Module 7: Governance, compliance, and audit

AINS6302 — AI for Risk Assessment

Essential Question

How do AI risk tools support formal obligations?

Scenario

a cyber risk committee prioritizing mitigation across assets with different exposure and business value

Stakeholders: CISO, risk officer, system owner, auditor, and executive sponsor

Core Moves

• Define the decision boundary

• Compare baseline and alternative

• Interpret evidence and assumptions

• Identify failure modes

• Recommend next action

Lab & Assignment

Draft compliance and audit evidence.

Artifact: cyber risk assessment package with scoring rationale, treatment plan, and executive dashboard focused on governance, compliance, and audit: Draft compliance and audit evidence.