Auditing Generative AI: The Dawgen Generative AI Controls Framework (DGACF)™ Explained

Generative AI has moved from curiosity to core capability with dizzying speed. Large language models (LLMs), copilots, image generators, and content automation tools now sit inside:

• Customer service channels and virtual assistants

• Productivity suites and collaboration platforms

• Software development, analytics, and risk functions

• Public-facing chatbots, marketing engines, and decision tools

These systems can draft contracts, summarise complex reports, generate software code, design marketing campaigns, and even explain financial products in natural language.

But behind the impressive capabilities lies a complex risk landscape:

• Hallucinations – plausible but incorrect outputs that can mislead decisions or customers.

• Toxic or biased content – harmful, discriminatory, or inappropriate language embedded in outputs.

• Prompt injection and jailbreaks – crafted prompts or hidden instructions that bypass safeguards or cause models to leak data and act unpredictably.

• Privacy and IP risk – exposure of sensitive data or infringement of copyrighted content through training or outputs.

• Systemic risk in general-purpose AI models – foundation models with cross-sector impact, now explicitly targeted by the EU AI Act.

Regulators are responding. In 2024, NIST issued a Generative AI Profile as a companion to its AI Risk Management Framework (AI RMF), providing detailed guidance on managing generative AI risks across the lifecycle. The EU AI Act has created specific obligations for general-purpose AI (GPAI) and foundation models, including transparency, technical documentation, risk mitigation, adversarial testing, and incident reporting.

Boards, regulators, and customers are asking the same question:

“How do we know our generative AI is safe, controlled, and trustworthy?”

To answer this, Dawgen Global has developed the Dawgen Generative AI Controls Framework (DGACF)™—a proprietary methodology for auditing generative AI environments and providing independent assurance.

This article explains:

• The unique risk profile of generative AI

• How regulators and standards bodies are framing generative AI risk

• The six dimensions of Dawgen’s DGACF™

• How a generative AI audit engagement works in practice

• What boards and executives should be asking before, during, and after deployment

The Risk Landscape: Why Generative AI Needs Its Own Controls

Unlike traditional predictive models that output a score or classification, generative AI produces open-ended content—text, code, images, audio—based on statistical patterns learned from massive datasets.

This flexibility is its power, and also its risk.

1. Hallucinations and Misleading Confidence

Generative models can produce detailed, fluent responses that are factually incorrect or unverifiable—known as hallucinations.

In high-stakes settings—financial advice, medical explanations, legal summaries, regulatory interpretations—hallucinations are not just embarrassing; they can expose organisations to financial, legal, and reputational damage.

2. Safety, Bias, and Toxicity

Even with content filters, models may generate:

• Discriminatory or biased viewpoints

• Harmful or unsafe suggestions

• Offensive language or inappropriate content

Research shows that safety features can be circumvented via creative prompts, such as poetic or indirect jailbreak techniques. This creates persistent risk that harmful content may slip through in customer-facing or public contexts.

3. Prompt Injection, Jailbreaks, and Model Manipulation

Prompt injection vulnerabilities allow attackers or users to embed malicious instructions in inputs or documents that the model processes, changing its behaviour or causing data leakage—even if the instructions are not obvious to human readers.

Examples include:

• Hidden instructions in PDFs or web pages

• “Ignore previous instructions and …” prompts

• Indirect, multi-step jailbreak strategies

For organisations embedding generative AI into internal systems, this becomes a security issue, not just a UX quirk.

4. Privacy, Data Protection, and IP Risk

Generative AI can inadvertently:

• Reveal sensitive or personal data seen in training or context

• Use proprietary or copyrighted material in ways that raise IP and legal concerns

• Encourage staff to paste confidential data into external LLM tools, creating shadow data flows

As regulators refine expectations for data protection, copyright, and AI transparency, unmanaged generative AI can quickly become a compliance liability.

