Trending Courses

Vendors

Skip Navigation Links

Overview

The first advanced AI audit-specific certification, ISACA Advanced in AI Audit™ (AAIA™), builds on the skills validated by CISA®—and qualified CIA (IIA) and CPA (AICPA) skills—to empower experienced IT auditors to face the AI challenges and become leaders in the emerging AI world.
img-course-overview.jpg

What You'll Learn

  • Advise stakeholders on AI solutions, implement ethical and responsible AI policies, and manage AI-related risk and data governance.
  • Assess AI solution lifecycles (design, development, deployment, monitoring, decommissioning) in alignment with business objectives, policies and procedures.
  • Apply audit planning, testing, sampling, data analytics, and reporting techniques specifically for AI systems and outputs.

Who Should Attend

  • Experienced IT audit professionals and advisors who hold an active qualifying designation (for example: CISA or equivalent) and are involved in auditing, assessing, implementing or advising on AI systems.
  • Professionals who assess, implement, maintain or audit AI systems and wish to demonstrate advanced expertise in AI auditing, governance and risk.
img-who-should-learn.png

Prerequisites

Must possess a CISA, CPA or CIA to be eligible for certification

Learning Journey

Coming Soon...

1. AI Governance and Risk

A. AI Models, Considerations, and Requirements

Types of AI

  • Generative
  • Predictive
  • Narrow
  • General

Machine Learning/AI Models

  • Basic models
  • Neural networks

Algorithms

  • Classes of algorithms
  • Additional AI considerations (technical terms and
  • concepts relevant to the IS auditor)

AI Lifecycle Overview

  • Plan and design
  • Collect and process data
  • Build and/or adapt model(s)
  • Test, evaluate, verify, and validate
  • Make available for use/deploy
  • Operate and monitor
  • Retire/decommission

Business Considerations

  • Business use cases, needs, scope, and objectives
  • Cost-benefit analysis
  • Return on investment
  • Internal vs. cloud hosting
  • Vendors
  • Shared responsibility

B. AI Governance and Program Management

AI Strategy

  • Strategies
  • Opportunities
  • Vision and mission
  • Value alignment

AI-Related Roles and Responsibilities

  • Categories, focuses, and common examples

AI-Related Policies and Procedures

  • Usage policies

AI-Related Policies and Procedures

  • Skills, knowledge, and competencies

Program Metrics

  • Examples of metrics with objectives and definitions

C. AI Risk Management

AI-Related Risk Identification

  • AI threat landscape
  • AI risks
  • Challenges for AI risk management

Risk Assessment

  • Risk assessment
  • Risk appetite and tolerance
  • Risk mitigation and prioritization
  • Remediation plans/best practices

Risk Monitoring

  • Continuous improvement
  • Risk and performance metrics

D. Privacy and Data Governance Programs

Data Governance

  • Data classification
  • Data clustering
  • Data licensing
  • Data cleansing and retention

Privacy Considerations

  • Data privacy
  • Data ownership (governance and privacy)

 Privacy Regulatory Considerations 

  • Data consent
  • Collection, use, and disclosure

E. Leading Practices, Ethics, Regulations, and Standards for AI Standards, Frameworks, and Regulations Related to AI

  • Best practices
  • Industry standards and frameworks
  • Laws and regulations

Ethical Considerations

  • Ethical use
  • Bias and fairness
  • Transparency and explainability
  • Trust and safety
  • IP considerations
  • Human rights

2. AI Operations

A. Data Management Specific To AI

Data Collection

  • Consent
  • Fit for purpose
  • Data lag

Data Classification

Data Confidentiality

Data Quality

Data Balancing

Data Scarcity

Data Security

  • Data encoding
  • Data access
  • Data secrecy
  • Data replication
  • Data backup

B. AI Solution Development Methodologies and Lifecycle

AI Solution Development Life Cycle

  • Use case development
  • Design
  • Development
  • Deployment
  • Monitoring and maintenance
  • Decommission

Privacy and Security by Design

  • Explainability
  • Robustness

C. Change Management Specific To AI

Change Management Considerations

  • Data dependency
  • AI model
  • Regulatory and societal impact
  • Emergency changes
  • Configuration management

D. Supervision of AI Solutions

AI Agency

  • Logging and monitoring
  • AI observability
  • Human in the Loop (HITL)
  • Hallucination

E. Testing Techniques for AI Solutions

Conventional Software Testing Techniques

  • A/B testing
  • Unit and integration testing
  • Objective verification
  • Code reviews
  • Black box testing

AI-Specific Testing Techniques

  • Model cards
  • Bias testing
  • Adversarial testing

F. Threats and Vulnerabilities Specific To AI

Types of AI-Related Threats

  • Training data leakage
  • Data poisoning
  • Model poisoning
  • Model theft
  • Prompt injections
  • Model evasion
  • Model inversion
  • Threats for using vendor supplied AI
  • AI solution disruption

Controls for AI-Related Threats

  • Threat and vulnerability identification
  • Prompt templates
  • Defensive distillation
  • Regularization

G. Incident Response Management Specific To AI

Prepare

  • Policies, procedures, and model documentation
  • Incident response team
  • Tabletop exercises

