The AGRC Certificate in AI Risk Management & Compliance is a specialised professional certification designed to equip governance, risk, compliance, audit, legal, and senior management professionals with the practical knowledge and frameworks required to oversee artificial intelligence systems responsibly and effectively. The programme focuses on AI as a governance, operational, ethical, and regulatory challenge rather than a technical development discipline, enabling participants to understand how AI systems function in real organisational environments, how risks emerge across the AI lifecycle, and how these risks can be governed, monitored, and controlled using established GRC principles.
The course provides a structured and practical framework for identifying, assessing, managing, and assuring AI systems within increasingly complex and evolving regulatory environments. Participants will gain a clear understanding of how artificial intelligence introduces new categories of operational, legal, ethical, reputational, cybersecurity, and compliance risks, while also exploring the governance structures, accountability mechanisms, and control frameworks required to support responsible AI adoption.
Built around globally recognised standards and regulatory frameworks, the certification examines key international developments including the EU AI Act, GDPR, DORA, UK and US regulatory approaches, ISO/IEC 42001, and the NIST AI Risk Management Framework. Participants will learn how to interpret and apply these requirements in practice, helping organisations strengthen regulatory readiness, operational resilience, and defensible governance practices across AI-enabled systems.
The programme begins by exploring the foundations of AI and algorithmic systems, helping learners understand the differences between rule-based automation and learning-based AI models, including machine learning, generative AI, and automated decision systems. Participants will examine key technical concepts relevant to governance and risk management, including probabilistic outputs, model drift, bias, explainability, and error trade-offs, while learning how these concepts influence compliance, governance, and organisational accountability.
Through practical modules, case studies, and scenario-based exercises, learners will develop the ability to identify and assess AI-related risks using structured risk and impact assessment methodologies. The course introduces AI risk taxonomies, scenario analysis techniques, lifecycle-based risk management approaches, and the CIDA Narrative methodology, enabling participants to conduct meaningful AI risk assessments and integrate AI-related exposures into broader Enterprise Risk Management (ERM) frameworks.
A major focus of the certification is AI governance implementation and organisational oversight. Participants will learn how to design and evaluate AI governance structures, accountability models, AI system inventories, lifecycle controls, documentation standards, third-party risk management frameworks, and independent assurance mechanisms. The course also addresses common governance failures such as unclear accountability, inadequate oversight, and “shadow AI” risks emerging from unsanctioned use of AI technologies within organisations.
The programme provides extensive coverage of bias, fairness, and performance testing methodologies, helping learners understand how discrimination, unfair outcomes, and performance failures can arise within AI systems. Participants will examine fairness metrics, testing methodologies, audit evidence requirements, and governance expectations under frameworks such as the EU AI Act, while learning how to critically challenge testing outputs, vendor claims, and assurance reports from a governance and compliance perspective.
Beyond regulatory compliance, the certification emphasises the importance of responsible AI governance, transparency, accountability, and ethical decision-making. Participants will develop the skills required to advise boards and senior stakeholders on AI governance maturity, AI risk exposure, regulatory obligations, and implementation strategies. The course also highlights the need for cross-functional collaboration between governance, compliance, legal, audit, cybersecurity, data protection, and technical teams to support effective AI oversight across the enterprise.
The final modules focus on operationalising AI governance within organisations through implementation roadmaps, continuous monitoring frameworks, incident response procedures, board-level reporting, and organisational maturity assessments. Participants will learn how to embed AI governance into business strategy, operations, and control environments in a manner that is credible, auditable, scalable, and aligned with organisational objectives.
By the end of the programme, learners will be equipped to contribute meaningfully to AI governance initiatives, challenge AI-related risks and assurances, support regulatory readiness, and advise organisations on the responsible, defensible, and risk-based adoption of artificial intelligence technologies.
The AGRC Certificate in AI Risk Management & Compliance is suitable for compliance professionals, risk officers, internal auditors, governance specialists, MLROs, data protection officers, legal professionals, consultants, senior managers, board members, and policy professionals across sectors who require a practical and structured framework for managing AI risk in increasingly regulated and technology-driven environments. The certification includes approximately 20–25 hours of guided learning, supported by self-paced online study materials, practical exercises, interactive learning activities, and a computer-based multiple-choice examination.
