News

Cloud Security AI Controls Matrix Turns AI Governance Into Assessment Framework

• By David Ramel
• 06/26/2026

The Cloud Security Alliance has released version 1.1 of its AI Controls Matrix, updating its vendor-agnostic framework for securing and governing cloud-based AI systems.

The new release is aimed at organizations that need a more concrete way to assess, implement and audit AI security controls across providers, customers and other participants in the AI supply chain.

The most consequential part of the release is not only the increase to 247 control objectives across 18 security domains. It is the packaging of those controls with assessment, audit and mapping materials intended to help organizations move from AI governance planning to implementation. CSA's AI Controls Matrix v1.1 page describes AICM as a framework organizations can use to develop, implement and operate AI technologies in a secure and responsible manner.

What Was Released
AICM v1.1 is a control framework and supporting package for AI security and governance in cloud environments. According to CSA, the matrix contains 247 control objectives distributed across 18 security domains. The attached CSA presentation describes AICM as the first vendor-agnostic framework for AI security and governance and says the release includes 320 AI-CAIQ questions and six framework mappings.

The package includes the AICM v1.1 controls spreadsheet, AI-CAIQ v1.1, implementation guidelines, auditing guidelines and framework mappings.

Additional v1.1 changes include an updated AI-CAIQ, a new AIUC-1 mapping, a combined NIST AI 600-1 and NIST AI Risk Management Framework mapping, a published EU AI Act mapping and a new Model Security domain. The presentation says the Model Security domain includes 13 AI-specific and AI-related controls covering model integrity, weights protection and inference security.

Who It Is For
CSA identifies multiple roles for the framework, including model providers, cloud service providers, application providers, orchestrated service providers and AI customers. The role-based structure is important because AI systems often involve shared responsibility across the model layer, application layer, orchestration layer, customer environment and underlying cloud infrastructure.

CSA says model providers develop, train and distribute foundational or fine-tuned AI models. Cloud service providers deliver the underlying cloud infrastructure that hosts and supports AI systems and workloads. The attached presentation also defines role abbreviations for model provider, orchestration service provider, application provider, AI customer and cloud service provider.

The framework is also relevant to security, governance, risk, compliance, procurement and audit teams. CSA's earlier introductory guidance describes AICM as a foundational security and governance framework for AI service providers and customers, and says it helps them implement, assess and manage AI systems across the AI supply chain.

How CSA Says to Use It
The CSA's presentation describes a four-step use pattern: scope, select, implement and assess. In that sequence, organizations identify the AI systems they need to protect, choose the controls that apply based on their role and systems, put the controls in place using implementation guidelines and check compliance using the AI-CAIQ questionnaire.

That guidance is expanded that into an implementation journey from scoping to maturity. It starts with defining scope, selecting controls and assigning ownership, then moves into integration, posture assessment, supply chain controls, formalized governance and scaling through compliance automation, AI security operations integration and progress monitoring.

The AI-CAIQ component is intended to support self-assessment and third-party assessment. CSA's AICM v1.1 page says the questionnaire maps to the AICM and can guide organizations performing a self-assessment or evaluating third-party vendors.