5. Systemic Risk in General-Purpose Models

The EU AI Act recognises that some general-purpose AI models have systemic risk—their size, reach, and capability mean any failure can have broad societal impact. These models face enhanced obligations: risk assessments, adversarial testing, incident reporting, cybersecurity controls, and detailed technical documentation.

Even if you are not building such models yourself, using them as a foundation for your own systems can pull you into this regulatory perimeter.

In short: generative AI is too powerful, too complex, and too exposed to be left without a dedicated audit and control framework.

Regulators and Standards: The Generative AI Guidance Wave

Two developments are particularly important for governance-conscious organisations:

NIST Generative AI Profile

NIST’s Generative AI Profile is a companion to the AI RMF, providing concrete risk considerations and response actions specific to generative AI. It maps generative AI risks—including hallucinations, misuse, and systemic risk—onto the RMF’s Govern, Map, Measure, Manage functions.

This profile encourages organisations to:

• Document model provenance and limitations

• Analyse misuse and abuse scenarios

• Implement guardrails and technical controls

• Continuously monitor and update controls over time

EU AI Act: General-Purpose AI and Systemic Models

The EU AI Act introduces detailed obligations for general-purpose AI (GPAI) models and those with systemic risk. Providers must:

• Prepare technical documentation and training data summaries

• Implement risk management and mitigation measures

• Conduct adversarial testing and model evaluations

• Put in place incident reporting and cybersecurity measures

• Ensure transparency for downstream deployers and users

Even organisations outside the EU that build on or distribute systems powered by GPAI models may be affected.

Against this backdrop, Dawgen Global’s DGACF™ is designed as a practical audit framework that aligns with these evolving expectations while remaining business-friendly and risk-based.

The Dawgen Generative AI Controls Framework (DGACF)™

The Dawgen Generative AI Controls Framework (DGACF)™ is Dawgen Global’s proprietary methodology for auditing generative AI systems—whether internal copilots, customer-facing chatbots, content engines, or decision-support tools.

DGACF™ is organised around six control dimensions:

1. Model Provenance & Documentation

2. Use-Case Scoping & Guardrails

3. Prompt, Context & Output Controls

4. Data Protection, Privacy & IP Management

5. Human Oversight & Explainability

6. Monitoring, Metrics & Feedback Loops

Together, these dimensions provide a holistic view of generative AI risk: technical, legal, ethical, and operational.

Dimension 1: Model Provenance & Documentation

The first question DGACF™ asks is: “What are we actually using?”

An audit of model provenance covers:

• Model origin – is it an in-house model, open-source model, or commercial foundation model?

• Training background – high-level description of training data types, sources, and known limitations (as far as is available).

• Versioning and change history – how are updates tracked and evaluated?

• Known risks and caveats from the provider or internal teams (e.g., hallucination tendencies, domain gaps).

From a regulatory perspective, this dimension aligns with AI Act obligations for GPAI providers to maintain technical documentation and training data summaries, and to disclose information to downstream deployers.

DGACF™ evaluates whether:

• Documentation is sufficient, accurate, and used in risk management

• The organisation understands the limitations and appropriate use conditions of the model

• There is traceability for which models are used where, and in what configurations

Dimension 2: Use-Case Scoping & Guardrails

Generative AI risk depends heavily on how the model is used.

DGACF™ assesses whether use cases are clearly:

• Defined – what tasks is the AI allowed to perform? For whom? In which channels?

• Risk-classified – based on potential impact on customers, employees, operations, and compliance.

• Constrained with guardrails – both policy guardrails (what is allowed / prohibited) and technical guardrails (filters, templates, business rules).

Examples include:

• Prohibiting unreviewed AI-generated content for regulated disclosures or legal opinions

• Restricting AI outputs in HR use cases (e.g., hiring, performance review) to advisory roles only

• Defining clear boundaries around medical, financial, or legal advice

DGACF™ looks at whether use cases have gone through a risk and ethics review, and whether guardrails are enforced in code, configuration, and training, not only in policy documents.

Dimension 3: Prompt, Context & Output Controls

Generative AI is prompt-driven, and this is where many risks materialise.

