Based on Body of Knowledge v2.1 — effective 2 February 2026
The exam tests four domains. Each domain breaks into competencies (broad areas) and performance indicators (the specific tasks you're scored on). This guide mirrors that structure, then adds the actual concepts behind each indicator — because the blueprint tells you what is tested but not what the answer is.
Exam style: Questions sit mostly at the remember/understand and apply/analyze levels of Bloom's Taxonomy. Translation: about half are "do you know this term/requirement," and half are "here's a scenario — what should the governance professional do?" Study definitions cold, but practice applying them to situations.
Watch the verbs. Identify / define / list = recall a fact. Understand / explain = describe a concept. Apply / evaluate = use judgment in a scenario. The blueprint's verbs predict the question type.
| Domain | Topic | Min Q | Max Q | Relative weight |
|---|---|---|---|---|
| I | Foundations of AI governance | 16 | 20 | ~21% |
| II | Laws, standards & frameworks | 19 | 23 | ~25% |
| III | Governing AI development | 21 | 25 | ~27% |
| IV | Governing AI deployment & use | 21 | 25 | ~27% |
Takeaway: Domains III and IV (the operational "how to govern" domains) are the largest. Domain II (law) is close behind and is the most fact-dense. Domain I is foundational and overlaps with everything — learn it first, but it's the smallest slice.
What AI governance is, plus the principles and pillars for building a program. Industry- and size-agnostic best practice.
Definitions & types of AI to know:
Types of risks and harms AI can pose to individuals, groups, organizations and society:
Unique characteristics that demand a special governance approach (high-value memory list):
Complexity · Opacity · Autonomy · Speed & scale · Potential for harm/misuse · Data dependency · Probabilistic (not deterministic) outputs
That last one matters most conceptually: traditional software is deterministic (same input → same output), AI is probabilistic — outputs vary and can't be fully predicted, which is why it needs monitoring rather than one-time testing.
The responsible AI principles (know all six — frequently tested):
Fairness · Safety & reliability · Privacy & security · Transparency & explainability · Accountability · Human-centricity
The four actor roles (governance perspective — appears in Domains II and IV too):
| Role | What they do |
|---|---|
| Developer | Builds/trains the model or system |
| Provider | Places it on the market / puts it into service under its own name |
| Deployer | Uses the system under its own authority |
| User | End user interacting with the output |
One organization often plays multiple roles — the blueprint stresses this explicitly. (The EU AI Act also adds importer and distributor — see Domain II.)
Create oversight and accountability policies covering every life-cycle stage:
Use-case assessment → risk management → ethics by design → data acquisition & use → model/system development → training & testing → deployment & monitoring → documentation & reporting → incident management
Also:
Existing laws applied to AI, plus AI-specific laws, standards and frameworks. Anchored on the EU AI Act, South Korea's AI Basic Law, and US federal/state AI laws.
Privacy law (think GDPR-style concepts) maps directly onto AI:
Automated decision-making is a hot spot: individuals often have rights to information about, and human review of, decisions made solely by automated means.
| Law type | How it bites on AI |
|---|---|
| Intellectual property | May prohibit/limit using copyrighted data for training |
| Nondiscrimination | Applies in employment, credit, lending, housing, insurance |
| Consumer protection | Bars unfair or deceptive acts/practices (e.g., misleading AI claims) |
| Product liability | Targets design and manufacturing defects in AI products |
The EU AI Act risk classification — memorize the four tiers and examples:
| Tier | Treatment | Examples |
|---|---|---|
| Unacceptable / prohibited | Banned | Government social scoring, manipulative subliminal techniques, exploiting vulnerabilities, untargeted facial-image scraping, most real-time remote biometric ID in public, emotion recognition at work/school |
| High risk | Heavy obligations | Biometrics, critical infrastructure, education, employment/HR, essential services, law enforcement, migration, justice |
| Limited risk | Transparency only | Chatbots and deepfakes must disclose they're AI |
| Minimal risk | No obligations | Spam filters, AI in games (most AI lands here) |
High-risk system requirements (know these as a cluster):
Risk management · data governance · technical documentation · conformity/impact assessments · record keeping · human oversight · transparency & notification · quality management
Plus:
| Standard / framework | What to know |
|---|---|
| OECD AI Principles | First intergovernmental AI standard. Values-based principles for trustworthy AI: inclusive growth & well-being; human-centered values & fairness; transparency & explainability; robustness, security & safety; accountability. |
| NIST AI RMF | US risk-management framework. Four core functions: GOVERN (cross-cutting) · MAP · MEASURE · MANAGE. Voluntary; paired with a Playbook. Organized into functions → categories → subcategories. |
| ISO/IEC AI standards | 22989 = AI concepts & terminology · 42001 = AI management system (AIMS — the certifiable "build a program" standard) · 42005 = AI system impact assessment. |
Memory hook for NIST: "G-M-M-M" — Govern wraps the other three. Govern is continuous; Map/Measure/Manage cycle.
