Universal Endpoint Management
CSA AI Controls Matrix v1.1 domain
Secure endpoints that develop, administer, or consume AI services.
What this domain means for procurement
Developer devices, administrator workstations, managed endpoints, and edge clients can expose credentials and customer data or become an entry path to AI systems.
How TrustAtlas dimensions support it
Security covers endpoint posture and access; data handling covers local storage, caching, and movement of prompts and sensitive outputs.
SecurityData handling
This is an interpretive TrustAtlas cross-walk, not an official CSA mapping or evidence of AICM conformity.
Questions to ask vendors
Use these procurement prompts alongside the official CSA AICM v1.1 materials. They name the domain but do not invent or paraphrase control identifiers.
- What endpoint posture requirements apply to staff who administer production AI systems or access customer data?
- Can customers restrict service access to managed devices and enforce conditional-access policies?
- How does the product prevent sensitive prompts, outputs, credentials, or model artifacts from persisting on endpoints?
Related
- Back to all 18 CSA AICM v1.1 domains
- Official CSA AICM v1.1 artifact
- NIST AI RMF cross-walk
- TrustAtlas methodology — how the nine risk dimensions are scored