ISACA Advanced in AI Audit, AAIA™

ISACA Advanced in AI Audit, AAIA™

Enquire
Schedule

Overview

AI is no longer on the horizon. Organizations are embedding AI into the core of business operations, decision-making and automation. As these systems grow more complex and influential, audit professionals must evolve to ensure they are governed effectively, aligned to strategic goals, and ethically sound. Without specialized AI audit capabilities, organizations risk falling behind in both compliance and innovation.

ISACA’s AAIA certification bridges this critical skills gap by equipping credentialed auditors with the ability to audit machine learning models, intelligent automation tools, and data-driven decision systems. More than just oversight, AAIA prepares you to use AI to enhance the audit process itself.

This course provides IS auditors with the foundational knowledge and background of AI solutions to evaluate their proper governance, design, development, and security to apply their expertise in audit and assurance activities in the enterprise. The course is structured to align with the job practice and features a variety of knowledge check questions, case studies, activities, and discussions designed to apply the concepts to real-life business scenarios. 

Enquire
View Schedule
Private in-house training

Apart from public, instructor-led classes, we also offer private in-house trainings for organizations based on their needs. Call us at +852 2116 3328 or email us at [email protected] for more details.

What are the skills covered

Upon certification, successful candidates will be able to:

  • Implement AI-driven audit processes
  • Use AI to optimize audit processes
  • Respond to risk and improve oversight
  • Audit data-driven environments
  • Deliver assurance across the AI lifecycle design
  • Help implement AI to align with strategic stakeholder goals

 

 

Who should attend this course

IT Audit professionals with a CISA, CIA, or CPA certification looking to enhance their expertise in navigating AI-driven challenges while upholding the highest industry standards.

Mid-level to senior professionals who hold a CISA, CPA or CIA credential

  • IT Auditor
  • Senior IT Auditor
  • Risk Manager
  • Information Manager
Training Outlines

Domain 1 — AI Governance and Risk (33%)

This Domain demonstrates your ability to advise stakeholders on implementing AI solutions through appropriate and effective policy, risk controls, data governance and ethical standards.

A–AI Models, Considerations, and Requirements
B–AI Governance and Program Management
C–AI Risk Management
D–Privacy and Data Governance Programs
E–Leading Practices, Ethics, Regulations, and Standards for AI

 

Domain 2 — AI Operations (46%)

This domain confirms your skill in balancing sustainability, operational readiness, and the risk profile with the benefits and innovation AI promises to support enterprise-wide adoption of this powerful technology.

A–DATA MANAGEMENT SPECIFIC TO AI
B–AI SOLUTION DEVELOPMENT METHODOLOGIES AND LIFECYCLE
C–CHANGE MANAGEMENT SPECIFIC TO AI
D–SUPERVISION OF AI SOLUTIONS  (E.G., OUTPUTS, IMPACTS, AND DECISIONS)
E–TESTING TECHNIQUES FOR AI SOLUTIONS
F–THREATS AND VULNERABILITIES SPECIFIC TO AI
G–INCIDENT RESPONSE MANAGEMENT SPECIFIC TO AI

 

Domain 3 — AI Auditing Tools and Techniques (21%)

This domain focuses on optimizing audit outcomes through innovation and highlights your knowledge of audit techniques tailored to AI systems and the use of AI-enabled tools streamline audit efficiency and provide faster, quality insight.

A–AUDIT PLANNING AND DESIGN
B–AUDIT TESTING AND SAMPLING METHODOLOGIES
C–AUDIT EVIDENCE COLLECTION TECHNIQUES
D–AUDIT DATA QUALITY AND DATA ANALYTICS
E–AI AUDIT OUTPUTS AND REPORTS

 

Secondary Classifications – Tasks

  1. Evaluate impacts, opportunities, and risk when integrating AI solutions within the audit process.
  2. Utilize AI solutions to enhance audit processes, including planning, execution, and reporting.
  3. Evaluate AI solutions to advise on impact, opportunities, and risk to organization.
  4. Evaluate the impact of AI solutions on system interactions, environment, and humans.
  5. Evaluate the role and impact of AI decision-making systems on the organization and stakeholders.
  6. Evaluate the organization’s AI policies and procedures, including compliance with legal and regulatory requirements.
  7. Evaluate the monitoring and reporting of metrics (e.g., KPIs, KRIs) specific to AI.
  8. Evaluate whether the organization has defined ownership of AI-related risk, controls, procedures, decisions, and standards.
  9. Evaluate the organization’s data governance program specific to AI.
  10. Evaluate the organization’s privacy program specific to AI.
  11. Evaluate the organization’s problem and incident management programs specific to AI.
  12. Evaluate the organization’s change management program specific to AI.
  13. Evaluate the organization’s configuration management program specific to AI.
  14. Evaluate the organization’s threat and vulnerability management programs specific to AI.
  15. Evaluate the organization’s identity and access management program specific to AI.
  16. Evaluate vendors and supply chain management programs specific to AI solutions.
  17. Evaluate the design and effectiveness of controls specific to AI.
  18. Evaluate data input requirements for AI models (e.g., data appropriateness, bias, privacy).
  19. Evaluate system/business requirements for AI solutions to ensure alignment with enterprise architecture.
  20. Evaluate the AI solution lifecycle (e.g., design, development, deployment, monitoring, and decommissioning) and inputs/outputs for compliance and risk.
  21. Evaluate algorithms and models to ensure AI solutions are aligned to business objectives, policies, and procedures.
  22. Analyze the impact of AI on the workforce to advise stakeholders on how to address AI-related workforce impacts, training, and education.
  23. Evaluate that awareness programs align to the organization’s AI-related policies and procedures.

 

Certified Requirements
  • AAIA candidates must hold a CISA certification or one of the following certifications with an IT audit or IT advisory role focus: CIA, US CPA, ACCA or FCCA, Canadian CPA, Australian CPA or FCPA or the Japanese CPA designation.
  • Pass the AAIA exam
  • Adherence to the Code of Professional Ethics
Master Trainer

Mr. Alan Yau

  • CISSP, CISA, CISM, CGEIT, CRISC, CDPSE, AAIA, AAISM
  • The first and only accredited trainer of AAIA and AAISM in the region
  • Alan is currently holding a Senior Management Role as Principal Cybersecurity Consultant and Trainer with 20+ years of experience
  • Specializes in leading engagements and serving clients in Information Security, including Next Generation Security Operation Center, IT Risk Assessment, Penetration Testing and IT Audit
  • Led the implementation and execution of Next Generation Security Operation Center, Security Operation Center, Infrastructure Security for Mobile Device Management, Security Exchange 2010 and Infrastructure Security for Enterprise Cloud Services
  • Holds ISACA Accredited Trainer and Certified Mile2 Instructor credentials

Search for a course

Facebook Whatsapp Linkedin Youtube