Responsibilities when designing, building, training, testing and maintaining AI systems. This is the "you're building it" domain.
unit · integration · validation · performance · security · bias · interpretability
Model card = a standardized doc describing a model's intended use, performance, limitations and training-data characteristics. Drift = the world (data drift) or the relationship being modeled (concept/model drift) changes over time, degrading accuracy — the main reason continuous monitoring exists.
Selecting a model and deploying/using it responsibly — whether it's your own proprietary model or a third party's.
classic vs. generative · proprietary vs. open source · small vs. large · language vs. multimodal
cloud vs. on-premise vs. edge · model as-is vs. fine-tuning vs. RAG vs. agentic architectures
RAG (retrieval-augmented generation) = feed the model relevant external/company data at query time to improve accuracy without retraining. Fine-tuning = further-train the model on your data. Edge = runs on local device, not the cloud.
The four domains above tell you what the exam covers. This part drills into the specific laws, frameworks and standards named in the Body of Knowledge — the high-yield, fact-dense material that Domain II leans on but that also surfaces in III and IV. Each one uses the same template: what it is → status → structure → must-know → exam traps.
Quick mental model: Laws are binding (EU AI Act, GDPR, Korea's AI Basic Act). Frameworks and standards are voluntary (NIST AI RMF, OECD Principles, ISO). The exam loves to test whether you know which is which.
What it is: Regulation (EU) 2024/1689 — the world's first comprehensive, horizontal AI law. Risk-based: the obligations on a system scale with the risk it poses. Applies extraterritorially (anyone placing AI on the EU market or whose output is used in the EU).
Status (enacted timeline — what the exam tests):
| Date | What applies |
|---|---|
| 1 Aug 2024 | Entered into force |
| 2 Feb 2025 | Prohibited practices (Art. 5) + AI literacy (Art. 4) |
| 2 Aug 2025 | GPAI model rules, governance bodies (AI Office/Board), national authorities, penalty framework |
| 2 Aug 2026 | High-risk systems (Annex III) + transparency rules (Art. 50) + enforcement begins |
| 2 Aug 2027 | High-risk AI embedded in regulated products (Annex I) |
⚠️ Real-world status (good to know, but the exam follows the enacted dates): A "Digital Omnibus" simplification package (proposed Nov 2025; Council/Parliament provisional agreement May 2026) would push standalone high-risk obligations to 2 Dec 2027 and embedded-product high-risk to 2 Aug 2028, and add a prohibition on AI-generated CSAM and non-consensual intimate imagery. It's still in trilogue and not final. The BoK v2.1 (approved Sept 2025) reflects the original timeline.
The risk tiers (the spine of the Act):
High-risk obligations cluster (memorize as a group):
Risk management system · data governance · technical documentation · logging/record-keeping · transparency & instructions for use · human oversight · accuracy, robustness & cybersecurity → then conformity assessment + CE marking + EU database registration + post-market monitoring
GPAI is a separate layer:
Penalties (tiered — note these exceed GDPR):
Exam traps: EU AI Act ≠ GDPR — different scope, but both can apply to the same system. Know provider vs. deployer vs. importer vs. distributor. A high-risk use often triggers a GDPR DPIA and possibly a fundamental rights impact assessment (FRIA) and an AI Act conformity assessment — three different assessments.
