Certified AI Governance Professional (AIGP)

Defines AI and Machine Learning (ML) and provides an overview of the different types of AI systems, their use cases and positions AI models in the broader socio-cultural context. Topics covered include:

• The history of AI and the evolution of data science.
• The basic elements and definitions of AI and ML, basic logical-mathematical principles over whichAI/ML models operate, OECD classification of AI systems and the use cases andbenefits of AI.
•  The different types of AI/ML systems including:
  – Strong/broad and weak/narrow AI
  – The basics of machine learning and its training methods (supervised, unsupervised, semi-supervised, reinforcement)
  – Deep learning, generative AI, multi-modal models, transformer models.
  Natural language processing: text as input and output
  – Robotics and robotic processing automation (RPA).

• The AI technology stack, model types, platformsand applications.

Identifies the risks that ungoverned AI systems can have on humans and society and describes the characteristics and principles that are essential to trustworthy and ethical AI. Topics covered include:

• The core risks and harms posed by AI systems, including the potential harms to:
  – An individual (e.g., civil rights, economic opportunity, safety)
  – A group (e.g., discrimination towards sub-groups)
  – Society (e.g., democratic process, public trust in governmental institutions, educational access, jobs redistribution)
  – A company or institution (reputational, cultural, economic, acceleration risks)
  – An ecosystem (natural resources, environment, supply chain).

• What it means for an AI system to be human-centric, transparent, explainable and privacy enhanced.
• The characteristics of an accountable AI system (e.g., safe, secure and resilient, valid and reliable, fair).
• The similarities and differences among existing and emerging ethical guidance on AI, including for example OECD AI principles,European Court of Human Rights, High-level Expert Group AI; UNESCO Principles; Asilomar AI Principles etc.

Describes the AI lifecycle and the broad context in which AI risks are managed including understanding the key steps in an AI system’s:

• Planning phase to determine business objectives, scope, governance structure and responsibilities.
• Design phase to implement a data strategy and determine an AI system architecture and model.
• Development phase to build, train, test and validate the model.
• Implementation phase to undertake readiness assessments, deploy the model into production, monitor, validate and maintain it.

Explains how the major AI stakeholders collaborate, in a layered approach, to manage AI risks while fulfilling the potential benefits AI systems have for society, including how to:

• Ensure interoperability of AI risk management with other operational risk strategies, e.g., security risk, privacy risk, business risk.
• Adopt a non-prescriptive approach to allow for intelligent self-management.
• Integrate AI governance principles into the organisation ensuring:
  – Governance is risk-centric
  – Planning and design are consensus-driven
  – The framework is law, industry and technology-agnostic.

• Establish an AI governance infrastructure, including:
  – The roles and responsibilities of AI governance people and groups
  – Obtaining AI governance support from senior leadership and tech teams
  – Establishing an organisational risk strategy and tolerance level
  – Developing a central inventory of AI and ML applications and repository of algorithms
  – Provide knowledge resources and training to the organisation
  – How to use and adapt existing privacy and data governance practices for AI management
  – Creating policies to manage third-party risk to ensure end-to-end accountability.

Outlines mapping, planning and scoping AI projects, testing and validating AI systems during development, and managing and monitoring AI systems after deployment. The module includes:

• Map, plan and scope the AI project, including:
  – Defining the business case and perform cost/benefit analysis where trade-offs are considered in the design of AI systems, e.g., why AI/ML?
  – Identifying and classifying internal/external risks and contributing factors
  – Constructing a probability/severity harms matrix and a risk mitigation hierarchy
  – Performing an algorithmic impact assessment (AIA)
  – Establishing the level of human involvement/oversight in AI decision making.
  – Charting data lineage and provenance, ensuring data is representative, accurate and unbiased.

• Test and validate the AI system during development including:
  –Evaluating the trustworthiness, validity, safety, security, privacy and fairness of the AI system
  –Applying privacy-preserving machine learning and use privacy-enhancing technologies and privacy-preserving machine learning techniques to help with privacy protection in AI/ML systems
  –Understanding why AI systems fail.

• Manage and monitor AI systems after deployment, including:
  – Performing post-hoc testing to determine if AI system goals were achieved
  – Continuously improving deployed systems by tuning and retraining with new data, human feedback, etc.

‍

Reviews the current laws that govern the use of artificial intelligence. Topics covered include:

• The existing laws that interact with AI use, including knowing relevant non-discrimination laws, product safety laws, IP law, privacy laws and laws concerning the use of data.
• Knowing the laws that address unfair and deceptive practices.
• The basic requirements of the EU Digital Services Act.
• Key GDPR intersections, including automated decision making, data protection impact assessments (DPIAs) and requirements for AI conformity assessments, human supervision of algorithmic systems and an individual’s right to meaningful information about the logic of AI systems.
• Understanding liability reforms such as EU product liability law, the AI Product Liability Directive and Awareness of U.S. federal agency involvement (EO14091).

Identifies and describes global AI-specific laws and the major frameworks that show how AI systems can be responsibly governed, including:

• The requirements of the EU AI Act, including:
  – The classification framework of AI systems (prohibited, high-risk, limited risk, low risk)
  – The requirements for high-risk systems and foundation models
  – Transparency requirements, i.e., registration database
  – Notification requirements (customers and national authorities)
  – Enforcement framework and penalties for noncompliance
  – Procedures for testing innovative AI and exemptions for research.

• Other emerging global laws.

Understand the similarities and differences among the major risk management frameworks and standards.

Presents some of the current discussions and ideas about AI governance, including:

• Awareness of legal issues such as IP rights, model and data licencing etc.
• Awareness of user concerns.
• Awareness of AI auditing and accountability issues.