Infrastructure Security
CSA AI Controls Matrix v1.1 domain
Harden compute, network, virtualization, and orchestration supporting AI services.
What this domain means for procurement
AI workloads depend on specialized compute and shared cloud infrastructure. Isolation, hardening, network control, and vulnerability management protect both models and customer data.
How TrustAtlas dimensions support it
Security captures technical safeguards and isolation; dependency chain captures responsibility shared with infrastructure providers.
SecurityDependency chain
This is an interpretive TrustAtlas cross-walk, not an official CSA mapping or evidence of AICM conformity.
Questions to ask vendors
Use these procurement prompts alongside the official CSA AICM v1.1 materials. They name the domain but do not invent or paraphrase control identifiers.
- How are tenant workloads isolated across compute, storage, network, and accelerator resources?
- Which hardening baselines and vulnerability remediation timelines apply to AI infrastructure?
- What infrastructure responsibilities belong to your cloud providers, and how do you verify their performance?
Related
- Back to all 18 CSA AICM v1.1 domains
- Official CSA AICM v1.1 artifact
- NIST AI RMF cross-walk
- TrustAtlas methodology — how the nine risk dimensions are scored