ISACA · AAIR
Validates expertise in managing AI-related risks across three practice areas: AI risk governance and framework integration, AI risk program management, and AI lifecycle risk management, covering AI vulnerability evaluation, impact assessment, and risk lifecycle navigation.
Questions
598
Duration
150 minutes
Passing Score
450/800
Difficulty
AssociateLast Updated
Feb 2026
Use this AAIR practice exam to prepare for ISACA Advanced in AI Risk (AAIR) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 598 questions for ISACA AAIR, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to patterns in your missed answers. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The ISACA Advanced in AI Risk (AAIR™) certification is an AI-focused IT risk management credential designed to validate advanced expertise in identifying, evaluating, and managing risks that arise from artificial intelligence adoption within organizations. It covers three core practice areas: AI Risk Governance and Framework Integration, AI Risk Program Management, and AI Life Cycle Risk Management. Together, these domains address the full spectrum of AI risk—from establishing governance structures and embedding AI risk into enterprise frameworks, to executing risk programs, evaluating AI-specific vulnerabilities, conducting impact assessments, and navigating risk throughout the AI development and deployment lifecycle.
The AAIR credential is part of ISACA's suite of Advanced AI certifications, alongside the Advanced in AI Audit (AAIA) and Advanced in AI Security Management (AAISM). Unlike these related credentials, AAIR specifically equips professionals to work cross-functionally, recommend risk responses, and guide senior management in safeguarding organizations from financial, reputational, and operational harms associated with AI integration. The certification is currently in beta, with a full launch anticipated for Q2 2026.
AAIR is intended for experienced IT risk and advisory professionals who already hold a recognized risk or security certification and are seeking to extend their expertise into AI-specific risk management. Eligible professionals must hold at least one active credential from the following: CISA, CISM, CRISC, CGEIT, CDPSE (ISACA credentials), or CRMP, CRMA, CGRC, CISSP, CERP, CRCM, or PMI-RMP (global designations). Because the program does not cover foundational IT risk concepts, it is best suited for mid-to-senior-level practitioners who already operate in risk management, compliance, governance, or advisory roles and need structured knowledge to address AI's unique risk profile.
Typical candidates include IT Risk Managers, Enterprise Risk Officers, AI Governance Leads, Chief Risk Officers, and Compliance Managers working in industries where AI adoption is accelerating—such as financial services, healthcare, technology, and government. It is also relevant for consultants who advise organizations on responsible AI adoption and integration strategies.
Candidates must hold at least one active qualifying credential at the time of application. Accepted ISACA credentials include CISA, CISM, CRISC, CGEIT, and CDPSE. Globally recognized designations that also qualify include CRMP, CRMA, CGRC, CISSP, CERP, CRCM, and PMI-RMP. These prerequisites are non-negotiable, as the AAIR program is explicitly designed to build on existing foundational IT risk knowledge rather than introduce it.
Beyond holding a qualifying credential, candidates should have practical professional experience working in IT risk management, AI governance, compliance, or a closely related advisory function. Familiarity with enterprise risk frameworks (such as COBIT, NIST, or ISO 31000), AI concepts including machine learning and generative AI models, and cross-functional risk communication will help candidates engage effectively with the curriculum and exam content.
The AAIR exam consists of scenario-based multiple-choice questions delivered in a proctored setting. The exam duration is 150 minutes. Scoring uses a scaled scoring model with a maximum score of 800 points, and the passing score is 450 out of 800—consistent with the scoring methodology used across ISACA's Advanced AI certification suite. The exact number of scored questions has not been published by ISACA as of the time of writing, as the certification is currently completing its beta phase ahead of a full Q2 2026 launch.
ISACA's Advanced AI exams are delivered online with remote proctoring available. Exam fees are estimated at approximately USD 575 for ISACA members and USD 760 for non-members, with an additional USD 50 application fee and annual maintenance fees of USD 45 (members) and USD 85 (non-members). Candidates are advised to check the official ISACA credentialing page for confirmed question counts, delivery options, and final pricing once the exam officially launches.
As organizations across industries accelerate AI adoption, demand for professionals who can rigorously manage AI-related risks is growing rapidly. AAIR holders are positioned for roles such as AI Risk Manager, Enterprise AI Governance Lead, Chief Risk Officer, AI Compliance Manager, and senior risk consultant specializing in responsible AI. These roles are emerging in regulated industries—including financial services, healthcare, and government—where AI governance requirements are being codified through regulations such as the EU AI Act and U.S. executive orders on AI.
