Frameworks, Regulations & Standards Cross-domain

How to study the frameworks

Domain 1 dedicates an entire subtopic to ethics, regulations, and standards, and references to these instruments surface throughout Domains 2 and 3 as the audit criteria against which you assess a control. The exam will not ask you to recite clause numbers. It will give you a scenario and ask which framework applies, what obligation it triggers, or whether a claim of "compliance" actually holds up. Learn each instrument along four axes and you will answer almost any framework question correctly.

1 · NIST AI Risk Management Framework (AI RMF 1.0)

The NIST AI Risk Management Framework 1.0 (released January 2023) is a voluntary US framework that helps organizations manage the risks of AI to individuals, organizations, and society. It is the framework the AAIA exam most often expects you to operationalize: it gives you a structured, repeatable way to govern, identify, measure, and act on AI risk across the lifecycle. It is technology-neutral, rights-preserving, and explicitly designed to be used by anyone in the AI value chain.

The four core functions

The heart of the AI RMF is its Core, organized into four functions. GOVERN is cross-cutting and underpins the other three; MAP, MEASURE, and MANAGE form an iterative cycle.

Profiles and the Generative AI Profile

The AI RMF is meant to be tailored. A Profile is an instantiation of the framework's functions for a specific use case, sector, or technology — describing the current state ("as-is") and a target state ("to-be") so an organization can prioritize. In July 2024 NIST published the Generative AI Profile (NIST AI 600-1), a companion that identifies risks unique or exacerbated by generative AI (confabulation/hallucination, dangerous or violent content, data privacy, information integrity, intellectual property, and CBRN/cyber misuse) and suggests hundreds of actions mapped back to the four functions. For auditors, a Profile is a gift: it is effectively a pre-built control framework you can use as audit criteria.

Characteristics of trustworthy AI

NIST defines seven characteristics that, together, describe trustworthy AI. Expect the exam to test these as a checklist, and to ask you to recognize which characteristic a failing control threatens.

• Valid & reliable — the system does what it is supposed to, accurately and consistently. This is the foundation; without validity the other characteristics cannot be trusted.
• Safe — it does not, under defined conditions, lead to a state that endangers human life, health, property, or the environment.
• Secure & resilient — it withstands adversarial attack (poisoning, evasion, extraction) and degrades gracefully or recovers.
• Accountable & transparent — information about the system (design, data, decisions, owners) is available so responsibility can be assigned.
• Explainable & interpretable — the mechanisms and the meaning of outputs can be conveyed appropriately to the audience.
• Privacy-enhanced — it safeguards human autonomy, identity, and dignity; uses minimization, de-identification, and privacy-preserving techniques.
• Fair — with harmful bias managed — it addresses equality and equity and actively manages systemic, computational, and human-cognitive bias.

2 · ISO/IEC 42001 and the ISO AI family

Where NIST gives you a risk framework, ISO gives you a certifiable management system. ISO/IEC 42001:2023 is the world's first AI Management System (AIMS) standard. It specifies requirements for establishing, implementing, maintaining, and continually improving an AIMS within an organization — the same management-system DNA as ISO/IEC 27001 (information security) or ISO 9001 (quality), but applied to the responsible development and use of AI.

What an AIMS is

An AI Management System is the set of interrelated policies, objectives, processes, roles, and controls an organization uses to govern AI responsibly and consistently. It forces leadership commitment, a defined scope, AI objectives, risk and impact assessment, operational controls, performance evaluation, and continual improvement — so that responsible-AI practice is systemic rather than ad hoc.

Plan-Do-Check-Act

Like all ISO management-system standards, ISO/IEC 42001 is built on the Plan-Do-Check-Act (PDCA) cycle of continual improvement:

• Plan — understand context and interested parties; establish AI policy, objectives, roles, risk and AI-system impact assessment.
• Do — implement operational controls and the treatments selected from Annex A; manage the AI lifecycle, data, and third parties.
• Check — monitor, measure, conduct internal audits, and run management review.
• Act — correct nonconformities and continually improve the AIMS.

Annex A controls

ISO/IEC 42001 includes an Annex A catalogue of reference controls and control objectives (with implementation guidance in Annex B). They span areas such as AI policies, internal organization and roles, resources for AI systems, impact assessment of AI systems on individuals and society, the AI system lifecycle, data for AI systems, information for interested parties, use of AI systems, and third-party/supplier relationships. As with ISO 27001's Annex A, an organization selects applicable controls via a Statement of Applicability — a prime piece of audit evidence.

Relationship to ISO/IEC 27001 — and it is certifiable

ISO/IEC 42001 uses the same Harmonized Structure (Annex SL) as ISO/IEC 27001, so the two integrate cleanly: an organization with a mature ISMS can extend it to an AIMS, reusing risk processes, internal-audit machinery, and management review. Crucially, ISO/IEC 42001 is certifiable by an accredited body — an organization can hold a certificate, which is strong (though not conclusive) third-party evidence for an auditor.

The supporting standards: 23894 and 22989

• ISO/IEC 23894:2023 — AI risk management guidance. It is not certifiable; it adapts the ISO 31000 risk-management principles, framework, and process to AI, with AI-specific risk sources and examples. Think of it as the "how to do AI risk management" companion that feeds the risk requirements of 42001.
• ISO/IEC 22989:2022 — AI concepts and terminology. The standardized vocabulary for AI. It matters for the exam because consistent terminology underpins everything else; it defines core terms the other standards rely on.

3 · The EU AI Act

The EU AI Act (Regulation (EU) 2024/1689) is the world's first comprehensive, horizontal AI law and the most heavily tested regulation on the exam. Its central design is a risk-based, proportionate approach: obligations scale with the risk an AI system poses to health, safety, and fundamental rights. It also has broad extraterritorial reach — it can apply to providers and deployers outside the EU when the system's output is used in the EU, much like GDPR.

