Practitioner & Executive Training · In-house or Public

AI Governance, End to End

From standards to frameworks, processes, tools and the interconnected risk domains. Training built for risk, GRC, audit and compliance teams. A governance lens at every step, no model internals.

IntakeClassifyAssessRateRegisterGovernDeployMonitorRe-review
One use case carried through the whole lifecycle
Watch: what a case pass looks like in the room
Course introduction · 2 min
Three formats

One curriculum, cut for the room.

Every format follows the same running case: a vendor GenAI claims-triage tool at a fictional Australian insurer, taken from intake to a post-deployment drift incident.

Half day · Boards & execs

Executive Session

AI is already in your organisation. The question is governance: what regulators expect, why agentic AI changes what boards approve, and the questions that make diligence defensible.

  • The AI landscape: how it arrives & fails
  • Strategy, appetite and the governance link
  • Regulatory expectations: APRA, ASIC, ADM
  • Accountabilities and board literacy
Half day · Risk practitioners

The Lifecycle Core

One use case, end to end, with your own hands. The morning builds the system view; the case then runs through classification, impact assessment and risk rating in two full passes.

  • AI landscape for risk professionals
  • Standards, regulation & mapping exercises
  • The AI use-case lifecycle spine
  • AI risk rating & classification in practice
Full day · Risk practitioners

End to End Course

The complete curriculum: twelve blocks, seven hands-on case passes, and the ten client-ready templates to govern AI where you work. Detailed below.

  • System architecture: landscape to lifecycle
  • Core case: assessment to 90-day roadmap
  • Interconnected domains: ERM, cyber, supplier
  • Artefact pack: 10 templates leave with you
Fig. 01 · Full-day workshop

AI Governance, End to End.

One day. One deliberately engineered AI use case. Your risk, GRC, audit and compliance team takes a vendor GenAI tool from intake to a post-deployment incident, and leaves with the ten templates to govern AI where they work. Click any block to view topics.

TeachThe morning builds the system
ApplyThe afternoon works the case
Fig. 02 · Regulatory Map
EU AI ActNIST AI RMFISO/IEC 42001DTA AI Policy v2.0APRA CPS 230/234ASIC REP 798Privacy Act reforms
VII.
Why it lands

Seven hands-on passes through one running case: a vendor GenAI claims-triage tool, followed from intake to a live drift incident. Everything that goes wrong at the end was planted at the beginning.

The Artefact Pack

Ten client-ready templates: registers, impact assessment, taxonomy, KRIs, vendor due diligence, board paper, 90-day roadmap.

Assessment Craft

Classify, assess and rate a realistic vendor AI use case, then defend the rating in plenary. Calibration included.

A Plan, Not a Folder

A maturity self-score, three committed next steps, and the 90-day sequence to act on them.

Trainer
Your Trainer

Kashif M. Qadir

AI Governance · Cyber Risk · Enterprise Risk & Resilience

ISO/IEC 42001 AI Lead Auditor and enterprise risk professional with two decades across AI governance, cyber, resilience, third-party risk, enterprise risk and audit, across all three lines of defence, in APRA-regulated and ASX-listed environments.

Kashif translates AI standards into governance that works in practice: he has stood up and run enterprise AI governance programs and councils, assessed and assured 100+ AI use cases, embedded vendor-AI risk across thousands of suppliers, and trained 3,000+ people, from boards to frontline teams, in large organisations.

ISO/IEC 42001 Lead AuditorISO/IEC 42005CRISCCISACISMNIST AI RMF
3,000+
People trained, from boards to frontline teams
100+
Enterprise AI use cases assessed and assured
7,000+
Vendors under AI risk-scoring and due diligence
20+ yrs
Risk, cyber and audit in regulated environments
Where the experience comes from

AI governance programs, stood up end to end

Established enterprise AI governance in large organisations: strategy, policy, committee charters, councils and escalation paths, aligned to ISO/IEC 42001, NIST AI RMF and the Australian AI Ethics Principles, and run through to real proceed or hold decisions.

AI use-case assessment at scale

Designed and operated a four-lens intake and impact-assessment model covering business value, feasibility, risk and trust, and change impact: surfacing high-harm cases, assigning decision thresholds, and generating registers, assessments and governance review plans.

Training that changes behaviour

Delivered AI, cyber and risk training to 3,000+ people across boards, executive teams, risk functions and frontline staff, including awareness uplifts that measurably improved enterprise metrics.

Vendor AI and regulated environments

Embedded third-party and vendor AI risk into procurement at scale, with risk-scoring and due diligence applied to thousands of suppliers, in APRA-regulated and ASX-listed settings.

Enquire

Bring this to your team

Run in-house for your organisation, or join a public session. Tell us who the room is and we will recommend the format.