AI Governance/Auditor Fundamentals Course

Lesson 1 · Video

AI Governance/Auditor Intro

Lesson 2 · Video

Module 1: Foundations of AI Governance

Lesson 3 · Video

The Governance Imperative

Artificial intelligence is transforming how organizations make decisions, deliver services, manage operations, and create value. As AI adoption accelerates, the need for governance has become increasingly important. This lesson introduces the governance imperative and explores why organizations must establish oversight, accountability, transparency, and risk management practices for AI systems. Learners will examine the foundational principles of AI governance, understand the relationship between trust and responsible AI adoption, and explore how governance frameworks help organizations balance innovation with control. This lesson establishes the foundation for understanding AI governance throughout the Certified AI Governance Auditor program.

Lesson 4 · Video

Risk Taxonomy & Materiality

Artificial intelligence introduces a wide range of risks that organizations must identify, assess, and manage effectively. This lesson explores AI risk taxonomy and materiality, providing learners with a structured approach for understanding how AI-related risks emerge across the lifecycle of AI systems. Learners will examine operational, legal, ethical, compliance, security, and reputational risks while exploring methods used to prioritize risks based on their potential impact and likelihood. Understanding AI risk classification and materiality helps organizations allocate resources appropriately, strengthen governance programs, and support informed decision-making in increasingly complex AI environments.

Lesson 5 · Video

AI Governance Maturity Models

AI governance is not a static capability. As organizations adopt more AI systems and face evolving regulatory, operational, and ethical challenges, governance programs must mature over time. This lesson explores AI governance maturity models and how organizations assess, benchmark, and improve their governance capabilities. Learners will examine maturity levels, assessment criteria, capability measurement, continuous improvement practices, and governance benchmarking approaches. Understanding governance maturity enables organizations to identify strengths, address weaknesses, prioritize investments, and establish long-term governance strategies that support trustworthy, accountable, and sustainable AI adoption.

Lesson 6 · Video

Governance Frameworks Overview

AI governance frameworks provide organizations with structured approaches for managing risk, accountability, transparency, and compliance throughout the AI lifecycle. This lesson introduces major governance frameworks and standards used to support trustworthy AI systems. Learners will explore how governance frameworks establish common principles, controls, and best practices that guide responsible AI adoption. The lesson examines leading frameworks, their objectives, and their role in supporting governance programs, regulatory readiness, assurance activities, and organizational accountability. Understanding governance frameworks enables auditors to assess governance maturity and evaluate how organizations align AI practices with recognized standards.

Lesson 7 · Video

Module 2: Regulation, Compliance & Audit Readiness

Lesson 8 · Video

EU AI Act Deep Dive

The European Union AI Act represents the world's first comprehensive regulatory framework specifically designed for artificial intelligence. As one of the most influential AI regulations globally, it establishes a risk-based approach that categorizes AI systems according to their potential impact on individuals and society. In this lesson, learners will explore the structure, objectives, and compliance requirements of the EU AI Act, including prohibited practices, high-risk system obligations, transparency requirements, and enforcement mechanisms. Understanding the EU AI Act is essential for AI governance auditors because its principles are shaping regulatory expectations, governance programs, and compliance frameworks around the world.

Lesson 9 · Video

Global Regulatory Landscape

Artificial intelligence is a global technology, but AI governance is shaped by regional laws, cultural values, regulatory priorities, and political systems. This lesson examines the global regulatory landscape, comparing major AI governance frameworks across North America, Europe, Asia, and international organizations. Learners will explore how different jurisdictions approach accountability, transparency, risk management, and compliance while examining the challenges organizations face when deploying AI across multiple countries. Understanding these regulatory differences is essential for AI governance auditors responsible for evaluating multinational AI programs and ensuring compliance in an increasingly interconnected regulatory environment.