DGACF™ examines:

Prompt Design & Templates

• Are there approved prompt templates for key use cases (customer support, internal advice, summarisation)?

• Are prompts written in a way that emphasises caution, transparency, and limitations?

• Do prompts reinforce organisational policies (e.g., “If you are unsure, say you are unsure and recommend escalation”)?

Context Management (RAG and Integrations)

Many systems use Retrieval-Augmented Generation (RAG)—where the model pulls context from an internal knowledge base.

The audit checks:

• How context is selected, filtered, and updated

• Whether sensitive or irrelevant documents can leak into context

• How conflicts between context and model knowledge are handled

Output Controls and Filters

DGACF™ evaluates:

• Toxicity and safety filters (and their effectiveness)

• Mechanisms for redacting or blocking certain content categories

• Logging and review of flagged outputs

Prompt Injection and Jailbreak Resistance

Given the growing evidence that safety can be bypassed via clever prompts and hidden inputs, DGACF™ includes targeted testing for:

• Prompt injection vulnerabilities (LLM01:2025 in OWASP’s GenAI security catalogue).

• Indirect prompt attacks in documents, URLs, or integrations

• Jailbreak attempts using creative, multi-step, or obfuscated requests.

This dimension ensures that the interaction layer—where users meet the model—is not the weak link.

Dimension 4: Data Protection, Privacy & IP Management

Generative AI sits at the intersection of data protection, confidentiality, and intellectual property.

DGACF™ reviews:

• What data is used in prompts, context, and logs (including personal and confidential information)

• How data is stored, encrypted, and access-controlled

• Whether data minimisation and purpose limitation principles are respected

• Policies on whether prompts and outputs can be used for provider training or analytics

• Controls to prevent exposure of trade secrets, client information, and regulated data

The framework also examines IP and copyright considerations:

• How AI-generated content is labelled and reviewed

• Policies for using AI-generated images, text, and code externally

• Guidance to staff on acceptable use of third-party AI tools with corporate data

This aligns with the AI Act’s transparency and documentation expectations for GPAI models and with broader data protection obligations.

Dimension 5: Human Oversight & Explainability

Generative AI often feels “human”, but it is not. The illusion of understanding can encourage over-reliance.

DGACF™ asks:

• Is there meaningful human oversight over high-impact uses of generative AI?

• Are staff trained to understand limitations, hallucinations, and when to escalate?

• Are there clear approval and review processes for AI-generated content before publication or customer communication?

• Are outputs labelled or disclosed as AI-assisted, where appropriate?

On explainability, DGACF™ considers:

• Whether users receive clear instructions and warnings about the system’s limitations

• Whether there is documentation of typical failure modes and how to spot them

• How the organisation responds when customers or regulators ask, “Why did the AI say this?”

This dimension is critical for meeting emerging expectations of AI literacy, transparency, and contestability in regulations like the EU AI Act.

Dimension 6: Monitoring, Metrics & Feedback Loops

Because generative AI behaviour can shift as models are updated or new use patterns emerge, ongoing monitoring is essential.

DGACF™ evaluates:

• Metrics for tracking performance and quality (e.g., accuracy on benchmark tasks, user satisfaction, escalation rates, correction rates)

• Safety and compliance indicators (e.g., rate of blocked outputs, flagged incidents, complaint patterns)

• Governance of model updates from providers—how changes are evaluated, tested, and rolled out

• Mechanisms for capturing user feedback and turning it into training data or prompt improvements

• Procedures for incident management and reporting when generative AI causes or contributes to harm

This dimension connects closely to Dawgen’s Dawgen Continuous AI Monitoring & Assurance (DCAMA)™, ensuring that generative AI remains under control over time, not just at launch.

How a DGACF™ Generative AI Audit Works in Practice

A typical DGACF™ engagement with Dawgen Global proceeds in four stages:

1. Scoping & Risk Prioritisation

• Identify generative AI use cases (internal copilots, chatbots, content engines, etc.).

• Classify them by impact and regulatory exposure (e.g., financial advice, healthcare, HR, public services).