What it is: A voluntary US framework (NIST, January 2023) for managing AI risk and building trustworthy AI. Not a law — adoptable by any organization, anywhere.
The four core functions (the thing you must know cold):
| Function | Purpose |
|---|---|
| GOVERN | Cross-cutting. Culture, policies, roles, accountability, oversight — wraps the other three. |
| MAP | Establish context; categorize the system; identify risks. |
| MEASURE | Analyze, assess, benchmark and track risks (quantitative + qualitative). |
| MANAGE | Prioritize, act on, respond to and recover from risks; allocate resources. |
Each function breaks into categories → subcategories (concrete outcomes).
The 7 trustworthy-AI characteristics: valid & reliable · safe · secure & resilient · accountable & transparent · explainable & interpretable · privacy-enhanced · fair (with harmful bias managed).
Companions: the Playbook (suggested actions), the Generative AI Profile (NIST-AI-600-1, July 2024), plus the Roadmap and crosswalks to other standards.
Exam traps: GOVERN is continuous and cross-cutting — not "step 1 of 4." That's the classic trick. Remember NIST = voluntary framework; EU AI Act = binding law. NIST AI RMF maps neatly onto ISO 42001.
What it is: The first intergovernmental AI standard (adopted May 2019, updated May 2024 to address generative AI and mis/disinformation). The basis for the G20 AI Principles and the conceptual ancestor of many later frameworks.
The five values-based principles:
Plus five recommendations to governments: invest in AI R&D · foster an inclusive digital ecosystem · shape an enabling policy environment · build human capacity / prepare for labor-market transition · international cooperation.
Exam traps: OECD = principles, not enforceable. Often the "where did this originate" answer. Don't confuse the 5 OECD principles with the 6 responsible-AI principles (Domain I) or the 7 NIST trustworthiness characteristics — three different lists.
Voluntary, consensus-based international standards. The BoK names three explicitly — know what each is for:
| Standard | Year | What it is |
|---|---|---|
| ISO/IEC 22989 | 2022 | AI concepts & terminology — the shared dictionary the others rely on |
| ISO/IEC 42001 | 2023 | AI Management System (AIMS) — the certifiable "build and run a governance program" standard (the AI analog of ISO 27001); Plan-Do-Check-Act |
| ISO/IEC 42005 | 2024 | AI system impact assessment — how to conduct and document one |
Also worth knowing: ISO/IEC 23894 (2023) — AI risk management guidance, aligned with ISO 31000.
Exam traps: The likely question is the mapping — 42001 = management system (certifiable) · 42005 = impact assessment · 22989 = terminology. Only 42001 is something an organization gets certified against.
Why it's here: Domain II.A ("how existing data privacy laws apply to AI") is essentially GDPR concepts applied to AI. Not AI-specific, but heavily tested.
Core concepts applied to AI:
Exam traps: Controller (decides the purpose & means) vs. processor (acts on the controller's instructions) — a favorite. Automated decision-making rights come up often. The same high-risk AI system can require a GDPR DPIA and an EU AI Act conformity assessment.
What it is: The Framework Act on the Development of Artificial Intelligence and Establishment of a Foundation for Trustworthiness ("AI Basic Act"). The second comprehensive national AI law after the EU — named in the BoK's Domain II intro.
Status: Passed December 2024, effective 22 January 2026, with roughly a one-year grace period before penalties are fully enforced.
Key features:
Exam traps: Position it against the EU — Korea is promotion + trust, lighter penalties, with a standout generative-AI labeling requirement. Know it as the "second comprehensive AI law."
What it is: No single comprehensive federal AI law. Instead, a patchwork: existing federal/sectoral laws applied to AI + a growing set of state laws + NIST AI RMF as the de facto voluntary federal framework. Executive-branch AI policy shifts between administrations and remains in flux — verify current status before relying on specifics.
Existing laws applied to AI: FTC Act (unfair/deceptive practices) · anti-discrimination law (Title VII, ECOA, Fair Housing Act) · EEOC guidance on AI hiring tools · sector rules (FCRA for credit, HIPAA for health).
