Course Description

7 Hours of NASBA-Certified Auditing CPE

1 CPE hour = 50 minutes

Delivery Method: QAS Self Study

Artificial Intelligence (AI) is rapidly evolving. As with any new technology, security and controls lag technological growth. Effective enterprise AI Governance and Risk Management has yet to be fully addressed by many organizations. 

How well AI Governance and Risk Management is executed will have an immense impact on whether the enterprise will achieve its AI objectives and minimize risk.

In this course we will review the key elements of sound AI Governance and Risk Management. You will leave with resources and guidelines on how to approach an audit of AI Governance, including planning and critical areas for review.

The controls discussed are relevant to all AI applications whether developed in-house or using a third-party AI application.

This seminar provides the opportunity for audit and risk management to move upfront and influence AI security and controls as the technology evolves.

The intended audiences for this seminar are all auditors (IT Auditors, Business Auditors, Internal and External Auditors), Audit Management and Risk Management who have the responsibility to provide assessments of enterprise risk.

Course Objectives:

• Recognize foundational AI Governance concepts, key risks and associated controls.
• Identify internationally recognized frameworks and resources to assist in developing an AI Governance audit strategy.
• Define an audit strategy to assess key AI Governance and Risk Management controls.
• Evaluate governance oversight controls that provide assurance of AI application integrity.
• Assess AI Governance controls and procedures for AI Third-Party relationships.
  

Agenda:

Why Assess AI Governance? 

Defining AI and AI Governance 

AI Governance Risks 

AI Oversight & Monitoring 

Review of Enterprise Governance Frameworks 

• COSO Internal Control Framework 
• COSO Enterprise Risk Management Framework 
• COBIT – IT Governance Framework 
• NIST Cybersecurity Framework V2 – Governance 
  
  

Review of Global AI Governance resources including: 

• European Commission – Ethics Guidelines for Trustworthy AI 
• GAO - AI Accountability Framework 
• NIST - AI Risk Management Framework 
• OCC - Model Risk Management Guidance 
• World Economic Forum - AI Governance Framework 
• … and others 
  
  

AI Third-Party Audit Considerations 

AI’s View – How to Audit AI Governance 

Policies:

Refund Policy

ERP Risk Advisors provides refunds in accordance with the refund policy of Teachable, our learning platform host. Refunds must go through the support funnel found at https://support.teachable.com/hc/en-us/articles/360004215372-Request-a-Refund. Teachable’s terms of use, including the refund policy, can be found at: https://teachable.com/terms-of-use.

Program Cancellation Policy

If a participant cancels a paid ERP Armor: Learning subscription plan, the cancellation will become effective at the end of the then-current billing cycle. When a participant cancels a paid plan, their account will revert to a free account and Teachable may disable access to features available only to paid plan users.

Complaint Resolution Policy

Participant(s) should email support@erpra.net and provide as much detail as possible about the complaint, including any relevant screenshots, account information, or transaction details. Upon receiving the complaint, ERP Risk Advisors’ support team will acknowledge it within 24 hours during business days. ERP Risk Advisors’ support team will investigate the complaint thoroughly. This may involve reviewing relevant records, consulting with appropriate personnel, and gathering additional information as necessary. ERP Risk Advisors aims to resolve all complaints as quickly as possible. Depending on the complexity of the issue, resolution may take up to 5 business days or more. During this time, ERP Risk Advisors will keep the participant(s) informed of the progress and any steps being taken to address their concerns. Once a resolution has been proposed, ERP Risk Advisors will contact the participant(s) to discuss the outcome. If participant(s) are dissatisfied with the initial resolution provided by ERP Risk Advisors’ support team, they may request that their complaint be escalated. Escalations will be reviewed by a senior manager to ensure a fair and impartial review of concerns. ERP Risk Advisors treats all complaints with the utmost confidentiality. Information provided will only be used for the purposes of investigating and resolving a complaint, in accordance with our Privacy Policy. For more information regarding administrative policies such as complaints and feedback, please contact our support desk at support@erpra.net.

*****

For all other Administrative and Course Development Policies, please visit ERP Armor: Learning FAQ and click on the first Frequently Asked Question dropdown.

*****

ERP Risk Advisors is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org