Skip to main content
Application Security Standards
AI Code Sprawl: A Reference Guide for Compliance TeamsGeneral
5 min readFor Compliance Teams

AI Code Sprawl: A Reference Guide for Compliance Teams

Scope

This guide focuses on governance frameworks for AI-assisted code generation in organizations where employees use tools like Claude Code, GitHub Copilot, or ChatGPT to create applications outside formal development pipelines. If your organization has more than 100 employees with AI tool access, you likely have code sprawl.

What this covers:

  • Data classification requirements before enabling AI coding tools
  • Use-case registry implementation for tracking AI-generated applications
  • Governance frameworks that encourage safe experimentation
  • Integration points with SOC 2 Type II and ISO/IEC 27001:2022 controls

What this doesn't cover:

  • Source code security scanning (covered separately in SAST/DAST guides)
  • AI model security or prompt injection defenses
  • Traditional shadow IT discovery tools

Key Concepts and Definitions

Code sprawl: Applications, scripts, or automation built outside your SDLC using AI assistance. These assets bypass security review, change management, and inventory processes.

Governed path: Your official route for AI-assisted development—pre-approved tools, templates, security guardrails, and compliance workflows that are easier to use than going rogue.

Use-case registry: A lightweight inventory system that tracks who built what with AI, what data it accesses, and which business function it serves. Not a blocking mechanism—just a visibility layer.

Data classification boundary: The line between data types employees can feed into AI tools versus data that requires formal security review. This must be explicit and documented.

The Baseline Problem

A RedAccess report identified 380,000 publicly accessible assets built outside security review, with roughly 5,000 containing sensitive corporate information. Your organization likely has a fraction of this volume, but the pattern holds: employees solve problems with AI tools, deploy solutions quickly, and security teams discover them months later.

Requirements Breakdown

Data Classification (Foundation Layer)

Before enabling any AI coding tools, map your data inventory to classification tiers:

  • Tier 1 - Public/Marketing: Employees can use any AI tool, no restrictions.
  • Tier 2 - Internal: Approved AI tools with data residency controls (verify vendor SOC 2 Type II reports).
  • Tier 3 - Confidential: Requires security review before AI processing.
  • Tier 4 - Regulated: No AI tools permitted (PCI DSS cardholder data, PHI, PII under GDPR).

Document this in your information security policy. Reference ISO/IEC 27001:2022 Annex A.8.2 (Information classification) for control mapping.

Use-Case Registry Structure

Your registry needs five fields minimum:

  1. Creator identity (email, department)
  2. Business purpose (one sentence)
  3. Data accessed (classification tier from above)
  4. AI tool used (specific product and version)
  5. Deployment status (development, production, decommissioned)

Store this in a shared spreadsheet initially. Mature it into ServiceNow or Jira when you exceed 50 entries.

Governance Framework Components

Self-service approval for Tier 1-2 data:

  • Employee submits registry entry
  • Automated check confirms data classification
  • Instant approval if within bounds
  • Monthly security team review of registry

Mandatory review for Tier 3:

  • Same registry entry
  • Triggers security review ticket
  • 5-business-day SLA for review
  • Threat modeling required for production deployment

Hard block for Tier 4:

  • DLP rules prevent data exfiltration to AI platforms
  • Network controls block unapproved AI endpoints
  • Annual training on data classification boundaries

Implementation Guidance

Phase 1: Establish Data Boundaries (Week 1-2)

Run a data inventory workshop with your compliance manager and three department heads. Map every data store to the four-tier classification system. Document exceptions and edge cases.

Create a one-page decision tree: "Can I use AI with this data?" Post it in Slack, email it monthly, add it to onboarding.

Phase 2: Deploy Registry (Week 3-4)

Build the registry spreadsheet with the five required fields. Add a Slack webhook that posts new entries to #security-updates. This creates visibility without friction.

Announce the registry in all-hands with this framing: "Register your AI projects to get security team support when you need it." Position it as enablement, not policing.

Phase 3: Make the Governed Path Attractive (Month 2)

Datadog's approach: serve as a centralized hub for tools rather than restricting usage. Offer:

  • Pre-configured AI tool accounts with your data classification rules built in
  • Code templates that pass security review by default
  • Faster production deployment for registered projects
  • Security team office hours for AI coding questions

Your goal: make registration easier than hiding the project.

Phase 4: Measure and Adjust (Month 3+)

Track two metrics:

  • Registry adoption rate (registered projects / estimated total AI-built projects)
  • Time-to-review for Tier 3 submissions

If adoption stays below 40%, your governed path isn't attractive enough. Survey non-registrants to find friction points.

Common Pitfalls

Pitfall: Requiring security review for all AI-generated code
This creates a bottleneck that guarantees employees will bypass it. Limit mandatory review to Tier 3+ data access.

Pitfall: Building the registry as a ticketing system
Tickets feel like bureaucracy. A shared spreadsheet with Slack notifications feels like transparency.

Pitfall: Blocking AI tools at the network level
Employees will use personal devices and accounts, giving you zero visibility. Better to provide approved tools with guardrails.

Pitfall: Treating the registry as a permanent record
Projects get abandoned. Add a quarterly cleanup process where creators confirm their projects are still active or mark them decommissioned.

Pitfall: No executive air cover
If your CTO or VP Engineering doesn't publicly support the registry, adoption will fail. Get them to announce it and submit the first entry.

Quick Reference Table

Scenario Data Tier AI Tool Allowed? Review Required? Registry Entry?
Marketing email automation Tier 1 Yes, any tool No Yes (self-service)
Internal dashboard with employee names Tier 2 Yes, approved tools only No Yes (self-service)
Customer support chatbot Tier 3 Yes, with review Yes (5-day SLA) Yes (required)
Payment processing script Tier 4 No N/A No (blocked by DLP)
Prototype using synthetic data Tier 1 Yes, any tool No Yes (self-service)

Control Mapping for Auditors

  • ISO/IEC 27001:2022 Annex A.8.2: Data classification system
  • ISO/IEC 27001:2022 Annex A.5.1: Information security policy covering AI usage
  • SOC 2 CC6.6: Logical access controls for data classification enforcement
  • NIST CSF v2.0 ID.AM-5: Resources prioritized based on classification and criticality

Your use-case registry serves as evidence for asset inventory and risk assessment controls in all three frameworks.

Topics:General

You Might Also Like

Service Accounts Are Crushing Your Compliance Program
5 min readFor Compliance Teams

Service Accounts Are Crushing Your Compliance Program

Scope This guide addresses the governance of non-human identities (NHIs) — such as service accounts, API keys, OAuth tokens, machine certificates, and bot credentials — within compliance frameworks. Y

Read
SAST Tools Hit 0.499 F1: What Changed
4 min readFor Security Engineers

SAST Tools Hit 0.499 F1: What Changed

Your SAST tool probably finds vulnerabilities. The question is whether you can act on them. Checkmarx just released performance metrics for their redesigned static application security testing engine:

Read
AI Code Review Isn't Ready to Replace Your Team
5 min readFor DevOps Leaders

AI Code Review Isn't Ready to Replace Your Team

Your organization just bought an AI code review tool. Now someone in leadership is asking why you still need manual peer review at all. If the AI catches the bugs, why slow down deployment with human

Read