Lesson 10 · Video

Data Protection & Privacy Integration

Artificial intelligence depends heavily on data, making privacy and data protection central concerns within AI governance. This lesson examines how major privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), intersect with AI systems and governance programs. Learners will explore lawful processing requirements, data minimization principles, privacy-by-design practices, records of processing activities, and cross-border data transfer obligations. Understanding how privacy requirements integrate into AI governance enables organizations to build trustworthy AI systems while meeting legal, regulatory, and ethical obligations related to personal data.

Lesson 11 · Video

Audit Evidence & Documentation

Effective AI governance depends on evidence. Organizations must be able to demonstrate how AI systems were designed, trained, tested, approved, deployed, monitored, and governed throughout their lifecycle. This lesson explores audit evidence and documentation within AI governance programs, examining the records, artifacts, and traceability mechanisms that support accountability and assurance. Learners will explore model cards, datasheets, system factsheets, audit trails, provenance records, and governance documentation practices. Understanding audit evidence is essential for AI governance auditors because governance cannot be verified through intentions alone—it must be supported by documented, traceable, and auditable evidence.

Lesson 12 · Video

Internal Controls & Assurance Testing

Internal controls are the operational mechanisms that transform AI governance principles into measurable and auditable practices. This lesson explores how organizations design, implement, and evaluate internal controls to manage AI risks, ensure compliance, and support trustworthy AI outcomes. Learners will examine preventive, detective, and corrective controls, control ownership, assurance testing methodologies, evidence collection practices, and control effectiveness assessments. Understanding internal controls and assurance testing enables AI governance auditors to evaluate whether governance requirements are functioning as intended and whether organizations can demonstrate ongoing accountability, transparency, and compliance.

Lesson 13 · Video

Module 3: AI Lifecycle Assurance & Audit Scope

Lesson 14 · Video

The AI Lifecycle Framework

Artificial intelligence systems pass through multiple stages from initial planning and data collection to deployment, operation, monitoring, and eventual retirement. Each stage introduces unique governance responsibilities, risks, controls, and accountability requirements. In this lesson, learners explore the AI lifecycle framework and examine how governance must be integrated throughout the entire lifecycle rather than applied only during development. The lesson introduces governance checkpoints, accountability structures, lifecycle documentation, and review mechanisms that support regulatory compliance, audit readiness, and trustworthy AI operations. Understanding lifecycle governance provides the foundation for assessing AI systems consistently and effectively across their entire operational journey.

Lesson 15 · Video

Data Governance & Quality Assurance

Data is the foundation of every AI system. The quality, integrity, lineage, and governance of data directly influence the trustworthiness, fairness, reliability, and compliance of AI outcomes. This lesson explores data governance and quality assurance within AI environments, examining how organizations manage data throughout its lifecycle. Learners will study data sourcing, validation, labeling, stewardship, metadata management, lineage tracking, retention practices, and quality controls. Understanding data governance is essential for AI governance auditors because weaknesses in data management frequently become the root cause of AI failures, compliance issues, operational risks, and governance deficiencies.

Lesson 16 · Video

Model Registries & Artifact Integrity

AI systems depend on more than models alone. Organizations must manage datasets, trained models, configurations, dependencies, documentation, and deployment packages throughout the AI lifecycle. This lesson explores model registries and artifact integrity, examining how organizations maintain visibility, traceability, provenance, and trust in AI assets. Learners will study model registries, artifact management practices, version control, lineage tracking, cryptographic integrity controls, and reproducibility requirements. Understanding artifact governance is essential for AI governance auditors because accountability, compliance, and assurance depend on the ability to identify, verify, and trace AI assets throughout their lifecycle.

Lesson 17 · Video

Deployment & Change Management

Deploying an AI system into production represents one of the most critical transitions in the AI lifecycle. Organizations must ensure that systems are released safely, monitored appropriately, and modified through controlled governance processes. This lesson explores deployment governance and change management, examining approval workflows, release controls, rollback planning, change authorization, segregation of duties, and deployment assurance activities. Learners will study how organizations manage AI system changes while maintaining accountability, traceability, compliance, and operational stability. Understanding deployment and change governance is essential for auditors evaluating whether AI systems are introduced and modified in a controlled and trustworthy manner.

