AICM AtlasCSA AI Controls Matrix
UEM · Universal Endpoint Management
UEM-09Cloud & AI Related

Anti-Malware Detection and Prevention

Specification

Configure managed endpoints with anti-malware detection and prevention technology and services.

Threat coverage

Model manipulation
Data poisoning
Sensitive data disclosure
Model theft
Model/Service Failure
Insecure supply chain
Insecure apps/plugins
Denial of Service
Loss of governance

Architectural relevance

Physical infrastructure
Network
Compute
Storage
Application
Data

Lifecycle

Preparation

Resource provisioning

Development

Guardrails

Evaluation

Evaluation

Deployment

Orchestration, AI applications

Delivery

Operations, Maintenance, Continuous monitoring

Retirement

Not applicable

Ownership / SSRM

PI

Shared Cloud Service Provider-Model Provider (Shared CSP-MP)

The CSP and MP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Model

Owned by the Model Provider (MP)

The model provider (MP) designs, develops, and implements the control as part of their services or products to mitigate security, privacy, or compliance risks associated with the Large Language Model (LLM). Model Providers are entities that develop, train, and distribute foundational and fine-tuned AI models for various applications. They create the underlying AI capabilities that other actors build upon. Model Providers are responsible for model architecture, training methodologies, performance characteristics, and documentation of capabilities and limitations. They operate at the foundation layer of the AI stack and may provide direct API access to their models. Examples: OpenAI (GPT, DALL-E, Whisper), Anthropic(Claude), Google(Gemini), Meta(Llama), as well as any customized model.

Orchestrated

Shared Model Provider-Orchestrated Service Provider (Shared MP-OSP)

The MP and OSP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Application

Shared Orchestrated Service Provider-Application Provider (Shared OSP-AP)

The OSP and AP are jointly responsible and accountable for the design, development, implementation, and enforcement of the control to mitigate security, privacy, or compliance risks associated with Large Language Model (LLM)/GenAI technologies in the context of the services or products they develop and offer.

Implementation guidelines

[Applicable to all actors except CSP] 
        1. Deploy and maintain anti-malware or EDR on all endpoints (laptops, mobiles, virtual machines, virtual desktops, jump hosts, etc.), with real-time protection and behavior or ML-based detection, and keep engines and signatures current.   

        2. Continuously monitor agent health in UEM (installed, running, current, scans performed) and enforce access restrictions for non-compliant devices using Conditional Access or NAC, including auto-quarantine until remediated.   

        3. Standardize protection settings and scanning policy across parties: require on-access scanning and periodic scans on a risk-based cadence; use vendor guidance for full scans and run them when catch-up or incident conditions warrant.   

        4.  Share threat intelligence and coordinate response across stakeholders so that new IoCs and detections propagate quickly and comparable protective actions are triggered everywhere. 

        5.  Maintain malware response playbooks that define containment, isolation, eradication, and recovery steps, with roles and escalation, and test them periodically.

Auditing guidelines

1. Verify that the CSP has a documented Anti‑Malware Policy for all endpoint types, approved by governance, defining scope, roles, responsibilities, and review cadence.

2. Inspect the policy to confirm it mandates automated installation and regular updates of anti‑malware software, signatures, and virus definitions.

3. Confirm the policy enforces application whitelisting on endpoints and restricts unauthorized software installation, including on BYOD devices.

4. Verify the policy requires periodic scans of installed software and data for unauthorized code, plus defined procedures for response and removal.

5. Review system outputs (scan reports, remediation logs, exception records, change‑approval tickets, and audit trails) to ensure endpoints comply with the CSP’s anti‑malware requirements.

From CCM: 	
1. Examine the organization's anti-malware policy.
2. Determine if such controls are in place and evaluated as effective.

Standards mappings

ISO 42001Partial Gap
No Mapping for ISO 42001
ISO 27001 A.8.7
Addendum

No ISO 42001 controls support UEM-09 topic of anti-malware, especially not configured on endpoint devices

EU AI ActPartial Gap
Recital 76 (pg.22)
Article 15
Addendum

Amend Article 15, or provide a technical annex, to mandate industry-standard anti-malware detection and prevention for endpoints supporting high-risk AI systems.

NIST AI 600-1No Gap
MG-3.2-005
Addendum

N/A

BSI AIC4No Gap
C4 SR-06
C5 OPS-04
C5 OPS-05
Addendum

N/A

AI-CAIQ questions (1)

UEM-09.1

Are anti-malware detection and prevention technology services configured on managed endpoints?