What People Are Saying About
Assessing AI Risks & Controls
Comments from Course Attendees:
”LOVED the class.”
“I enjoyed the ChatGPT generated section. It gave a solid overview and provided good summaries.”
“Great pace.”
“One of the excellent parts of the course is that it highlighted where to go for resource documents for guidance.”
“Liked the use of the various tools: COBIT, CIS, NIST.”
“Very informative.”
“Appreciated the emphasis on AI cross-functional teams.”
“I enjoyed ending the final exam on a fun note. Hope others do as well.”
“I truly believe that if Internal Audit is not involved in assessing controls over AI as it evolves, organizations will incur significant risks to reputation, customer service and business operations.”
Assessing AI Risks & Controls
On-Demand - 10 CPEs
Artificial Intelligence (AI) is fast, complex, and virtually limitless. AI is in the news almost every day highlighting major benefits and corresponding significant risks.
AI is rapidly evolving. As with any new technology, security and controls lag technological growth.
Who will assess the security and controls as this innovative technology interfaces with your enterprise? Unfortunately, this is not easily achieved in AI environments.
We will NOT be addressing the risk of AI destroying humanity or starting WW-III.
Instead, we will be focused on the risks & controls pertaining to your enterprise developing AI applications or using AI third-party services. The controls discussed are relevant to all AI applications whether developed in-house or using a third-party AI application.
AI results are only as good as the AI data integrity, the reliability of the AI application logic / algorithms, the thoroughness of “training” the AI system and the integrity and security of the human interface.
Included in the seminar will be a chapter written by ChatGPT AI.
This seminar provides the opportunity for audit and risk management to move upfront and influence AI security and controls as the technology evolves.
The intended audiences for this seminar are all auditors (IT Auditors, Business Auditors, Internal and External Auditors), Audit Management and Risk Management who have the responsibility to provide assessments of enterprise risk.
Seminar Agenda
Defining Artificial Intelligence
- Machine Learning
- Neural Networks
- Big Data
- Robotic Process Automation (RPA)
AI Risks
- Inaccurate Results & Decisions
- Bias & Discrimination
- Health & Safety
- Regulatory Non-Compliance
- And More …
ChatGPT
AI Governance & Risk Management
- AI Accountability & Ownership
- AI Oversight & Monitoring
- AI Liability Considerations
AI Access Management
AI Application Integrity
- “Training” the AI Application
- Change, Patch, Configuration Management
- System Development of AI Applications
AI Human Interface
AI Data Integrity / Data Governance
API / Application Programming Interface Risks
Assessing Cloud / Third Party AI Applications
ChatGPT AI Recommended Controls
Course Curriculum
- Session INTRO-1 Table of Contents
- Session INTRO-2 Study Guide
- Session INTRO-3 Course Instructions & Instructor Introduction (6:52)
- Session INTRO-4 Course Objectives & Agenda (4:40)
- Session INTRO-5 Key Learning Objectives & Resources (3:48)
- Session INTRO-6 Key Assumptions (5:32)
- Session INTRO-7 Downloadable Slides & Notes PDF
- Session INTRO-8 Introduction Review Quiz
- Session INTRO-9 Introduction Review Quiz Answer Explanations
- Session 1-1 IT Risk & AI Technology Introduction (1:41)
- Session 1-2 Risk Definitions (6:31)
- Session 1-3 Risk Management (8:15)
- Session 1-4 Defining Artificial Intelligence (8:02)
- Session 1-5 Historical IT Costs (4:54)
- Session 1-6 Machine Learning (8:13)
- Session 1-7 Robotics Introduction (1:14)
- Session 1-8 Robotics Deeper Dive (6:09)
- Session 1-9 AI Definitions Summary (5:30)
- Session 1-10 Module 1 Conclusion (2:21)
- Session 1-11 Review Quiz #1
- Session 1-12 Review Quiz #1 Answer Explanations
