{"product_id":"isaca-advanced-in-ai-security-management-aaism-certification","title":"ISACA Advanced in AI Security Management (AAISM) Certification","description":"\u003cdiv\u003e\u003cp\u003eISACA Advanced in AI Security Management (AAISM) validates security management professionals’ ability to demonstrate their expertise in AI. This credential builds upon existing security best practices to enhance expertise and adapt to the evolving AI-driven landscape, ensuring robust protection and a strategic edge.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISACA Advanced in AI Security Management (AAISM) Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eIn this course you will learn skills which:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablishes AI-Specific Security Expertise\u003c\/li\u003e\n\u003cli\u003eBridges the Gap Between AI and Cybersecurity\u003c\/li\u003e\n\u003cli\u003eAligns with Enterprise Governance and Risk Needs\u003c\/li\u003e\n\u003cli\u003eBuilt on ISACA’s Trusted Frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eMust possess a CISM or CISSP to be eligible for Certification.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eAI Security Management Certification Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 1: AI Governance and Program Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eStakeholder Considerations, Industry Frameworks, and Regulatory Requirements\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOrganizational Structure and Overall Governance\u003c\/li\u003e\n\u003cli\u003eRoles and Responsibilities\u003c\/li\u003e\n\u003cli\u003eCharter and Steering Committee\u003c\/li\u003e\n\u003cli\u003eIdentifying Stakeholders\u003c\/li\u003e\n\u003cli\u003eRisk Appetite and Tolerance\u003c\/li\u003e\n\u003cli\u003eFrameworks, Standards, and Regulations\u003c\/li\u003e\n\u003cli\u003eSelecting appropriate Frameworks\u003c\/li\u003e\n\u003cli\u003eBusiness and Use Cases for AI\u003c\/li\u003e\n\u003cli\u003ePrivacy Considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI-related Strategies, Policies, and Procedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Strategy\u003c\/li\u003e\n\u003cli\u003eConsumer v. Enterprise\u003c\/li\u003e\n\u003cli\u003eBuy vs. Build\u003c\/li\u003e\n\u003cli\u003eAI Policies\u003c\/li\u003e\n\u003cli\u003eResponsible Use\u003c\/li\u003e\n\u003cli\u003eAcceptable Use\u003c\/li\u003e\n\u003cli\u003eAI Procedures\u003c\/li\u003e\n\u003cli\u003eImplementation\u003c\/li\u003e\n\u003cli\u003eManuals\u003c\/li\u003e\n\u003cli\u003eEthics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Asset and Data Life Cycle Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Asset and Data Inventory\u003c\/li\u003e\n\u003cli\u003eInventory management\u003c\/li\u003e\n\u003cli\u003eModel cards\u003c\/li\u003e\n\u003cli\u003eData handling, classification, discovery\u003c\/li\u003e\n\u003cli\u003eData Augmentation and Cleaning\u003c\/li\u003e\n\u003cli\u003eData Storage\u003c\/li\u003e\n\u003cli\u003eData Protection\u003c\/li\u003e\n\u003cli\u003eDestruction\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Security Program Development and Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDocumented Program Plan\u003c\/li\u003e\n\u003cli\u003eSecurity team, roles, responsibilities, and proficiencies\u003c\/li\u003e\n\u003cli\u003eAlignment to existing info sec\u003c\/li\u003e\n\u003cli\u003eUse of AI-enabled security tools in the program\u003c\/li\u003e\n\u003cli\u003eMetrics and management\u003c\/li\u003e\n\u003cli\u003eKRIs and KPIs for AI use with regard to the security\u003c\/li\u003e\n\u003cli\u003eManagement reporting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBusiness Continuity and Incident Response\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIncident detection\u003c\/li\u003e\n\u003cli\u003eNotification\u003c\/li\u003e\n\u003cli\u003eIncident classification\u003c\/li\u003e\n\u003cli\u003eCriticality and severity\u003c\/li\u003e\n\u003cli\u003eResiliency\u003c\/li\u003e\n\u003cli\u003eBusiness Continuity Plan\u003c\/li\u003e\n\u003cli\u003eRed-button requirements for compliance\u003c\/li\u003e\n\u003cli\u003eIncident response playbooks specifically for AI\u003c\/li\u003e\n\u003cli\u003eBreak glass policies\/ go no go • Authority\u003c\/li\u003e\n\u003cli\u003eRTO RPO – AI perspective\u003c\/li\u003e\n\u003cli\u003eDisaster recovery\u003c\/li\u003e\n\u003cli\u003eTesting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 2. AI Risk Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAI Risk Assessment, Thresholds, and Treatment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImpact assessment\u003c\/li\u003e\n\u003cli\u003eConformity assessment\u003c\/li\u003e\n\u003cli\u003ePIAs\u003c\/li\u003e\n\u003cli\u003eRisk documentation\u003c\/li\u003e\n\u003cli\u003eAcceptable levels of risk\u003c\/li\u003e\n\u003cli\u003eTreatment plans\u003c\/li\u003e\n\u003cli\u003eKRIs and KPIs for AI us\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI-related Strategies, Policies, and Procedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePEN test\u003c\/li\u003e\n\u003cli\u003eVulnerability tests\u003c\/li\u003e\n\u003cli\u003eRed teaming\u003c\/li\u003e\n\u003cli\u003eAI