• Agree on priority systems for initial audit (often those with customer impact or regulatory sensitivity).

2. Documentation & Architecture Review

• Review model provenance, technical architecture, integrations, and data flows.

• Assess policies, procedures, and training materials related to generative AI.

• Map existing controls against DGACF™ dimensions and relevant standards (NIST GAI Profile, EU AI Act requirements for GPAI, internal policies).

3. Control Testing, Red-Teaming & Simulations

• Test prompt templates, guardrails, and filters for effectiveness.

• Conduct targeted red-teaming for prompt injection, jailbreaks, hallucination-prone scenarios, and safety gaps.

• Simulate high-risk use scenarios (e.g., complex customer queries, regulatory questions, edge cases).

4. Findings, Rating & Roadmap

• Rate maturity across the six DGACF™ dimensions.

• Provide a prioritised remediation roadmap with quick wins and strategic initiatives.

• Where relevant, integrate findings into Dawgen’s DALA™ and DAGEI™ frameworks for a unified AI assurance view.

The result is a clear, actionable picture of where generative AI risks are well-managed—and where they require urgent attention.

Sector Examples: Where DGACF™ Adds Immediate Value

Financial Services

• Customer-facing chatbots discussing loans, credit cards, or investment products

• Internal copilots assisting with policy interpretation, credit narratives, or regulatory updates

Here, DGACF™ helps ensure that generative AI does not provide misleading advice or breach conduct rules, and that sensitive data is handled appropriately.

Healthcare & Insurance

• Symptom-checking assistants, triage tools, or claims support chatbots

• Internal tools summarising medical reports or guidelines

DGACF™ focuses on safety, clarity of disclaimers, appropriate escalation to human professionals, and strict protection of health data.

Public Sector & Utilities

• Citizen-service chatbots handling benefits, tax, immigration, or service queries

• Internal assistants summarising legislation or policy documents

DGACF™ helps ensure that AI does not inadvertently misstate rights, obligations, or eligibility, and that transparency and explainability meet democratic expectations.

Corporate & Professional Services

• Copilots for drafting emails, contracts, reports, marketing content, and analyses

• AI assistants embedded in office suites and collaboration tools

Here, DGACF™ helps manage IP, confidentiality, and brand risk, ensuring that AI support enhances professional judgment rather than undermining it.

Questions Boards and Executives Should Be Asking About Generative AI

Before (and after) deploying generative AI, boards and executives should be able to answer:

1. Which generative AI systems are we using, and for what purposes?

2. How are we managing hallucinations, harmful content, and jailbreaking risks?

3. What guardrails and human oversight exist for high-impact use cases?

4. How are we protecting confidential data, personal information, and IP when using generative AI?

5. Are we aligned with emerging guidance such as the NIST Generative AI Profile and the EU AI Act’s GPAI provisions?

6. Has an independent party, such as Dawgen Global, audited our generative AI controls using a structured framework like DGACF™?

If any of these questions cannot be answered clearly and confidently, there is a governance and assurance gap that needs to be addressed.

Next Step: Audit Your Generative AI with Dawgen Global

Generative AI will only become more powerful, more pervasive, and more scrutinised. Organisations that take control of their generative AI risk now will be better positioned to:

• Innovate faster, with fewer surprises

• Demonstrate compliance and readiness to regulators and partners

• Build and maintain trust with customers and employees

• Turn generative AI into a strategic asset rather than a hidden liability

Dawgen Global’s Dawgen Generative AI Controls Framework (DGACF)™, integrated with DALA™, DAGEI™, and DCAMA™, is designed to give you end-to-end assurance over your generative AI landscape.

At Dawgen Global, we help you make Smarter and More Effective Decisions.

📧 To assess and strengthen your generative AI controls, email [email protected] to request a tailored DGACF™ audit proposal.

Our multidisciplinary team will work with you to scope the engagement around your specific generative AI use cases, risk appetite, and regulatory environment—so your organisation can harness generative AI with confidence, not fear.