Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Share how your organization manages AI securely. Take the CSA and Google enterprise AI Survey today!

Introducing the CSA AI Controls Matrix: A Comprehensive Framework for Trustworthy AI

Published 07/10/2025

Home
Industry Insights
Introducing the CSA AI Controls Matrix: A Comprehensive Framework for Trustworthy AI
Written by Daniele Catteddu, Chief Technology Officer, CSA.

Today, the Cloud Security Alliance (CSA) has announced the release of the AI Controls Matrix (AICM), a groundbreaking framework designed to help organizations develop, implement, and use AI technologies in a secure and responsible manner. As we witness the rapid advancement of generative AI and large language models, the need for robust security controls has never been more critical. The AICM is a comprehensive, adaptable, and auditable framework for implementing trustworthy AI across organizational, technical, and societal boundaries.

 

The Trust Imperative in the GenAI Era

The transformative potential of generative AI brings unprecedented opportunities—and equally unprecedented challenges. Policymakers and regulators are grappling with concerns they've never faced before, while AI service providers are asking fundamental questions: How do we earn customer trust? How do we satisfy regulatory requirements? How do we build credibility in the marketplace?

At CSA, we believe that trust is the foundation for responsible AI advancement. The AICM represents our commitment to balancing innovation with accountability and transparency, providing organizations with the tools they need to build trustworthy AI systems that serve humanity responsibly and ethically.

This comprehensive framework is part of CSA's broader ecosystem for trustworthy AI, which includes the AI Trustworthy Pledge for organizations ready to make their first commitment to responsible AI, and the upcoming STAR for AI Program, which will provide industry-recognized certification based on AICM standards.

 

What Makes a Trustworthy GenAI Service?

A trustworthy GenAI service embodies five core attributes:

  • Robust and reliable performance under various conditions
  • Resilient against failures and adversarial attacks
  • Explainable in its decisions and outputs
  • Controllable through meaningful human oversight
  • Transparent in its operations and limitations

Beyond these technical attributes, trustworthy AI requires essential accountability measures including clear responsibility frameworks, strong privacy protections, fairness across diverse populations, and full compliance with applicable laws and regulations.

 

The AI Controls Matrix: Built on Proven Principles

The AICM is not built in isolation. It stands on the robust foundation of our widely-adopted Cloud Control Matrix (CCM), leveraging years of expertise in cloud security to address the unique challenges of AI systems. This approach ensures that organizations can build upon existing security practices while addressing AI-specific risks.

 

Key Characteristics:
  • Open: Freely available to the global community
  • Expert-driven: Developed by leading AI and security professionals
  • Consensus-based: Built through collaborative industry input
  • Vendor-agnostic: Applicable across all AI platforms and providers

 

Comprehensive Coverage: 18 Domains, 243 Controls

The AICM provides unprecedented comprehensive coverage with 18 security domains containing 243 control objectives. These domains span the entire spectrum of AI security concerns, from traditional areas like Identity & Access Management and Data Security & Privacy Lifecycle Management to AI-specific domains like Model Security and Supply Chain Management, Transparency, & Accountability.

 

The Five Pillars of AICM Architecture

AICM pillars

The matrix is structured around five critical pillars that provide a multi-dimensional analysis of each control:

1. Control Type

  • AI-specific controls for unique AI risks
  • AI and cloud-related controls for hybrid environments
  • Cloud-specific controls for underlying infrastructure

2. Control Applicability and Ownership

  • Clear responsibility mapping across the AI service stack
  • Shared responsibility models between Cloud Service Providers, Model Providers, Orchestrated Service Providers, and Application Providers
  • Coverage across all four layers: GenAI Ops, The Model, Orchestrated Services, and GenAI Applications

3. Architectural Relevance

  • Mapping to GenAI stack components: Physical, Network, Compute, Storage, Application, and Data layers
  • Ensures comprehensive security coverage across the entire technology stack

4. Lifecycle Relevance

  • Complete coverage of the AI lifecycle from Preparation through Development, Evaluation/Validation, Deployment, Delivery, and Service Retirement
  • Ensures security considerations are embedded throughout the AI system lifecycle

5. Threat Category

  • Addresses nine critical threat categories, including Model Manipulation, Data Poisoning, Sensitive Data Disclosure, Model Theft, Service Failures, Insecure Supply Chains, Insecure Apps/Plugins, Denial of Service, and Loss of Governance/Compliance

 

AICM Components

Similarly to the CCM, AICM has several components in addition to the core controls that I described above, those are:

  • Assessment Questionnaire: Called the Consensus Assessment Initiative Questionnaire (CAIQ) for AI, it is a set of questions that are meant to guide organizations in either performing a self-assessment of their GenAI posture or as an evaluation tool for third-party vendors. The CAIQ for AI is the foundation of the upcoming STAR Level 1 Self-Assessment for AI. This is expected to be launched at the end of 2025.
  • Implementation Guidelines: The implementation guidelines provide additional details and guidance on how to apply each control objective in practice. They are addressed to the key GenAI services actors defined in the taxonomy (CSP, Model Providers, Orchestrated Service Provides, Application Providers, and Users).
  • Auditing Guidelines: The auditing guidelines provide additional details and guidance on how to assess and audit each control objective in practice. They are also addressed to the key GenAI services actors defined in the taxonomy and will serve as key input for the formal auditing and evaluation of AICM controls in the context of the STAR Program.
  • Mapping with Other Standards: The AICM doesn't exist in a vacuum. We've carefully mapped our controls to existing industry standards and frameworks, including:
    • BSI AI C4 Catalogue: Mapping for German and European compliance
    • NIST AI 600-1: Alignment for U.S. federal requirements
    • ISO 42001: Mapping with the leading ISO standards for AI
    • EU AI Act: Mapping with the most relevant regulation in the AI legal and regulatory landscape

The mappings with ISO 42001 and the EU AI Act will be released in August 2025. 

