SECURITY.md

SECURITY.md – ML-Based Risk Scoring – Tier-1 UK Retail Bank (GCP + BigQuery ML)

This document describes security and governance patterns for the case study.

1. Perimeter and network

• All data and services reside inside a VPC-SC protected perimeter.
• Access from outside is via approved service accounts and identities only.

2. Encryption

• All BigQuery tables (raw, features, scores) use CMEK.
• GCS buckets for model artifacts and DQ exports use CMEK as well.
• TLS in transit is enforced by GCP-managed certificates.

3. Identity & access management

• IAM follows least-privilege:
  • Dataflow, Composer, and BQML have separate service accounts.
  • Read vs write vs admin roles split by team.
• Row-level and column-level security used for sensitive attributes.

4. Data classification and policy tags

• Sensitive columns (PII, financial identifiers) are tagged with Policy Tags.
• Access to tagged columns is restricted to specific roles.

5. Audit logging

• Cloud Audit Logs enabled for BigQuery, Dataflow, Pub/Sub, Composer.
• Access to risk scores and model metadata is logged and retained.

This is a sanitized description designed for portfolio purposes only.