What AICM v1.1 Widens

On June 23, 2026, the Cloud Security Alliance released AICM (AI Controls Matrix) v1.1, spanning 247 controls across 18 domains — up from 243 in v1.0 — and adding a new Model Development Security (MDS) domain. The companion AI-CAIQ questionnaire grew to 320 questions for STAR Level 1 submissions, paired with a Shared Security Responsibility Model (SSRM) across five actor roles (CSP, MP, OSP, AP, AIC) and mapping tables to regulations including the EU AI Act.

Where the Questionnaire Becomes a Vendor Team's Job

Enterprise procurement teams have already started attaching this control matrix as an RFP appendix. The incident-reporting clock and third-party audit history covered in our previous post sit inside these same AICM controls, so being ready to answer them becomes standing work for a vendor team regardless of whether any specific law applies to them.

A Response Roadmap: The Agent Vendor Assessment Checklist

Trying to prepare all 247 controls at once never finishes. Narrow the target to the top three domains your agent is asked about most often — identity and access, model development security, logging and monitoring — and set a first-pass target of 100% response coverage on those three plus 60% across the remaining 15 domains.

Of the 320 AI-CAIQ questions, only a handful actually recur in practice. Tabulate the questions from your last three to five RFPs and the controls that matter in real assessments become visible; from there, track answer-reuse rate as a metric for the next one.

The most common failure is filing the control matrix away in a legal or security folder without linking it to the actual evidence — logs, policy documents — behind each answer. Once a request arrives, the scramble to find that evidence pushes responses back by weeks.

The second failure is recycling v1.0-era answers wholesale and leaving the new MDS domain entirely blank. The recovery strategy is a dedicated version change log: every time an AICM minor version ships, diff out only the new or revised domains, tackle those first, and mark unanswered new controls "in progress" rather than leaving them looking unaddressed.

Manage evidence per control as structured fields, not files: control ID, owner, evidence link, last-updated date, and validity window as required fields, so you can confirm at assessment time whether the evidence is still current.

Before shipping, rehearse the top 30 AI-CAIQ questions against a new-customer onboarding scenario. If you're pursuing STAR Level 1 self-certification, separately review whether the evidence documents expose PII or internal architecture detail they shouldn't.

Each quarter, tally which controls stalled your response and move them to the top of next quarter's documentation backlog. Plot the AICM version history against your own answer-refresh history on the same timeline, and it's immediately clear what to fix first when v1.2 lands.

What to Check Right Now

CSA AICM v1.1 isn't law, but it's a market standard — its 247 controls and new MDS domain are already arriving as RFP attachments on vendor teams' desks. Set response-rate targets on the domains you're asked about most, manage evidence as structured fields per control, and the next version becomes a diff to handle rather than a rebuild.

References

AI Controls Matrix (AICM) v1.1 — Cloud Security Alliance

Cloud Security AI Controls Matrix Turns AI Governance Into Assessment Framework — Virtualization Review