Additional mappings and reverse mappings (analysis of the potential gaps that AICM has in comparison with a target standard) will be added in the near future.

 

Building an Ecosystem of Trust: From Pledge to Certification

The AICM is a cornerstone in CSA's comprehensive approach to trustworthy AI, but it's part of a larger ecosystem designed to support organizations at every stage of their AI journey.

 

The AI Trustworthy Pledge

The CSA AI Trustworthy Pledge embeds trust into the AI development lifecycle from day one. It's a voluntary commitment that signals an organization's dedication to four foundational principles that should underpin every AI initiative:

  • Safe and Compliant Systems go beyond meeting minimum regulatory requirements. Organizations commit to designing, developing, deploying, operating, managing, or adopting AI solutions while prioritizing user safety and compliance with applicable laws and regulations.
  • Transparency builds the foundation of trust. Organizations promise transparency about the AI systems they design, develop, deploy, operate, manage, or adopt, fostering trust and clarity with stakeholders and users.
  • Ethical Accountability ensures that fairness isn't an afterthought, but a design principle. Organizations commit to ethical AI design, development, deployment, operation, or management, ensuring fairness and the ability to explain AI outcomes.
  • Privacy Practices recognize that AI's power comes from data, and with that power comes the responsibility to protect the personal information that fuels these systems. Organizations commit to upholding the highest standards of privacy protection for personal data.

The AI Trustworthy Pledge addresses a critical market reality: trust is becoming a competitive differentiator. Organizations like Airia, Endor Labs, Deloitte Consulting, Okta, Reco, Redblock, Securiti AI, Whistic, and Zscaler have already recognized this imperative and taken the pledge, receiving digital badges to promote their commitment to responsible AI practices. By beginning with these voluntary commitments, CSA is fostering industry-wide alignment on responsible AI practices ahead of introducing formal certification frameworks.

 

STAR for AI Program

In a recent blog, I have introduced the STAR for AI Program. This program provides organizations with a structured pathway to demonstrate their commitment to trustworthy AI through multiple levels of assurance.

The AI Controls Matrix serves as the foundational standards for STAR for AI, providing the technical backbone for assessment and certification. Just as STAR has become the industry gold standard for cloud security assurance, STAR for AI is positioned to become the definitive mark of trustworthy AI services.

 

The Progressive Journey

Our approach recognizes that organizations are at different stages of AI maturity, but all must start with a fundamental commitment to responsible practices. The journey is both urgent and strategic:

  1. AI Trustworthy Pledge: Position your organization as a leader in responsible AI innovation while the industry standards of tomorrow are still being shaped.
  2. AICM Implementation: Use our comprehensive controls framework to build robust AI security practices across all 18 domains and 243 control objectives, ensuring your AI systems meet the highest standards of trustworthiness.
  3. STAR for AI Certification/Attestation: Achieve third-party validation of your trustworthy AI practices through the industry's most recognized assurance program.

 

The Path Forward: Leading Responsible Innovation

The release of the AICM represents a pivotal moment in our industry's response to the AI revolution, but the window for proactive leadership is limited. As AI systems reshape entire industries and make decisions affecting millions of lives daily, the organizations that embed trust into their AI development lifecycle from day one will emerge as the market leaders of tomorrow.

The choice is clear. The time is now. We invite the global community to engage with our complete ecosystem:

  • Start with the Pledge to demonstrate your proactive commitment to responsible AI and gain competitive differentiation in a trust-conscious market. You'll receive an official digital badge and have your organization's logo featured on our website.
  • Implement the AICM to build comprehensive security practices that address the full spectrum of AI risks.
  • Learn about the upcoming STAR for AI certification. Get ready to achieve industry-recognized validation of your trustworthy AI practices.
  • Provide feedback to help us continue evolving these frameworks to meet the rapidly changing AI landscape. 

As we stand at this critical inflection point where unprecedented technological capability meets the urgent need for responsible innovation, CSA's comprehensive approach provides organizations with more than just frameworks—we're providing the complete ecosystem needed to build AI systems that are powerful, trustworthy, and positioned for long-term success.

Artificial IntelligenceCloud Controls MatrixInnovating from the cloud STARStrategic

Share this content on your favorite social network today!

Cloud Assurance
Related Resources
STAR
The industry's standard for security assurance in the cloud.
Cloud Controls Matrix & CAIQ v4
The standard cybersecurity control framework.
Trusted Cloud Provider
Demonstrate your commitment to holistic security.
Latest from CSA
Secure AI with the AI Controls Matrix
Take the Survey: AI Identity Risk & Readiness
Join the Regulatory Analysis and Compliance Engineering WG Meeting
Unlock Cloud Security Insights

Unlock Cloud Security Insights

Choose the CSA newsletters that match your interests:

Subscribe to our newsletter for the latest expert trends and updates

Audit Cloud Providers with Confidence & Enroll in STAR Lead Auditor Training
Related Articles:
Compliance: Cost Center or Growth Trigger?

Published: 07/11/2025

Cloud Security Alliance Delivers the AI Guardrails You’ve Been Looking For

Published: 07/10/2025

Agentic AI, MCP, and the Identity Explosion You Can’t Ignore

Published: 07/10/2025

Understanding Security Risks in AI-Generated Code

Published: 07/09/2025