Lesson 18 · Video

Monitoring, Drift & Incident Response

AI governance does not end when a model is deployed. Organizations must continuously monitor AI systems, identify performance degradation, detect emerging risks, respond to incidents, and maintain trust throughout operational use. This lesson explores monitoring, drift detection, and incident response within AI governance programs. Learners will examine operational monitoring practices, model drift, data drift, incident classification, root cause analysis, corrective actions, and post-incident governance reviews. Understanding monitoring and incident response is essential for AI governance auditors because ongoing assurance depends on an organization's ability to identify, investigate, and remediate issues before they create significant operational, regulatory, or reputational harm.

Lesson 19 · Video

Decommissioning & Lifecycle Closure

Every AI system eventually reaches the end of its operational lifecycle. Whether due to changing business requirements, declining performance, regulatory obligations, technology modernization, or risk considerations, organizations must retire AI systems in a controlled and accountable manner. This lesson explores decommissioning and lifecycle closure, examining retirement planning, evidence retention, archival requirements, data disposition, access revocation, compliance obligations, and lessons-learned processes. Learners will study how organizations preserve accountability after systems are retired while ensuring that governance, auditability, and regulatory requirements continue to be satisfied. Understanding lifecycle closure is essential for evaluating complete AI governance programs.

Lesson 20 · Video

Module 4: AI Security & Risk Controls

Lesson 21 · Video

AI Threat Landscape

AI systems face a rapidly evolving threat landscape that extends beyond traditional cybersecurity risks. Adversaries can target training data, manipulate model behavior, extract intellectual property, or exploit AI outputs to reveal sensitive information. This lesson introduces the major categories of AI threats and examines how these risks appear throughout the AI lifecycle. Learners will explore adversarial attack techniques, threat modeling methodologies, governance-focused risk assessment approaches, and mitigation strategies that support trustworthy AI operations. Understanding the AI threat landscape is essential for governance auditors because effective assurance depends on identifying, evaluating, and managing emerging threats before they undermine security, compliance, or organizational trust.

Lesson 22 · Video

Model Privacy & Confidentiality

AI systems can unintentionally reveal sensitive information about individuals, organizations, datasets, or proprietary models. As AI adoption grows, privacy and confidentiality risks have become major governance concerns. This lesson explores how organizations protect sensitive information throughout the AI lifecycle by examining privacy threats, confidentiality controls, and governance practices designed to reduce information leakage. Learners will study membership inference attacks, model inversion, differential privacy, synthetic data, encryption technologies, and confidentiality assurance mechanisms. Understanding AI privacy and confidentiality is essential for governance auditors because protecting information is fundamental to trust, compliance, regulatory readiness, and responsible AI operations.

Lesson 23 · Video

Secrets & Credential Hygiene

AI systems depend on a wide range of secrets, credentials, tokens, encryption keys, and privileged accounts to access data, models, APIs, cloud services, and infrastructure resources. Weak secret management practices can expose organizations to unauthorized access, data breaches, model theft, and operational disruption. This lesson explores secrets and credential hygiene within AI environments, examining secret lifecycle management, vault technologies, key management systems, hardware security modules, least-privilege access controls, credential scanning, and governance oversight practices. Understanding secrets management is essential for AI governance auditors because compromised credentials remain one of the most common causes of security incidents across modern AI ecosystems.

Lesson 24 · Video

Secure Development & MLOps Assurance

AI systems are built and operated through complex development pipelines that include code, data, models, dependencies, infrastructure, and deployment automation. Weaknesses within these processes can introduce security vulnerabilities, operational failures, and governance risks. This lesson explores secure development and MLOps assurance, examining secure coding practices, dependency management, CI/CD security, artifact signing, software bills of materials (SBOMs), and open-source governance. Learners will study how organizations secure AI development environments while maintaining accountability, traceability, and operational resilience. Understanding MLOps assurance is essential for AI governance auditors evaluating the security and integrity of AI delivery pipelines.

Lesson 25 · Video

Incident Response & Forensics for AI Systems

Despite preventive controls and strong security practices, AI-related incidents can still occur. Organizations must be prepared to detect, investigate, contain, and recover from events that affect AI systems, data, models, or supporting infrastructure. This lesson explores incident response and digital forensics for AI environments, examining detection processes, investigation methodologies, evidence preservation, forensic analysis, reporting obligations, and governance oversight activities. Learners will study how organizations respond to AI-specific incidents while maintaining accountability, compliance, transparency, and operational resilience. Understanding AI incident response and forensics is essential for governance auditors evaluating organizational preparedness and security maturity.

Lesson 26 · Video

Continuous Security Monitoring

Continuous security monitoring provides organizations with ongoing visibility into threats, vulnerabilities, system behavior, and security control effectiveness across AI environments. As AI systems evolve and threat landscapes change, periodic assessments alone are insufficient to maintain trust and resilience. This lesson explores continuous security monitoring, including security telemetry, anomaly detection, integrity monitoring, SIEM integration, governance reporting, resilience metrics, and reassessment cycles. Learners will study how organizations maintain situational awareness and support continuous assurance throughout the AI lifecycle. Understanding continuous security monitoring is essential for AI governance auditors evaluating long-term security effectiveness and operational resilience.

Lesson 27 · Video

Module 5: Ethics, Professional Practice & Continuous Assurance

Lesson 28 · Video

Ethical Foundations of AI Governance

Ethics forms the foundation of trustworthy AI governance. While compliance, security, and risk management provide essential controls, ethical principles help ensure AI systems align with human values, societal expectations, and organizational responsibilities. This lesson explores the ethical foundations of AI governance through the principles of Fairness, Accountability, Transparency, and Explainability (FATE). Learners will examine ethical decision-making frameworks, bias and discrimination risks, human oversight mechanisms, and the role of organizational culture in responsible AI governance. Understanding ethical governance is essential for AI Governance Auditors because trust ultimately depends on how AI systems impact people, organizations, and society.

Lesson 29 · Video

Codes of Conduct & Professional Standards

Professional standards and ethical conduct are fundamental to effective AI governance auditing. Stakeholders rely on auditors and governance professionals to provide objective assessments, independent judgment, and trustworthy recommendations. This lesson explores professional codes of conduct, ethical responsibilities, independence requirements, conflict-of-interest management, whistleblowing considerations, and professional accountability standards. Learners will examine guidance from organizations such as ISACA, IEEE, and ACM while exploring how professional ethics influence governance decisions. Understanding professional standards is essential for AI Governance Auditors because trust in governance programs depends on the integrity and professionalism of those responsible for oversight and assurance.

Lesson 30 · Video

Stakeholder Communication & Audit Reporting

Effective AI governance depends on clear communication and accurate reporting. Governance findings, audit results, risk assessments, and assurance activities provide value only when stakeholders can understand and act upon the information presented. This lesson explores stakeholder communication and audit reporting within AI governance programs, examining reporting structures, executive communications, board reporting, risk ratings, regulator interactions, and public disclosure considerations. Learners will study how governance professionals communicate complex findings in a clear, objective, and actionable manner. Understanding communication and reporting is essential for AI Governance Auditors because governance effectiveness depends on informed decision-making by stakeholders.

Lesson 31 · Video

Continuous Assurance & Maturity Auditing

AI governance programs must evolve continuously to remain effective in changing regulatory, technological, and operational environments. Organizations need mechanisms to measure governance performance, assess maturity, identify improvement opportunities, and provide ongoing assurance to stakeholders. This lesson explores continuous assurance and maturity auditing, examining governance maturity models, continuous monitoring programs, key risk indicators, governance dashboards, automation, benchmarking, and continuous improvement practices. Learners will study how organizations evaluate and strengthen governance capabilities over time. Understanding maturity auditing and continuous assurance is essential for AI Governance Auditors because governance effectiveness depends on sustained improvement rather than one-time compliance activities.

Lesson 37 · Assessment

AI Governance/Auditor Final Exam