TLDR: OneShield, a prominent provider of SaaS core systems for the insurance sector, has become the first insurance software vendor to be registered under the Cloud Security Alliance (CSA) AI Controls Matrix (AICM). This achievement, announced on November 13, 2025, signifies a major step in ensuring the security, accountability, and ethical governance of AI systems in cloud environments for the insurance industry.
MARLBOROUGH, Mass. – OneShield, a leading innovator in SaaS core systems for the insurance industry, announced a significant milestone on November 13, 2025, by becoming the first insurance software vendor to successfully register under the Cloud Security Alliance (CSA) AI Controls Matrix (AICM). This pioneering adoption positions OneShield at the forefront of secure and ethically governed artificial intelligence deployment within the highly regulated insurance sector.
The AICM is recognized as the industry’s inaugural comprehensive framework designed specifically for evaluating the security, accountability, and ethical governance of AI systems operating in cloud environments. OneShield’s registration under this matrix provides its clientele—including insurers, MGAs, and brokers—with enhanced assurance that their core systems and AI-driven workflows are safeguarded within a securely validated and independently assessed cloud infrastructure.
This strategic move underscores OneShield’s unwavering commitment to delivering solutions that are not only innovative but also secure and compliant across its entire product suite. A key component of this commitment is the OneShield AI Hub, which is engineered to facilitate the safe and effective deployment of responsible AI and intelligent automation for insurance companies.
Tony Villa, CEO of OneShield, emphasized the growing industry demand for transparency and data protection. “Insurers are placing greater emphasis on transparency, data protection, and vendor assurance,” Villa stated. “Adopting the AI Controls Matrix helps demonstrate that our cloud practices align with globally recognized standards, giving our customers added confidence as they modernize their operations and explore new AI capabilities.”
The CSA AICM is a robust framework, encompassing over 200 control objectives. These objectives span critical areas such as data protection, access management, business continuity, encryption, model transparency, bias mitigation, human oversight, and third-party risk management. By aligning with these stringent controls, OneShield is reinforcing its dedication to robust governance and security.
Doug Moore, Chief Innovation Officer at OneShield, highlighted the practical benefits for customers. “Our AI Hub is designed to help insurers unlock the power of secure and responsible AI,” Moore commented, indicating the direct impact of this registration on enabling advanced AI capabilities with confidence.
Also Read:
- ModelOp Achieves CHAI Assurance Resource Provider Certification, Bolstering Trustworthy AI Governance in Healthcare
- London Forum Explores Transformative Impact of Agentic and Generative AI on Insurance Sector
Furthermore, this registration lays a crucial groundwork for OneShield’s broader SOC 2 compliance strategy, particularly for its AI Hub and associated services. By adhering to the AICM, OneShield is strengthening the foundational controls, documentation, and governance practices essential for its upcoming SOC 2 attestation. The Cloud Security Alliance, a global leader in promoting secure cloud computing practices, developed the AICM as an extension of its widely recognized Cloud Controls Matrix (CCM), which provides a detailed cybersecurity framework for cloud-specific controls.
