I’m the first user of ISMS Copilot. It has a good potential, but also limitations. Here are important tips to get the most out of it:
- Work section by section. If you want the assistants to craft a tailored policy, you’re better off asking the assistant to develop one chapter after another one. Otherwise, results might lack of precision and not meet your expectations.
- Break down long requests in several parts. You want to review an existing policy? Don’t copy paste it in one part. Cut it into separate sections. For example, instead of sending the complete policy, tell the assistant you will share a policy in 3 steps, tell it to wait until you’re done, and then once you’re done sharing the 3 parts, ask the assistant for feedback. If you sent everything straightaway, you might overwhelm the assistant, and even if it works, the feedback might be less relevant/detailed because it used too many tokens just to read your document.
- Be explicit about your preferences. You prefer a policy to be written in a certain tone or following a given style? Please, say it, otherwise, the assistant won’t know what you prefer.
- Indicate the version of the standard you’re working with. Don’t mention ISO “5.10 control”, say ISO 27001:2022 Appendix A 5.10 control. This way, you reduce the assistant’s likelihood to do mistakes.
- Use the EU version for short data retention period (temporarily unavailable). Now, all chats with the EU version of our assistants are automatically deleted from database within 30 days. You can use EU version of ISMS Copilot assistants for “temporary chats” that might contain more sensitive data. You can of course the default version of the ISMS Copilot for requests that don’t reveal information about your business, or anonymize inputs when providing more contextualized information.
Mitigating limitations
Limiting model bias
Limiting hallucinations
Get extra help
*ISMS Copilot is a “ChatGPT” for information security compliance and AI governance, providing AI assistance for your ISMS. It can guide you for implementing multiple frameworks (ISO 27001, ISO 42001, SOC 2) and regulations (DORA, NIS2, EU AI Act). We’re committed to secure your information, and ask you to use our AI securely.*
➡️ Get started with ISMS Copilot, the best AI assistant for infosec compliance.