ISACA Advanced in AI Risk (AAIR) Certification
Course 2018
2 DAY COURSE

The ISACA^® Advanced in AI Security Management^™ (AAIR^™) certification validates risk professionals’ expertise and experience in managing AI-specific risks while harnessing AI’s transformative potential for strategic advantage. This credential builds upon established risk management best practices, focusing on the evolving AI landscape to effectively assess and manage risk profiles within organizations. By fostering cross-functional collaboration, it equips professionals to communicate AI risk comprehensively and ensure ethical and regulatory compliance.

ISACA Advanced in AI Risk (AAIR) Certification Benefits

• Course Benefits

  • Reduce operational and reputational risk with improved model controls, monitoring and third-party oversight
  • Strengthen regulatory readiness and demonstrate responsible AI practices across the enterprise
  • Upskill existing risk teams quickly without needing to hire scarce specialized talent

  Prerequisites

  Candidates must possess one of the following certifications:

  • CISA see Certified Information Systems Auditor (CISA) Training
  • CISM seeCISM Certified Information Security Manager
  • CRISC seeCertified Risk and Information Systems Control (CRISC) Training
  • CGEIT seeCGEIT Certification Training
  • CDPSE see{course:2041}
  • CGRC seeCGRC® Training and Certification
  • CISSP seeCISSP® Training and Certification Prep Course
  • PMI-RMP see {course:3602}
  • CRMP, CRCM, CRMA, or CERP

  Who Should Attend:

  Mid-to-late career risk professionals who hold the prerequisite certifications.

ISACA AI Risk Certification Training Outline

Learning Objectives

Module 1: AI Risk Governance and Framework Integration

AI Models, Frameworks, Strategies, and Use Cases

• Types of AI
• AI Frameworks
• Business Use Case and AI Use Case Review
• AI Business Strategies

AI Organizational Processes and Alignment

• AI Governance Fundamentals
• Alignment to Existing Organizational Structures

 AI Ownership, Oversight, and Accountability

• AI-related Roles and Responsibilities
• Accountability and AI
• RACI for AI Solutions

AI Policies, Procedures, and Organizational Training

• AI Acceptable Use Policy
• AI Policy Development
• AI Procedures and Manuals
• Organizational Culture and AI Risk Governance
• Elements of Effective AI Training and Awareness

AI Regulatory Compliance and Legal Considerations

• Compliance With Laws and Regulations
• Gaps in Regulatory Coverage
• Mapping Legal Requirements for AI
• Assessing Legal Exposure and Liability for AI Actions
• Intellectual Property Considerations in AI
• Vendor Contract Review

AI Trustworthiness, Ethical and Societal Implications

• Responsible Use of AI Systems 68
• Bias and Fairness
• Transparency and Explainability
• Trust and Safety
• Human Rights and Societal Impact
• Environmental Impact

Module 2: AI Life Cycle Risk Management

AI Design, Development, Procurement, and Documentation

• Plan and Design
• Data Requirements for AI Models
• Procurement of AI Solutions
• Build, Adapt, and Document Models

AI Model Training, Testing and Validation

• Sourcing Datasets
• Validating the Data
• Model Training
• Model Testing and Validation
• Model Performance and Fine Tuning

AI Implementation, Maintenance, and Decommissioning

• AI Deployment and Implementation
• Robustness and Scalability Considerations
• Monitoring and Managing Model Drift
• Change Management in AI Systems
• Decommissioning AI Solutions

AI Data and Asset Management

• AI Asset Inventory
• Data Collection for AI
• Data Classification
• Data Confidentiality
• Data Quality
• Data Balancing
• Data Scarcity
• Data Security
• Data Preparation and Normalization
• Data Minimization and Privacy Considerations

Module 3: AI Risk Program Management

AI Risk Scenario Identification and Assessment

• AI Threat Landscape
• AI Threat Modeling
• Development of AI Risk Scenarios
• AI Risk Classification
• AI Risk Assessment

AI Risk Treatment Strategies

• Accept
• Avoid
• Mitigation
• Transfer/Share

AI Controls Management

• AI Control Types and Control Frameworks
• AI Control Selection and Validation
• Control Performance
• Controls Specific to AI Solutions
• Use of AI in Control Management

AI Risk Metrics, Monitoring, and Reporting

• Risk and Performance Metrics
• AI Risk Reportings

AI Supply Chain Risk Management

• AI Vendor Management
• AI Shared Responsibility Model
• AI Software Supply Chain Risk
• Cloud Computing Risk in AI Supply Chains

AI Incident Response, BIA, Business Continuity, and Disaster Recovery

• AI Business Impact Analysis
• Prepare
• Identify and Report
• Assess
• Respond
• Post-incident Review