The ISACA advanced credential for security managers building an AI security programme. AI threat modelling, secure model lifecycle, AI security operations. Three-day intensive, CISM recommended as foundation.
For
Honest call
We'd rather you keep your money than buy the wrong path.
Outcomes
Public sessions
Open-enrolment cohorts. Pick a date and book your seat. Want a private cohort for your team instead? Request an in-house quote.
No confirmed live cohort right now. You can still:
FAQ
CISM is strongly recommended. The AAISM curriculum assumes security-management fluency (governance, programme management, incident response). Without that foundation, the management-level discussions in the cohort will be hard to follow.
Equivalents accepted in practice: CISSP, ISO 27001 Lead Implementer with management experience, or three years operating a security programme. Cyber Academy will assess prerequisites case-by-case before enrolment.
ISO 42001 Lead Implementer (PECB) builds the AIMS management system. AAISM (ISACA) is narrower and more security-focused: it covers AI-specific security controls (threat modelling, secure model lifecycle, AI incident response, supply-chain risk for AI dependencies) that the AIMS standard does not detail.
A typical implementation path: ISO 42001 Lead Implementer to build the AIMS, AAISM to operate the security workstream within it.
Prompt injection (direct and indirect), training-data poisoning, model evasion via adversarial examples, model inversion, membership inference, data exfiltration via output, supply-chain attacks via foundation models and AI plugins, AI agent escalation. Plus the operational side: monitoring model drift, detecting prompt-injection attempts in production, AI-specific incident response runbooks.
Three hours, scenario-based plus multiple-choice. Computer-based at a PSI testing centre. Same scoring scale as other ISACA credentials.
Taught by a practicing CISO. Prices shown up front. Certified or refunded.