STAR Program for AI

Building AI trust upon STAR’s proven foundations

An Urgent Need for AI Security Assurance

We have firmly embedded generative AI technologies into our organizations and personal lives, and adoption is only increasing from there. However, at the same time, people face uncertainty and distrust with AI. No common standard exists. Various groups are slowly building AI frameworks, but their pace clashes with the light-speed progress of AI.

Launched in 2011, CSA’s Security, Trust, Assurance & Risk (STAR) program is the industry’s most powerful program for security assurance, listing over 3,400 cloud provider security assessments in its publicly-available registry. Worldwide, organizations rely on STAR entries as an indicator of cloud service trustworthiness. This framework is the perfect medium for bringing stability to the chaotic realm of AI.

CSA is expanding the STAR program to include assurance for AI. STAR for AI will pull from the Cloud Controls Matrix (CCM) and other existing auditing standards to deliver a security framework and certification program for AI services, as soon as possible. This will provide AI companies, cloud providers, and enterprise users with an authoritative mechanism to measure AI trustworthiness.

What Are We Building?

  • AI Controls Matrix

    A framework of control objectives to support the secure and responsible development, management, and use of AI technologies. Draws from the Cloud Controls Matrix (CCM), ISO/IEC 42001, ISO 27001, and more. 

  • AI Safety Pledge

    A list of high-level AI safety principles for companies to pledge to support. Serves as a stepping stone to the broader certification program and draws from the AI Controls Matrix.

  • AI Auditing Scheme

    Conformity assessment mechanisms to evaluate the adherence of AI services to the AI Controls Matrix. Possible approaches include self-assessment, third-party audit, continuous controls monitoring, and AI auditing.

  • AI Safety Certification Program

    A certification service delivered via the cloud that will leverage the AI Controls Matrix and live on the CSA STAR Registry.

Stay Informed

People around the world are calling for the prompt regulation of AI services. CSA has taken up the mantle to deliver. 

Fill out this form to stay updated as we develop STAR for AI. Be the first to hear about new calls for participation, peer reviews, and releases. After submitting, you’ll get access to additional resources to explore the initiative further.