

Course Information

Course Name
AAIR: Advanced in AI Risk

Exam code
AAIR

Duration
2 Days
Certification
Overview
The ISACA® Advanced in AI Risk (AAIR) certification validates risk professionals’ expertise and experience in managing AI-specific risks while harnessing AI’s transformative potential for strategic advantage. This credential builds upon established risk management best practices, focusing on the evolving AI landscape to effectively assess and manage risk profiles within organizations. By fostering cross-functional collaboration, it equips professionals to communicate AI risk comprehensively and ensure ethical and regulatory compliance.
Audience Profile
To qualify for AAIR, candidates must hold one of the following designations:
ISACA CERTIFICATIONS
Prerequisites
Must possess one of the following:
- ISACA Designation: CISA, CISM, CRISC, CGEIT, CDPSE
- Non-ISACA Designation: CRMP, CRMP-FED, CRMA, CERP, CRCM, CGRC, CISSP, CIA, ANAN CAN, Canadian CPA, AACA, FCCA, Japanese CPA, ACA, FCA, CA ANZ, FCA ANZ, CPA HKICPA, or FCPA HKICPA certification
At Course Completion
Course Outline
AI Models, Frameworks, Strategies, and Use Cases
- Types of AI
- AI Frameworks
- Business Use Case and AI Use Case Review
- AI Business Strategies
AI Organizational Processes and Alignment
- AI Governance Fundamentals
- Alignment to Existing Organizational Structures
AI Ownership, Oversight, and Accountability
- AI-related Roles and Responsibilities
- Accountability and AI
- RACI for AI Solutions
AI Policies, Procedures, and Organizational Training
- AI Acceptable Use Policy
- AI Policy Development
- AI Procedures and Manuals
- Organizational Culture and AI Risk Governance
- Elements of Effective AI Training and Awareness
AI Regulatory Compliance and Legal Considerations
- Compliance With Laws and Regulations
- Gaps in Regulatory Coverage
- Mapping Legal Requirements for AI
- Assessing Legal Exposure and Liability for AI Actions
- Intellectual Property Considerations in AI
- Vendor Contract Review
AI Trustworthiness, Ethical and Societal Implications
- Responsible Use of AI Systems 68
- Bias and Fairness
- Transparency and Explainability
- Trust and Safety
- Human Rights and Societal Impact
- Environmental Impact
AI Design, Development, Procurement, and Documentation
- Plan and Design
- Data Requirements for AI Models
- Procurement of AI Solutions
- Build, Adapt, and Document Models
AI Model Training, Testing and Validation
- Sourcing Datasets
- Validating the Data
- Model Training
- Model Testing and Validation
- Model Performance and Fine Tuning
AI Implementation, Maintenance, and Decommissioning
- AI Deployment and Implementation
- Robustness and Scalability Considerations
- Monitoring and Managing Model Drift
- Change Management in AI Systems
- Decommissioning AI Solutions
AI Data and Asset Management
- AI Asset Inventory
- Data Collection for AI
- Data Classification
- Data Confidentiality
- Data Quality
- Data Balancing
- Data Scarcity
- Data Security
- Data Preparation and Normalization
- Data Minimization and Privacy Considerations
AI Risk Scenario Identification and Assessment
- AI Threat Landscape
- AI Threat Modeling
- Development of AI Risk Scenarios
- AI Risk Classification
- AI Risk Assessment
AI Risk Treatment Strategies
- Accept
- Avoid
- Mitigation
- Transfer/Share
AI Controls Management
- AI Control Types and Control Frameworks
- AI Control Selection and Validation
- Control Performance
- Controls Specific to AI Solutions
- Use of AI in Control Management
AI Risk Metrics, Monitoring, and Reporting
- Risk and Performance Metrics
- AI Risk Reportings
AI Supply Chain Risk Management
- AI Vendor Management
- AI Shared Responsibility Model
- AI Software Supply Chain Risk
- Cloud Computing Risk in AI Supply Chains
AI Incident Response, BIA, Business Continuity, and Disaster Recovery
- AI Business Impact Analysis
- Prepare
- Identify and Report
- Assess
- Respond
- Post-incident Review
Overview
Overview
The ISACA® Advanced in AI Risk (AAIR) certification validates risk professionals’ expertise and experience in managing AI-specific risks while harnessing AI’s transformative potential for strategic advantage. This credential builds upon established risk management best practices, focusing on the evolving AI landscape to effectively assess and manage risk profiles within organizations. By fostering cross-functional collaboration, it equips professionals to communicate AI risk comprehensively and ensure ethical and regulatory compliance.
Audience Profile
Audience Profile
To qualify for AAIR, candidates must hold one of the following designations:
ISACA CERTIFICATIONS
Prerequisities
Prerequisites
Must possess one of the following:
- ISACA Designation: CISA, CISM, CRISC, CGEIT, CDPSE
- Non-ISACA Designation: CRMP, CRMP-FED, CRMA, CERP, CRCM, CGRC, CISSP, CIA, ANAN CAN, Canadian CPA, AACA, FCCA, Japanese CPA, ACA, FCA, CA ANZ, FCA ANZ, CPA HKICPA, or FCPA HKICPA certification
At Course Completion
At Course Completion
Course Outline
Course Outline
AI Models, Frameworks, Strategies, and Use Cases
- Types of AI
- AI Frameworks
- Business Use Case and AI Use Case Review
- AI Business Strategies
AI Organizational Processes and Alignment
- AI Governance Fundamentals
- Alignment to Existing Organizational Structures
AI Ownership, Oversight, and Accountability
- AI-related Roles and Responsibilities
- Accountability and AI
- RACI for AI Solutions
AI Policies, Procedures, and Organizational Training
- AI Acceptable Use Policy
- AI Policy Development
- AI Procedures and Manuals
- Organizational Culture and AI Risk Governance
- Elements of Effective AI Training and Awareness
AI Regulatory Compliance and Legal Considerations
- Compliance With Laws and Regulations
- Gaps in Regulatory Coverage
- Mapping Legal Requirements for AI
- Assessing Legal Exposure and Liability for AI Actions
- Intellectual Property Considerations in AI
- Vendor Contract Review
AI Trustworthiness, Ethical and Societal Implications
- Responsible Use of AI Systems 68
- Bias and Fairness
- Transparency and Explainability
- Trust and Safety
- Human Rights and Societal Impact
- Environmental Impact
AI Design, Development, Procurement, and Documentation
- Plan and Design
- Data Requirements for AI Models
- Procurement of AI Solutions
- Build, Adapt, and Document Models
AI Model Training, Testing and Validation
- Sourcing Datasets
- Validating the Data
- Model Training
- Model Testing and Validation
- Model Performance and Fine Tuning
AI Implementation, Maintenance, and Decommissioning
- AI Deployment and Implementation
- Robustness and Scalability Considerations
- Monitoring and Managing Model Drift
- Change Management in AI Systems
- Decommissioning AI Solutions
AI Data and Asset Management
- AI Asset Inventory
- Data Collection for AI
- Data Classification
- Data Confidentiality
- Data Quality
- Data Balancing
- Data Scarcity
- Data Security
- Data Preparation and Normalization
- Data Minimization and Privacy Considerations
AI Risk Scenario Identification and Assessment
- AI Threat Landscape
- AI Threat Modeling
- Development of AI Risk Scenarios
- AI Risk Classification
- AI Risk Assessment
AI Risk Treatment Strategies
- Accept
- Avoid
- Mitigation
- Transfer/Share
AI Controls Management
- AI Control Types and Control Frameworks
- AI Control Selection and Validation
- Control Performance
- Controls Specific to AI Solutions
- Use of AI in Control Management
AI Risk Metrics, Monitoring, and Reporting
- Risk and Performance Metrics
- AI Risk Reportings
AI Supply Chain Risk Management
- AI Vendor Management
- AI Shared Responsibility Model
- AI Software Supply Chain Risk
- Cloud Computing Risk in AI Supply Chains
AI Incident Response, BIA, Business Continuity, and Disaster Recovery
- AI Business Impact Analysis
- Prepare
- Identify and Report
- Assess
- Respond
- Post-incident Review
