I just finished instructing the ISACA Advanced in AI Risk course in Las Vegas. This is the first time this course has ever been taught. I went in as the instructor. I came out a more informed advisor…and that order matters.
There is a particular kind of learning that only happens when you teach something for the first time, with no prior cohort to learn from, no instructor before you to compare notes with, and a body of knowledge that has not yet been pressure-tested in a live room. Reading the material sharpens you. Advising clients on it sharpens you further. But being the first to stand in front of senior practitioners who are paying attention, asking hard questions, and pushing back on assumptions — that exposes every soft spot in your own thinking, and in the field’s. The inaugural AAIR course did that for me, and I want to share what shifted.
The preparation forced a deeper reckoning than I expected.
I have been advising on AI governance for some time. I came to the material confident I understood it. What I found, working through it as the first instructor rather than a consumer, is that the AAIR body of knowledge is structured around an assumption most organizations have not earned the right to make: that the underlying IT governance is functioning. The credential treats AI risk as a layer, not a foundation. Preparing to teach that distinction, knowing I would be the first to articulate it in this format, made me sharpen something I had only half-formed in client work. AI governance maturity is downstream of governance maturity, full stop. You cannot leapfrog the basics by branding them “AI.”
The content reframed what I thought was obvious.
Walking through model risk, data lineage, third-party AI dependencies, AI incident response, and lifecycle accountability domain by domain surfaced how interconnected these competencies really are. In advisory work it is easy to address them in isolation, because that is how clients tend to ask the questions. The course material does not allow that luxury. It forces you to see the system. By the second day I was seeing patterns in my own client engagements I had previously treated as separate problems. They were not separate. They were symptoms of the same underdeveloped governance core.
What decorative governance actually looks like.
Here is the pattern I keep seeing, and the course made it impossible to ignore. An organization stands up an AI Ethics Committee. They publish a Responsible AI policy. They commission a vendor risk assessment for their generative AI tools. On paper, the program looks credible. Underneath, three things are usually missing: 1) a current, accurate inventory of where AI is actually being used in the business; 2) a data governance function mature enough to answer where training and inference data came from; and 3) an accountability model that names a specific decision-maker for AI-driven outcomes. Without those three, the committee, the policy, and the assessment are decorative. They produce documents, not control. The board sees activity and assumes capability. The two are not the same.
The students taught me the most.
This is the part I did not anticipate. The room was filled with senior practitioners: risk officers, auditors, and governance leads who came in with real organizational context. They also came in knowing they were the first cohort, which created an unusual dynamic. The questions were not theoretical. They were specific, frustrated, and revealing. How do we govern a model the vendor will not let us inspect? Who owns the risk when the AI tool was bought by marketing without our knowledge? What do we do when the board wants an AI policy in thirty days and we do not have the data governance to support it?
I came in prepared to answer. I left realizing the more important contribution was synthesizing what they were collectively surfacing. Across organizations, industries, and geographies, the same pattern kept appearing: people responsible for AI risk are being asked to govern something their organizations are not yet equipped to govern. That is not a knowledge gap. That is a structural one. And no certification, framework, or policy template will close it on its own. Hearing that pattern emerge in real time, in the first delivery of this course, told me something important: the field is arriving at consensus on the problem faster than organizations are arriving at the capacity to solve it.
What I am taking forward.
A few things changed in how I will advise from here.
I am going to stop accepting “we are working on our AI governance framework” as a sufficient answer. The follow-up question is now the first question: can your existing governance carry it?
I am going to treat the AAIR competency areas as a diagnostic, not just a curriculum. If an organization cannot demonstrate basic capability in those domains, no AI strategy resting on top of them is going to hold.
And I am going to carry forward what it meant to be in that inaugural room. The expertise was not flowing in one direction. It never is. The instructor’s job is to give it shape and feed what was learned back into the field.
A closing reflection.
I have been doing governance work long enough to recognize when a discipline is in transition. AI governance is in that moment now. The frameworks are forming, the credentials are arriving, the regulators are catching up, and the practitioners, many of whom have spent careers in IT audit, security, and risk, are being asked to extend their expertise into territory that does not yet have settled answers. Teaching the inaugural AAIR course did not give me those answers. It gave me something more useful: a clearer picture of which questions actually matter, and a deeper respect for the people in the field already wrestling with them. That is the part I did not expect to learn. And it is the part I will carry into every advisory conversation from here.
Final Thoughts
A few takeaways for executives, boards, and governance leaders thinking about where they stand:
- AI governance maturity cannot exceed underlying governance maturity. Verify the foundation before you build the layer.
- Treat AI risk competencies as interconnected, not modular. Model risk, data lineage, third-party exposure, and lifecycle accountability are one system.
- Don’t treat your AI governance as decoration. Committees, policies, and assessments are activities. Inventory, data lineage, and named accountability are controls. Know which you have.
- Listen carefully to the people in your organization who are already responsible for AI risk. They know where the structural gaps are. Most of them are not being asked.
- Be skeptical of AI governance answers that arrive too quickly. Real maturity is harder, slower, and less marketable than a thirty-day policy rollout.
- Remember that the field is still being built in real time. The frameworks, credentials, and curricula are catching up to a problem organizations are already living. Stay close to the people doing the work.
As always, I look forward to your thoughts.