- Session 2-1 AI Risks & Security Resources Introduction (1:44)
- Session 2-2 ChatGPT Risks (4:54)
- Session 2-3 Movies (2:33)
- Session 2-4 AI Headlines (5:02)
- Session 2-5 Movie Trivia (7:26)
- Session 2-6 Security Resources Introduction (0:51)
- Session 2-7 ISACA COBIT (4:30)
- Session 2-8 NIST Cybersecurity Framework (CSF) (1:08)
- Session 2-9 Center for Internet Security (CIS) Critical Controls (5:59)
- Session 2-10 AI Risks (7:56)
- Session 2-11 AI Risks Wharton College (6:07)
- Session 2-12 AI Regulations (4:59)
- Session 2-13 Module 2 Conclusion (1:21)
- Session 2-14 Review Quiz #2
- Session 2-15 Review Quiz #2 Answer Explanations
- Session 3-1 AI Governance Introduction (1:05)
- Session 3-2 Insurance (4:55)
- Session 3-3 FINRA (12:29)
- Session 3-4 AI Governance & AI Risk Management (4:32)
- Session 3-5 Inaccurate AI Processing (7:13)
- Session 3-6 AI Inventory (5:38)
- Session 3-7 COBIT Risk Management (8:25)
- Session 3-8 Audit Considerations (2:24)
- Session 3-9 Module 3 Conclusion (1:58)
- Session 3-10 Review Quiz #3
- Session 3-11 Review Quiz #3 Answer Explanations
- Session 4-1 AI Access Management Introduction (1:03)
- Session 4-2 Access Management - The Basics (2:42)
- Session 4-3 Authentication (6:04)
- Session 4-4 Authorization (5:30)
- Session 4-5 Logs (6:14)
- Session 4-6 AI Access Management Summary (3:29)
- Session 4-7 Module 4 Conclusion (1:44)
- Session 4-8 Review Quiz #4
- Session 4-9 Review Quiz #4 Answer Explanations
- Session 5-1 AI Application Integrity Introduction (1:21)
- Session 5-2 AI Applications (7:37)
- Session 5-3 AI Training Part A (6:55)
- Session 5-4 AI Training Part B (2:31)
- Session 5-5 Change Management (7:33)
- Session 5-6 KPMG (5:45)
- Session 5-7 ChatGPT Integrity (4:20)
- Session 5-8 Patch Management (8:09)
- Session 5-9 Configuration (4:58)
- Session 5-10 System Development (9:25)
- Session 5-11 Agile (6:45)
- Session 5-12 Module 5 Conclusion (2:08)
- Session 5-13 Review Quiz #5
- Session 5-14 Review Quiz #5 Answer Explanations
- Session 6-1 AI Human Interface & Data Governance Introduction (1:10)
- Session 6-2 Human Interface (6:08)
- Session 6-3 Access Management (2:19)
- Session 6-4 Privileged Access (7:31)
- Session 6-5 Human Interface Summary (2:21)
- Session 6-6 Data Governance Part A (4:01)
- Session 6-7 Data Governance Part B (9:34)
- Session 6-8 Data Governance Part C (7:15)
- Session 6-9 Module 6 Conclusion (2:15)
- Session 6-10 Review Quiz #6
- Session 6-11 Review Quiz #6 Answer Explanations
- Session 7-1 Middleware, API, & Assessing Third Party Controls Introduction (1:05)
- Session 7-2 Application Programming Interface (API) (3:02)
- Session 7-3 API Risks (5:32)
- Session 7-4 API Audit & Security Resources (5:19)
- Session 7-5 API Audit Considerations (8:51)
- Session 7-6 Cloud & Third-Party Service Provider Risks (5:18)
- Session 7-7 Cloud Configuration Management (6:10)
- Session 7-8 Third-Party Management (10:41)
- Session 7-9 Contracts – Right to Audit (6:08)
- Session 7-10 System & Organization Controls (SOC) Reports (4:14)
- Session 7-11 Third-Party Governance - Audit Considerations (1:58)
- Session 7-12 Module 7 Conclusion (2:19)
- Session 7-13 Review Quiz #7
- Session 7-14 Review Quiz #7 Answer Explanations
- Session 8-1 AI Audit Strategy Introduction (0:46)
- Session 8-2 KPMG Audit Strategy Part A (5:28)
- Session 8-3 KPMG Audit Strategy Part B (9:04)
- Session 8-4 KPMG Audit Strategy Part C (7:31)
- Session 8-5 KPMG Audit Strategy Part D (5:49)
- Session 8-6 ChatGPT Audit Strategy Part A (5:51)
- Session 8-7 ChatGPT Audit Strategy Part B (6:13)
- Session 8-8 ChatGPT Audit Strategy Part C (4:58)
- Session 8-9 AI Risk Management Framework (3:01)
- Session 8-10 Final Exercise & Concluding Remarks (4:45)
- Session 8-11 Review Quiz #8
- Session 8-12 Review Quiz #8 Answer Explanations
Featured Products
View our other available learning options and get the continuing education credits you need!
