SecProve
ExpertVendor-neutralISACA· issued from US

AAISM

Advanced in AI Security Management

ISACA specialization for AI Security Management. Requires active CISM or CISSP. Focus on AI Governance & Program Management, AI Risk Management, and AI Technologies & Controls. For security leaders managing AI risks.

Official page at ISACA↔ Compare with another cert
Exam fee
$399
Ongoing
$45/yr AMF · 20 CPE/yr
Study time
60–120 hrs
Delivery
Test center
Validity
3 yrs (renewal cycle)

› Quality score

21.0 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
ISACA's AI Security Manager ECO maps governance, risk, and AI-specific controls.
7.5/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
Pure MCQ. No live AI red-team artefact.
1.0/10
Currency & upkeep
How aggressively content is kept current with the field.
Tracks regulator and standards changes (EU AI Act, NIST AI RMF).
8.0/10
Market recognition
How often this signal actually moves a hiring decision.
New (2024); growing among GRC-track AI security managers. [Holders: 2k, 2024-12]
4.5/10

› Market signals

public, citable inputs to the recognition score
Holders worldwide
2,000
as of 2024-12 · source

› Built for these roles

CISOs with AI ResponsibilitySecurity ManagersAI Risk Managers

› Exam format

90 questions, 2.5 hours, 450/800

Passing score
450/800 (scaled)
Retake policy
Fee: $575 per attempt
Wait: 30d between attempts
Cap: 4 attempts/year

ISACA member $575 / non-member $760. 4 attempts per rolling 12-month window.

› Recertification

CPEs per ISACA policy

› 3-year cost of ownership

Exam (1×)
$399
AMF (3×)
$135@$45/yr
Total
$534

Excludes study materials, training, retake risk, and lost-wage opportunity. Use as a floor estimate.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

DD-WRL-001OG-WRL-014OG-WRL-007
Recognition
Global
Exam languages
en

› Core domains covered

The 3 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

C7AI Governance & Risk

EU AI Act compliance, NIST AI RMF, AI risk assessment, model cards, algorithmic auditing, AI incident response.

C8AI Safety & Alignment

Guardrails, content filtering bypass, model monitoring, drift detection, output control.

A1Governance, Risk & Compliance

Risk frameworks (NIST RMF, ISO 31000, FAIR), policy development, audit, regulatory compliance, third-party risk.

› Prerequisites

Experience

Active CISM or CISSP

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (2)
AIGPIAPPCISMISACA
AAISM
ISACA
Required by (0)

No certs require this one.

Recommended next (0)

No follow-on certs reference this one yet.

› Study materials

Curated starting points. Not exhaustive — vet each against your learning style and the current exam version.

Training providers
  • ISACA Official AAISM Online Course
Practice tests
  • ISACA AAISM QAE

› Version & lifecycle

Current version
Launched 2024
Released
2024-09

Requires CISM + AI experience.

› Salary signal

AI security program manager, US, 5+ years. Requires CISM prerequisite.

$145K$215K
median $175K

ISACA Salary Survey extrapolation · 2024 · US base only · p25–p75 range

› How it compares

vs
AIGP

AAISM is security-management-flavored; AIGP is broader governance + privacy.

↔ Compare side-by-side
vs
CISM

AAISM is a CISM add-on for AI-specific security program management.

↔ Compare side-by-side

› Careers that commonly pursue this cert

AI Governance / AI Risk Specialist

The policy/controls counterpart to the AI Security Engineer — owns risk frameworks, regulatory mapping (EU AI Act, NIST AI RMF), model documentation, and AI incident response policy.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications