SecProve
ExpertVendor-neutralISACA· issued from US

AAIA

Advanced in AI Audit

ISACA specialization for AI Audit. First certification worldwide specifically for auditing AI systems. Requires active CISA (or comparable audit certification). Three domains: AI Governance & Risk, AI Operations, AI Auditing.

Official page at ISACA↔ Compare with another cert
Exam fee
$399
Ongoing
$45/yr AMF · 20 CPE/yr
Study time
60–120 hrs
Delivery
Test center
Validity
3 yrs (renewal cycle)

› Quality score

21.0 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
ISACA's Advanced AI Audit ECO is well-organised but the field is fast-moving.
7.5/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
Pure MCQ. No model-card or audit-engagement artefact.
1.0/10
Currency & upkeep
How aggressively content is kept current with the field.
Tracks NIST AI RMF + EU AI Act updates aggressively.
8.0/10
Market recognition
How often this signal actually moves a hiring decision.
New (2024) — ISACA brand carries weight, role-specific recognition still building. [Holders: 2k, 2024-12]
4.5/10

› Market signals

public, citable inputs to the recognition score
Holders worldwide
2,000
as of 2024-12 · source

Launched 2024; rapid early growth.

› Built for these roles

IT Auditors with AI FocusAI Governance OfficersCompliance Auditors

› Exam format

90 questions, 2.5 hours, 450/800

Passing score
450/800 (scaled)
Retake policy
Fee: $575 per attempt
Wait: 30d between attempts
Cap: 4 attempts/year

ISACA member $575 / non-member $760. 4 attempts per rolling 12-month window.

› Recertification

CPEs per ISACA policy

› 3-year cost of ownership

Exam (1×)
$399
AMF (3×)
$135@$45/yr
Total
$534

Excludes study materials, training, retake risk, and lost-wage opportunity. Use as a floor estimate.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

DD-WRL-001OG-WRL-014OG-WRL-016OG-WRL-012
Recognition
Global
Exam languages
en

› Core domains covered

The 2 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

C7AI Governance & Risk

EU AI Act compliance, NIST AI RMF, AI risk assessment, model cards, algorithmic auditing, AI incident response.

A1Governance, Risk & Compliance

Risk frameworks (NIST RMF, ISO 31000, FAIR), policy development, audit, regulatory compliance, third-party risk.

› Prerequisites

Experience

Active CISA or comparable audit certification

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (1)
AIGPIAPP
AAIA
ISACA
Required by (0)

No certs require this one.

Recommended next (0)

No follow-on certs reference this one yet.

› Study materials

Curated starting points. Not exhaustive — vet each against your learning style and the current exam version.

Training providers
  • ISACA Official AAIA Online Course
Practice tests
  • ISACA AAIA QAE (when released)
Free / community

› Version & lifecycle

Current version
Launched 2024
Released
2024-09

First major AI-audit credential. Requires CISA + AI experience.

› Salary signal

AI auditor / model assurance, US, 5+ years. Requires CISA prerequisite.

$130K$195K
median $160K

ISACA Salary Survey extrapolation + early AI-audit role postings · 2024 · US base only · p25–p75 range

› How it compares

vs
AIGP

AAIA is the audit-focused AI credential; AIGP is the broader AI governance program credential.

↔ Compare side-by-side
vs
CISA

AAIA is a CISA add-on focused on AI/ML system audits.

↔ Compare side-by-side

› Careers that commonly pursue this cert

AI Governance / AI Risk Specialist

The policy/controls counterpart to the AI Security Engineer — owns risk frameworks, regulatory mapping (EU AI Act, NIST AI RMF), model documentation, and AI incident response policy.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications