Practitioner & Executive Training · In-house or Public

AI Governance, End to End

From standards to frameworks, processes, tools and the interconnected risk domains. Training built for risk, GRC, audit and compliance teams. A governance lens at every step, no model internals.

IntakeClassifyAssessRateRegisterGovernDeployMonitorRe-review
One use case carried through the whole lifecycle
Watch: what a case pass looks like in the room
Course introduction · 2 min
Three Formats

One curriculum, cut for the room

Every format follows the same running case: a vendor GenAI claims-triage tool at a fictional Australian insurer, taken from intake to a post-deployment drift incident.

Half day · Boards & execs

Executive Session

AI is already in your organisation. The question is governance: what regulators now expect, why agentic AI changes what boards approve, and the questions that make diligence defensible.

  • The AI landscape: how it arrives, how it fails
  • Strategy, appetite and the governance connection
  • Regulatory expectations: APRA, ASIC, Privacy Act
  • Operating model, accountability and board literacy
Half day · Risk practitioners

Practitioner Course: The Core

One use case, end to end, with your own hands. The morning builds the system view; the case then runs through classification, impact assessment and risk rating in two full passes.

  • The AI landscape for risk professionals
  • Standards & regulation, plus a mapping exercise
  • The AI use-case lifecycle: the spine
  • AI risk assessment in practice, rating defended
Full day · Risk practitioners

Practitioner Course: End to End

The complete curriculum: twelve blocks, seven hands-on case passes, and the ten client-ready templates to govern AI where you work. Detailed below.

  • Morning, the system: landscape to lifecycle
  • Afternoon, the case: assessment to roadmap
  • Interconnected domains: ERM, cyber, third party
  • Artefact pack: ten templates leave with you
Fig. 01 · Full-day workshop

AI Governance, End to End.

One day. One deliberately engineered AI use case. Your risk, GRC, audit and compliance team takes a vendor GenAI tool from intake to a post-deployment incident, and leaves with the ten templates to govern AI where they work. Governance lens at every step; no model internals. Expand any block for the full detail.

TeachThe morning builds the system
ApplyThe afternoon works the case
Fig. 02 · Regulatory Map
EU AI ActNIST AI RMFISO/IEC 42001DTA AI Policy v2.0APRA CPS 230/234ASIC REP 798Privacy Act reforms
VII
Why it lands

Seven hands-on passes through one running case: a vendor GenAI claims-triage tool, followed from intake to a live drift incident. Everything that goes wrong at the end was planted at the beginning.

The artefact pack

Ten client-ready templates: registers, impact assessment, taxonomy, KRIs, vendor due diligence, board paper, 90-day roadmap.

Assessment craft

Classify, assess and rate a realistic vendor AI use case, then defend the rating in plenary. Calibration included.

A plan, not a folder

A maturity self-score, three committed next steps, and the 90-day sequence to act on them.

Trainer Kashif M. Qadir
Your Trainer

Kashif M. Qadir

AI Governance · Cyber Risk · Enterprise Risk & Resilience

ISO/IEC 42001 AI Lead Auditor and enterprise risk professional with two decades across AI governance, cyber, resilience, third-party risk, enterprise risk and audit, across all three lines of defence, in APRA-regulated and ASX-listed environments.

Kashif translates AI standards into governance that works in practice: he has stood up and run enterprise AI governance programs and councils, assessed and assured 100+ AI use cases, embedded vendor-AI risk across thousands of suppliers, and trained 3,000+ people, from boards to frontline teams, in large organisations.

ISO/IEC 42001 Lead AuditorISO/IEC 42005CRISCCISACISMNIST AI RMF
3,000+
People trained, from boards to frontline teams
100+
Enterprise AI use cases assessed and assured
7,000+
Vendors under AI risk-scoring and due diligence
20+ yrs
Risk, cyber and audit in regulated environments
Where the experience comes from

AI governance programs, stood up end to end

Established enterprise AI governance in large organisations: strategy, policy, committee charters, councils and escalation paths, aligned to ISO/IEC 42001, NIST AI RMF and the Australian AI Ethics Principles, and run through to real proceed or hold decisions.

AI use-case assessment at scale

Designed and operated a four-lens intake and impact-assessment model covering business value, feasibility, risk and trust, and change impact: surfacing high-harm cases, assigning decision thresholds, and generating registers, assessments and governance review plans.

Training that changes behaviour

Delivered AI, cyber and risk training to 3,000+ people across boards, executive teams, risk functions and frontline staff, including awareness uplifts that measurably improved enterprise metrics.

Vendor AI and regulated environments

Embedded third-party and vendor AI risk into procurement at scale, with risk-scoring and due diligence applied to thousands of suppliers, in APRA-regulated and ASX-listed settings.

Enquire

Bring this to your team

Run in-house for your organisation, or join a public session. Tell us who the room is and we will recommend the format.

Or email directly at training@effectiverm.com