Purpose <p>Security compliance auditing is a costly and labor-intensive process because organizations must interpret diverse operational evidence and accurately map it to the appropriate NIST SP&#xa0;800-53 controls. This paper seeks to reduce auditor workload by automating three core tasks: identifying the most relevant control for each artifact, predicting how many controls should be recommended, and calibrating model confidence to support trustworthy human-in-the-loop review.</p> Methods <p>We design a security control recommendation framework that processes short operational artifacts such as logs, configuration updates, and ticket notes. The framework performs control ranking, control cardinality prediction, and probability calibration to enhance interpretability and provide reliable recommendations for compliance analysts.</p> Results <p>Experiments conducted on 354 synthetic artifacts, constructed to reflect realistic compliance evidence, show that the model ranks the correct control first for 84.18% of artifacts, identifies at least one correct control among the top three recommendations for 94.2% of cases, and achieves a set-level F1 score of 79.79%.</p> Conclusion <p>The results indicate that calibrated AI-assisted control mapping can substantially simplify compliance auditing while preserving essential human oversight. The proposed framework improves efficiency, strengthens trust in automated recommendations, and represents a practical step toward more effective security compliance assessment.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A security control recommender approach with human in the loop for cybersecurity compliance auditing

  • Jerusalem Mesfin Tasew,
  • Pradyum Samal,
  • Puya Pakshad,
  • Marwan Omar,
  • Maurice E. Dawson

摘要

Purpose

Security compliance auditing is a costly and labor-intensive process because organizations must interpret diverse operational evidence and accurately map it to the appropriate NIST SP 800-53 controls. This paper seeks to reduce auditor workload by automating three core tasks: identifying the most relevant control for each artifact, predicting how many controls should be recommended, and calibrating model confidence to support trustworthy human-in-the-loop review.

Methods

We design a security control recommendation framework that processes short operational artifacts such as logs, configuration updates, and ticket notes. The framework performs control ranking, control cardinality prediction, and probability calibration to enhance interpretability and provide reliable recommendations for compliance analysts.

Results

Experiments conducted on 354 synthetic artifacts, constructed to reflect realistic compliance evidence, show that the model ranks the correct control first for 84.18% of artifacts, identifies at least one correct control among the top three recommendations for 94.2% of cases, and achieves a set-level F1 score of 79.79%.

Conclusion

The results indicate that calibrated AI-assisted control mapping can substantially simplify compliance auditing while preserving essential human oversight. The proposed framework improves efficiency, strengthens trust in automated recommendations, and represents a practical step toward more effective security compliance assessment.