for failure modes, abuse paths, and operational edge cases.
  • Privacy: minimize sensitive data exposure and enforce data handling boundaries.

Secure AI Requirements

  • Protect prompts, model endpoints, API keys, and runtime credentials with strict access controls.
  • Validate and sanitize untrusted inputs to reduce prompt injection and tool misuse risk.
  • Apply environment isolation, least privilege, and scoped service permissions.
  • Log security-relevant events and maintain auditable deployment and change records.

AI-Assisted Development Controls

  • All AI-generated or AI-assisted code is subject to human review before release.
  • Security, correctness, maintainability, and licensing risk checks are required before production use.
  • Production-impacting changes should include tests and rollback-ready deployment paths.

Data and Model Governance

Use of client content with AI tools follows project confidentiality constraints and approved data boundaries. Restricted data categories require explicit approval and handling controls before processing.

High-Risk Use Restrictions

ARKSOFT does not permit unreviewed autonomous decisions in contexts involving legal, medical, safety-critical, financial, or similarly high-impact outcomes unless explicitly governed by a written agreement and dedicated controls.

Issue Reporting and Remediation

Potential Responsible AI or Secure AI concerns should be reported promptly. ARKSOFT investigates, prioritizes mitigation, and coordinates client communication when project impact is identified.

Contact

Questions about this policy may be sent through the website contact form or by email to info@arksoft.dev.