Salary data for AI risk professionals in the United States ranges from approximately USD 90,000 to over USD 210,000 annually, depending on role, industry, and geography. ISACA-certified professionals have historically commanded a salary premium of 10–20% over non-certified peers, according to the Robert Half Salary Guide and Global Knowledge IT Skills and Salary Report. AAIR complements existing ISACA credentials—particularly CRISC—by adding a specialized AI risk layer that distinguishes holders in a market where general IT risk expertise is common but AI-specific risk governance skills remain scarce.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 598 questions.
Preview — answers shown1. An AI audit team applies the ISACA Digital Trust Ecosystem Framework to assess an organization's AI governance. Which DTEF domain specifically addresses human oversight requirements and ethical decision-making processes? (Select one!)
Explanation
The DTEF Human Factors domain explicitly addresses human oversight mechanisms and ethical decision-making processes in AI systems, aligning with principles of accountability and human-AI interaction. Architecture focuses on technical system implementation. Emergence addresses emerging technology trends and innovations. Direct and Monitor covers governance oversight and monitoring activities. The Human Factors domain specifically examines how humans interact with, oversee, and make ethical decisions regarding AI systems.
2. Zenith Pharmaceuticals discovers their drug interaction prediction model experiences concept drift where the relationship between patient features and adverse reactions changes due to new drug formulations entering the market. Which drift detection method is most appropriate for identifying this type of drift? (Select one!)
Explanation
Concept drift occurs when the relationship between inputs and outputs changes even if input distributions remain stable. Supervised drift detection methods like DDM and EDDM monitor error rates and performance metrics over time, detecting when the model's predictive relationship breaks down. These methods require labeled ground truth data but directly detect concept drift. Population Stability Index, Kolmogorov-Smirnov tests, and Chi-squared tests detect data drift by comparing feature distributions, but cannot identify concept drift where input distributions remain stable while the underlying relationship changes. For concept drift, monitoring prediction accuracy and error rates against actual outcomes is the appropriate detection strategy.
3. Pinnacle Insurance's AI Risk Committee identifies a new generative AI model for claims processing. During NIST AI RMF MAP 2.3 assessment, which documentation elements must they capture regarding scientific integrity and TEVV considerations? (Select one!)
Explanation
MAP 2.3 requires documenting scientific integrity and TEVV (Test, Evaluation, Validation, and Verification) considerations including experimental design, data selection rationale, and validation methodology. This ensures the AI system development follows rigorous scientific principles and can be properly evaluated for trustworthiness. Final metrics alone do not capture the scientific integrity of the development process. Budget and resource allocation fall under planning but not scientific integrity. Competitor analysis relates to business strategy rather than technical TEVV considerations essential for risk management.
4. Under ISO/IEC 42001 Clause 9 Performance Evaluation, Stratos Manufacturing must conduct internal audits of their AI management system. The audit reveals that documentation for AI system verification and validation activities is incomplete for three production AI systems deployed in the past year. What should be the organization's immediate corrective action priority? (Select one!)
Explanation
ISO 42001 Clause 10 requires organizations to address nonconformities through corrective actions that eliminate causes and prevent recurrence. The appropriate response is to document the nonconformity, conduct retrospective TEVV documentation where possible, and improve processes to prevent future gaps. This balances compliance with operational continuity. Immediate decommissioning may be disproportionate without risk assessment of the documentation gap's impact. Accepting the gap as minor violates ISO 42001's mandatory documentation requirements for verification and validation. Transferring responsibility to vendors does not address the organization's responsibility as the AI management system owner to maintain adequate documented information.
5. A multinational corporation is implementing federated learning to train AI models across regional offices without centralizing sensitive customer data. Which three privacy risks remain significant threats even with federated learning implementation? (Select three!)
Multiple correct answersExplanation
Federated learning prevents centralization of raw data but remains vulnerable to several privacy attacks. Model inversion can reconstruct training data from shared model updates or gradients. Membership inference can determine if specific records were in local training sets. Gradient leakage can reveal information about local training data through analysis of shared gradients. Unauthorized direct access to centralized datasets and cross-border raw data transfers are not risks in federated learning since raw data never leaves local sites. Data quality is an operational concern but not a privacy-specific risk.
Certified Information Security Manager (CISM)
CISM · 1196 questions
Certified Information Systems Auditor (CISA)
CISA · 895 questions
Certified in Risk and Information Systems Control (CRISC)
CRISC · 761 questions
Certified Data Privacy Solutions Engineer (CDPSE)
CDPSE · 749 questions
IoT Fundamentals Certificate
IoT-Fund · 630 questions
IT Audit Fundamentals Certificate
IT-Audit-Fund · 627 questions
$17.99
One-time access to this exam