Identify and Report

Assess

Respond 

  • Containment
  • Eradication
  • Recovery

Post-Incident Review

3. AI Auditing Tools and Techniques

A. Audit Planning and Design

Identification of AI Assets and Controls

  • Inventory objective and procedure
  • Inventory and data gathering methods
  • Documentation
  • Surveys
  • Interviews

Types of AI Controls

  • Examples including control categories, controls, and explanations

Audit Use Cases

  • Large language models
  • Audit process improvement
  • Generative AI
  • Audit-specific AI applications

Internal Training for AI Use

  • Key components for auditor knowledge
  • Practical skills development

B. Audit Testing and Sampling Methodologies

Designing an AI Audit

  • AI audit objectives
  • Audit scoping and resources

AI Audit Testing Methodologies

  • AI systems overall testing
  • Financial models

AI Sampling

  • Judgmental sampling
  • AI sampling

Outcomes of AI Testing

  • Reduce false positives
  • Reduce workforce needs
  • Outliers

C. Audit Evidence Collection Techniques

Data Collection

  • Training and testing data
  • Unstructured and structured data collection
  • Extract, transform, and load
  • Data manipulation
  • Scraping

Walkthroughs and Interviews

  • Design interview questions

AI Collection Tools

  • Using AI to collect logs
  • AI agents to create outputs
  • Voice to speech
  • Optimal character recognition

D. Audit Data Quality and Data Analytics

Data Quality

  • Optimization

Data Analytics

  • Sentiment analysis
  • Run data analytics

Data Reporting

  • Reports
  • Dashboards

E. AI Audit Outputs and Reports

Reports

  • Report types (examples and details)
  • Advisory reports
  • Charts and visualizations

Audit Follow-up

  • Automated follow-up

Quality Assurance

img-exam-cert

Frequently Asked Questions (FAQs)

  • Why get ISACA certified?

    ISACA certifications validate your expertise in critical areas like IT governance, risk management, audit, and cybersecurity.

    These globally recognized credentials demonstrate your commitment to professional standards and best practices, enhancing your credibility and opening doors to career advancement.

    ISACA-certified professionals are highly sought after by employers worldwide, as they possess the knowledge and skills to navigate the complex landscape of IT governance, risk, and cybersecurity.

  • What to expect for the examination?

    ISACA certification exams are rigorous assessments designed to test your knowledge and understanding of specific domains.

    Exams typically consist of multiple-choice questions, and some may include scenario-based questions that assess your ability to apply your knowledge in real-world situations.

    Note: Certification requirements and policies may be updated by ISACA from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • How long is ISACA certification valid for?

    ISACA certifications do not expire. However, to maintain your certified status and demonstrate your ongoing commitment to professional development, you must: adhere to the Continuing Professional Education (CPE) policy.

    This involves earning and reporting a specific number of CPE hours annually through activities like attending conferences, webinars, training courses, or self-study.

    Other requirements include paying an annual maintenance fee as well as complying with the annual CPE audit if selected.

    Note: Certification requirements and policies may be updated by ISACA from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • Why take this course with Trainocate?

    Here’s what sets us apart:

    - Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 24 countries (and counting!).

    - Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.

    - Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.

    - Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.

    - Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.

    - Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.

Keep Exploring

Course Curriculum

Course Curriculum

Training Schedule

Training Schedule

Exam & Certification

Exam & Certification

FAQs

Frequently Asked Questions

img-improve-career.jpg

Improve yourself and your career by taking this course.

More Courses By ISACA

Browse All Courses
cisa-certified-information-systems-auditor-training
ISACA Certifications

Certified Information Systems Auditor

Trainocate’s Certified Information Systems Auditor (CISA) training teaches IT auditing, risk management, and compliance. Earn ISACA CISA certification in this hands-on course.
ILT VILT
Course Duration 5 Days
cgeit-certified-in-the-governance-of-enterprise-it-training
ISACA Certifications

Certified in the Governance of Enterprise IT

Trainocate’s Certified in the Governance of Enterprise IT (CGEIT) training teaches IT governance and risk management. Earn ISACA CGEIT certification in this hands-on course.
ILT VILT
Course Duration 4 Days
crisc-certified-in-risk-and-information-systems-control-training
ISACA Certifications

Certified in Risk and Information Systems Control

Trainocate’s Certified in Risk and Information Systems Control (CRISC) training teaches IT risk management and controls. Earn ISACA CRISC certification in this hands-on course.
ILT VILT
Course Duration 4 Days
img-get-info.jpg

Ready to Take Your Business from Great to Awesome?

Level-up by partnering with Trainocate. Get in touch today.

Name*
Email*
Phone*
I'm inquiring for
Inquiry Details*

By submitting this form, you consent to Trainocate processing your data to respond to your inquiry and provide you with relevant information about our training programs, including occasional emails with the latest news, exclusive events, and special offers.

You can unsubscribe from our marketing emails at any time. Our data handling practices are in accordance with our Privacy Policy.

Stay Connected. Be the first to Know.

Company

Vendors

Services

Customer Service

© Copyright Trainocate 2025. All rights reserved.