related vulnerabilities\u003c\/li\u003e\n\u003cli\u003eAdversarial threats\u003c\/li\u003e\n\u003cli\u003eThreat intelligence\u003c\/li\u003e\n\u003cli\u003eAI-enabled threats\/Attack chains\u003c\/li\u003e\n\u003cli\u003eAnomalies\u003c\/li\u003e\n\u003cli\u003eThreat landscape\u003c\/li\u003e\n\u003cli\u003eDeep fakes\u003c\/li\u003e\n\u003cli\u003eInsider threat\u003c\/li\u003e\n\u003cli\u003eAI agents\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Vendor and Supply Chain Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDependencies of software packages and libraries\u003c\/li\u003e\n\u003cli\u003eVendor due diligence and contracts\u003c\/li\u003e\n\u003cli\u003eSLAs\u003c\/li\u003e\n\u003cli\u003eVendor usage\u003c\/li\u003e\n\u003cli\u003eAccountability models\u003c\/li\u003e\n\u003cli\u003eProvider vs. deployer\u003c\/li\u003e\n\u003cli\u003eThird, fourth, and fifth parties\u003c\/li\u003e\n\u003cli\u003eOwnership and intellectual property\u003c\/li\u003e\n\u003cli\u003eAccess controls\u003c\/li\u003e\n\u003cli\u003eLiability\u003c\/li\u003e\n\u003cli\u003eVendor monitoring for risk and changes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 3. AI Technologies and Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAI Security Architecture and Design\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eChange management\u003c\/li\u003e\n\u003cli\u003eSDL\u003c\/li\u003e\n\u003cli\u003eSecure by design\u003c\/li\u003e\n\u003cli\u003eSecuring infrastructure as code\u003c\/li\u003e\n\u003cli\u003eData flows\u003c\/li\u003e\n\u003cli\u003eApproved base models\u003c\/li\u003e\n\u003cli\u003eInterconnectivity and interaction with architecture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Life Cycle (e.g., model selection, training, and validation)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTesting models interconnectivity\u003c\/li\u003e\n\u003cli\u003eLinkages between models\u003c\/li\u003e\n\u003cli\u003eRegression\u003c\/li\u003e\n\u003cli\u003eModel testing\u003c\/li\u003e\n\u003cli\u003eProgression\u003c\/li\u003e\n\u003cli\u003eTEVV\u003c\/li\u003e\n\u003cli\u003eModel accuracy testing and evaluation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eData Management Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData collection\u003c\/li\u003e\n\u003cli\u003eData control\u003c\/li\u003e\n\u003cli\u003eData Poisoning\u003c\/li\u003e\n\u003cli\u003eBIAS\u003c\/li\u003e\n\u003cli\u003eAccuracy\u003c\/li\u003e\n\u003cli\u003eData position requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePrivacy, Ethical, Trust and Safety Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExplainability\u003c\/li\u003e\n\u003cli\u003ePrivacy controls – like right to be forgotten, data subject rights\u003c\/li\u003e\n\u003cli\u003eConsent\u003c\/li\u003e\n\u003cli\u003eTransparency\u003c\/li\u003e\n\u003cli\u003eDecision making\u003c\/li\u003e\n\u003cli\u003eFairness\u003c\/li\u003e\n\u003cli\u003eEthics\u003c\/li\u003e\n\u003cli\u003eAutomated decision making\u003c\/li\u003e\n\u003cli\u003eHuman in the loop\u003c\/li\u003e\n\u003cli\u003eTrust and safety - content moderation\u003c\/li\u003e\n\u003cli\u003ePotential harm\u003c\/li\u003e\n\u003cli\u003eEnvironmental impacts\u003c\/li\u003e\n\u003cli\u003eData minimization and anonymization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity Controls and Monitoring\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity monitoring metrics\u003c\/li\u003e\n\u003cli\u003eSelecting the right controls\u003c\/li\u003e\n\u003cli\u003eImplementing controls\u003c\/li\u003e\n\u003cli\u003eSelf-assessment of controls (CSA)\u003c\/li\u003e\n\u003cli\u003eControl life cycle\u003c\/li\u003e\n\u003cli\u003eContinuous monitoring\u003c\/li\u003e\n\u003cli\u003eKPIs and KRIs for security controls and monitoring\u003c\/li\u003e\n\u003cli\u003eTechnical controls\u003c\/li\u003e\n\u003cli\u003eThreat controls mapping\u003c\/li\u003e\n\u003cli\u003eSecurity awareness training\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A68US \/ 2026-06-29T09:00:00 \/ Online","offer_id":47534201602267,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"268C85US \/ 2026-08-26T09:00:00 \/ Herndon, VA","offer_id":48216556503259,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26AB39US \/ 2026-10-26T09:00:00 \/ Herndon, VA","offer_id":48216556798171,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26CB26US \/ 2026-12-14T09:00:00 \/ Herndon, VA","offer_id":48216556830939,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"272B12US \/ 2027-02-24T09:00:00 \/ Herndon, VA","offer_id":48294630719707,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"274B25US \/ 2027-04-26T09:00:00 \/ Herndon, VA","offer_id":48669371662555,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"269D42US \/ 2026-09-28T09:00:00 \/ Online","offer_id":48837147656411,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"269D43US \/ 2026-09-14T09:00:00 \/ Online","offer_id":48837147689179,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true}],"url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/products\/isaca-advanced-in-ai-security-management-aaism-certification","provider":"Learning Tree International","version":"1.0","type":"link"}