Module 1 - AI governance and program management
A - Stakeholder considerations, industry standards and regulatory requirements
- Integration of relevant stakeholders into the AI safety strategy
- Overview of industry-specific frameworks and legal requirements
- Development of guidelines for the responsible use of AI
B - AI-related strategies, policies and procedures
- Development and implementation of safety guidelines for AI
- Establishing organizational processes for the governance of AI
- Creation and monitoring of safety standards and guidelines
C - AI asset and data lifecycle management
- Identification and classification of AI assets and data
- Management of data quality, integrity and security
- Risk analysis across the entire AI lifecycle
D - Development and management of AI safety programs
- Establishment of a comprehensive AI safety framework
- Definition of roles, responsibilities and escalation paths
- Integration of security controls into the corporate context
E - Business continuity and incident response
- Planning of emergency and recovery processes for AI systems
- Establishing procedures for detecting, reporting and resolving AI security incidents
- Ensuring regulatory and contractual requirements
Module 2 - AI risk management
A - AI risk analysis, thresholds and treatment strategies
- Conducting risk analyses specifically for AI applications
- Definition of acceptance thresholds and risk treatment methods
- Assessing the impact on business risk
B - Management of AI threats and vulnerabilities
- Identification of current threats in the AI context
- Development of vulnerability remediation measures
- Continuous monitoring of the AI threat landscape
C - AI vendor and supply chain management
- Assessment of risks in the AI supply chain
- Integration of security requirements into supplier contracts
- Monitoring and auditing of third-party AI solutions
Module 3 - AI technologies and security controls
A - AI security architecture and design
- Building secure architecture principles for AI systems
- Integration of AI security requirements into the enterprise architecture
B - Data management and control mechanisms
- Introduction of security controls for data in AI processes
- Protection of data integrity, confidentiality and traceability
C - Data protection, ethics, trust and security
- Establishment of guidelines for ethical AI use
- Ensuring fairness, transparency and explainability of AI systems
- Measures to build trust and user safety
D - Security controls and monitoring
- Implementation of technical and organizational protective measures
- Ongoing monitoring and metrics to evaluate AI security
- Development of awareness programs for responsible AI use
Secondary tasks and supporting activities
- Collaboration in the definition of governance roles and responsibilities
- Developing and maintaining AI-specific security policies and training
- Performing risk analysis and vulnerability assessments for AI systems
- Integrating security measures into business continuity and disaster recovery plans
- Assessing vendors, supply chains and internal processes with regard to AI security
- Advice on regulatory, ethical and security aspects of AI
- Setting up monitoring mechanisms and safety metrics for AI solutions
