ISACA Advanced in AI Audit (AAIA)

This course is designed for professionals responsible for auditing, governing, or managing AI systems within their organizations, including:

- IT Auditors and Risk Professionals seeking to expand their expertise into AI auditing.

- AI Governance and Compliance Officers tasked with ensuring ethical and regulatory adherence.

- Cybersecurity and Data Privacy Specialists who need to understand AI-specific risks and controls.

- AI Program Managers and Project Leads overseeing AI solution development and lifecycle management.

- Internal and External Auditors who perform audits on AI systems and related processes.

Ideal for individuals preparing for ISACA’s Advanced in AI Audit (AAIA) certification or those looking to strengthen their knowledge of AI governance, risk management, and auditing practices.

After completing this course you should be able to:

• Establish AI Governance and Risk Frameworks
• Assess and Manage AI Risks
• Oversee AI Operations and Development
• Apply AI-Specific Testing and Security Controls
• Conduct AI-Focused Audits

Domain 1: AI Governance and Risk

AI Models, Considerations and Requirements

• Types of AI
• Machine Learning/AI Models
• Algorithms
• AI Life Cycle
• Business Considerations

AI Governance and Program Management

• AI Strategy
• AI-Related Roles and Responsibilities
• AI-Related Policies and Procedures
• AI Training and Awareness
• Program Metrics

AI Risk Management

• AI-Related Risk Identification
• Risk Assessment
• Risk Monitoring

Privacy and Data Governance Programs

• Data Governance
• Privacy Considerations

Leading Practices, Ethics, Regulations and Standards for AI 

• Standards, Frameworks, and Regulations Related to AI
• Ethical Considerations 

Domain 2: AI Operations

Data Management Specific to AI

• Data Collection
• Data Classification
• Data Confidentiality
• Data Quality
• Data Balancing
• Data Scarcity
• Data Security

AI Solution Development Methologies and Lifecycle

• AI Solution Development Life Cycle
• Privacy and Security by Design

Change Management Specific to AI 

• Change Management Considerations

Supervision of AI Solutions  

• AI Agency

Testing Techniques for AI Solutions

• Conventional Software Testing Techniques Applied to AI Solutions
• AI-Specific Testing Techniques

Threats and Vulnerabilities Specific to AI   

• Types of AI-Related Threats
• Controls for AI-Related Threats

Incident Response Management Specific to AI 

• Prepare
• Identify and Report
• Assess
• Respond
• Post-Incident Review

Domain 3: AI Auditing Tools & Techniques

Audit Planning and Design

• Identification of AI Assets
• Types of AI Controls
• AI Audit Use Cases
• Internal Training for AI Use

Audit Testing and Sampling Methodolgies  

• Designing an AI Audit
• AI Audit Testing Methodologies
• AI Sampling Testing
• AI Outcomes Sample
• AI Audit Process

Audit Evidence Collection Techniques 

• Data Collection
• Walkthroughs and Interviews
• AI Collection Tools

Audit Data Quality and Data Analytics

• Data Quality
• Data Analytics
• Data Reporting

AI Audit Outputs and Reports  

• Reports
• Audit Follow-up
• Quality Assurance

It is recommended that you have the following prerequisites:

• A solid understanding of IT governance, risk management, and compliance frameworks.
• Familiarity with AI concepts and terminology, including machine learning models and data governance.
• Basic knowledge of information security and privacy principles.
• Experience with audit processes and methodologies in a technology environment.
• ISACA CISA Certification (Certified Information Systems Auditor) or equivalent auditing experience.

• CISAU - CISA®, Certified Information Systems Auditor® + Oefen vragen (QAE)

Recommended as preparation for the following exams:

• AAIA - ISACA - Advanced in AI Audit