State level: Colorado's AI Act — the first comprehensive US state AI law (developer/deployer duties for high-risk AI, focused on algorithmic discrimination). Plus state privacy laws with profiling/automated-decision provisions, Illinois BIPA (biometrics), and NYC Local Law 144 (bias audits for automated employment decision tools).
Exam traps: Know it's a patchwork — no omnibus federal AI law. NIST AI RMF is voluntary, not binding. Federal direction is administration-dependent.
| Framework | Type | Binding? | Know it as |
|---|---|---|---|
| EU AI Act | Law (EU) | ✅ Yes | World's first comprehensive AI law; 4 risk tiers + GPAI |
| GDPR | Law (EU) | ✅ Yes | Privacy backbone; DPIA, controller/processor, Art. 22 ADM |
| Korea AI Basic Act | Law (KR) | ✅ Yes | 2nd comprehensive law; high-impact AI + GenAI labeling |
| US landscape | Patchwork | ⚠️ Mixed | No omnibus federal law; state + sectoral + NIST |
| NIST AI RMF | Framework (US) | ❌ Voluntary | Govern · Map · Measure · Manage |
| OECD Principles | Intergovernmental | ❌ Voluntary | The 5 values; origin of many frameworks |
| ISO/IEC 42001 | Standard | ❌ Voluntary (certifiable) | AI management system (AIMS) |
| ISO/IEC 22989 / 42005 | Standards | ❌ Voluntary | Terminology / impact assessment |
The 6 responsible AI principles: Fairness · Safety & reliability · Privacy & security · Transparency & explainability · Accountability · Human-centricity
The 7 unique AI characteristics: Complexity · Opacity · Autonomy · Speed & scale · Potential for harm · Data dependency · Probabilistic outputs
The 4 actor roles: Developer · Provider · Deployer · User (+ Importer, Distributor in EU AI Act)
EU AI Act risk tiers: Prohibited → High → Limited → Minimal
NIST AI RMF functions: Govern · Map · Measure · Manage
OECD = principles · NIST = risk framework · ISO 42001 = management system · ISO 42005 = impact assessment · ISO 22989 = terminology
Testing types: unit · integration · validation · performance · security · bias · interpretability
Incident root causes: brittleness · lack of robustness · poor data quality · insufficient testing · drift
Deployment techniques: as-is · fine-tuning · RAG · agentic
Cover the answers and check yourself.
Domain I
Domain II 4. Give one example for each EU AI Act risk tier. 5. What are the four NIST AI RMF core functions, and which one is cross-cutting? 6. Match: 22989 / 42001 / 42005 → terminology / impact assessment / management system. 7. Name three existing (non-AI-specific) law types and how each applies to AI.
Domain III 8. What goes in a model card, and when is it created? 9. Define data lineage vs. provenance. 10. Name four periodic activities used to assess a deployed system's safety.
Domain IV 11. RAG vs. fine-tuning — what's the difference? 12. Why does deploying your own model raise your liability vs. using a vendor's? 13. What is a "deactivate or localize" control and when would you use it?
Framework deep dives 14. Name the four EU AI Act risk tiers and one example each. 15. What compute threshold flags a GPAI model as posing "systemic risk"? 16. Which NIST AI RMF function is cross-cutting, and what do the other three do? 17. List the five OECD AI Principles (values-based). 18. Map ISO 22989 / 42001 / 42005 to terminology / management system / impact assessment. 19. GDPR: controller vs. processor — who decides the purpose and means? 20. Why is the South Korea AI Basic Act significant, and what's its standout GenAI requirement? 21. True or false: the US has a single comprehensive federal AI law. (And NIST AI RMF — binding or voluntary?)
Note: This guide expands the IAPP AIGP Body of Knowledge v2.1 with explanatory content for study purposes. For anything legal/regulatory (especially the EU AI Act and newer laws like South Korea's AI Basic Law), confirm current specifics against primary sources before relying on them — fines, thresholds and effective dates do shift.