It was a joy and a pleasure to run the APAC-first AAISM, and I already have three full courses before the end of 2025 (with my 2026 schedule growing already with three other instructors preparing to deliver their own sessions) — but it’s also showing how urgently organisations are trying to secure their AI strategies.
So, I thought I’d do a quick write-up on some of the questions I’ve been getting about this course.
What is the Advanced in AI Security Management (AAISM) certification — and who is it designed for (aka ‘is it for me’)?
The AAISM certification from ISACA is designed for professionals responsible for governing, managing, and securing artificial intelligence systems within their organisations.
ISACA provides a framework for AI security posture management. It helps you understand and mitigate AI-specific risks and integrate AI-related strategies. There’s a focus on data integrity, ethical deployment, regulatory compliance, and the technology and algorithms that power AI and ML.
The primary audiences for the course are security, risk and governance people who manage opportunities and challenges related to AI, including:
Information Security Managers and CISO/CSOs
Risk and Compliance Leaders
AI Program and Project Managers
IT Governance, Audit and Assurance Professionals (although AAIA might be a better first choice for audit people)
Interestingly, I’m also getting some Application Leads in my classes, and they’re getting a lot of value from the course, combining technical knowledge with governance insights.
“One of the best training events attended. I have previously done CISM, CRISC, CCSP, ISO27001 and this one stands way better than all of them. Thanks very much to Louis, his knowledge and energy — Senior Manager"
Why the ISACA AAISM certification matters
Every week, I get to have conversations with my students about the challenges within their organisations around the adoption (or non-adoption) of AI safely and responsibly.
Those AI security posture management challenges can be summarised as:
Organisations want to use external AI tools (like ChatGPT or Copilot) but don’t know how to govern data sharing, privacy or IP risks.
Teams want to use AI internally, using sensitive company data to power decisions — but how to do that in a compliant and secure way.
Staff try AI without open discussions or shadow AI use. Employees are already using AI tools to improve their productivity, but the risks aren’t well understood — or it’s discovered retrospectively, which means that risks are taken without being fully understood.
AI is being adopted faster than it is being secured — and the AAISM certification course focuses on teaching students how to manage this proactively from a GRC perspective — with an additional focus on understanding the foundations of AI technologies.
What are your thoughts on the ISACA AAISM course?
It’s one of the few courses that tackles the three angles of: Security for AI (protecting AI systems), AI for Security (using AI in existing security tools), and Securing AI (ensuring responsible governance). The course helps give a perspective to help professionals find the gaps within their AI security strategy and implementation.
It is a dense course with lots of content, but if you go into this course with that knowledge — you’ll be okay. To ISACA’s credit, they have tried to squeeze every minute out of the two days of the course for such a complex topic to get their perspective across. I really like the course and the conversations that sparked. I love the practical insights from it and the swapping of challenges and solutions that are happening between me and the students.
My students rated the first delivery of AAISM by ISACA at an average of 4.91/5, which, for a larger class and a first run — it’s a credit to ISACA and Lumify Work for creating an excellent course and environment at a timely point in people’s careers (I’ll give myself a bit of credit for that too).
For more information about the course and exam, visit the ISACA website here.
For more information about sitting the AAISM course at Lumify Work, learn more here. You can also contact our team to enquire about course inclusions and schedules.