The risk tiers

Obligations for high-risk systems

High-risk systems carry the bulk of the compliance burden. Providers (and, in defined ways, deployers) must implement and evidence: a continuous risk-management system; data and data governance (relevant, representative, error-checked training/validation/test data); technical documentation and automatic logging; transparency and clear instructions for use; effective human oversight; and appropriate levels of accuracy, robustness, and cybersecurity. Before market placement the system must pass a conformity assessment, bear CE marking where applicable, and be registered in the EU database. Deployers have their own duties, including using the system per instructions, ensuring human oversight, and (for many public-sector and high-impact uses) carrying out a fundamental-rights impact assessment.

GPAI and foundation models

The Act adds a dedicated regime for general-purpose AI (GPAI) models — the foundation models that underpin many applications. All GPAI providers face transparency and documentation duties, must publish a summary of training-data content, and must have a policy to respect EU copyright law. GPAI models judged to carry systemic risk (very capable models above a compute threshold) face additional obligations: model evaluation and adversarial testing, systemic-risk assessment and mitigation, serious-incident reporting, and cybersecurity protections.

Timelines, reach, and penalties

The Act entered into force on 1 August 2024 and applies in phases: prohibitions and AI-literacy duties from February 2025; GPAI obligations and governance from August 2025; the bulk of high-risk obligations from August 2026; and high-risk systems embedded in regulated products from August 2027. Penalties are severe and tiered: up to €35 million or 7% of global annual turnover for prohibited-practice breaches, up to €15 million or 3% for most other high-risk obligation breaches, and up to €7.5 million or 1% for supplying incorrect information (whichever is higher in each band).

4 · OECD AI Principles & other global instruments

Beyond the EU's binding law sit a layer of influential international principles and soft-law instruments. They are not enforceable in themselves, but they shape national policy and recur as the values underlying NIST, ISO, and the AI Act. Know them at a high level.

• OECD AI Principles (2019, updated 2024) — the first intergovernmental AI standard, adopted by OECD members and beyond (and the basis of the G20 AI principles). Five values-based principles: inclusive growth/sustainable development/well-being; human rights and democratic values including fairness and privacy; transparency and explainability; robustness, security, and safety; and accountability. The OECD's definition of an "AI system" was also adopted as the reference definition in the EU AI Act.
• G7 Hiroshima AI Process (2023) — produced international Guiding Principles and a voluntary Code of Conduct for organizations developing advanced AI systems, focused on safety, transparency, and accountability for frontier/foundation models.
• UNESCO Recommendation on the Ethics of AI (2021) — the first global standard-setting instrument on AI ethics, adopted by all UNESCO member states. It is values- and principles-based (human dignity, human rights, fairness, sustainability) with practical policy action areas, but it is a recommendation, not law.

5 · Privacy & data regulations touching AI

AI is data-hungry, so privacy law is never far away. The exam expects fluency in the GDPR concepts that bite hardest on AI, plus awareness that sector-specific rules add further obligations.

GDPR and AI

• Automated decision-making — Article 22. Individuals have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects, unless an exception applies (contract, explicit consent, or authorizing law) — and even then, safeguards including the right to obtain human intervention, to express a view, and to contest the decision are required. This is the legal backbone of "human oversight" for high-impact AI.
• Data Protection Impact Assessment (DPIA). Required for processing likely to result in high risk to individuals — which covers many AI use cases (large-scale profiling, sensitive data, systematic monitoring). A completed DPIA is a primary piece of audit evidence.
• Lawful basis. Every processing of personal data needs a valid basis (consent, contract, legitimate interest, etc.). Reusing data collected for one purpose to train a model usually needs a fresh basis.
• Data minimization & purpose limitation. Collect and retain only what is necessary, and do not repurpose data without a valid basis — a frequent AI failure mode.
• Transparency & data-subject rights. Individuals must be informed about processing logic in meaningful terms, and can exercise access, rectification, and erasure rights — which interact awkwardly with trained models.

Sectoral and regional rules

Beyond GDPR, sector and regional regimes apply existing rules to AI: financial supervisors enforce model risk management and fair-lending rules; health authorities regulate AI in medical devices; the US has a patchwork of state laws (e.g., bias-audit requirements for automated employment tools) and sectoral rules (HIPAA, FCRA); and other jurisdictions have their own privacy regimes. The auditor's job is to confirm the organization has identified all applicable regimes for each use case — not just the headline AI law.

6 · ISACA's own guidance

The exam is an ISACA credential, so it is worth understanding the mindset ISACA's own materials promote — even though the exam tests judgement, not the marketing of any single product. ISACA frames AI through its broader Digital Trust lens and its established governance heritage.

• ISACA Digital Trust Ecosystem & AI resources. ISACA positions AI assurance within "digital trust" — the confidence in the integrity of relationships and transactions in the digital world. Its AI audit guidance, white papers, and toolkits give auditors practical programs, risk catalogues, and audit steps that align to the same trustworthy-AI characteristics the other frameworks use. The exam mindset that flows from this: an auditor builds and sustains trust by ensuring AI risk is identified, owned, controlled, and independently assured.
• COBIT for governance. COBIT is ISACA's framework for the governance and management of enterprise IT. It does not regulate AI, but it provides the governance scaffolding — clear separation of governance (set direction, monitor) from management (plan, build, run, monitor), defined roles, and an enterprise view — into which AI governance should slot rather than standing apart. Expect the exam to reward answers that integrate AI governance with existing enterprise governance instead of creating a disconnected parallel regime.

7 · How the frameworks map together

Pull it all together with one comparison. The single most testable skill is matching the right instrument to the need — risk process, certifiable management system, binding product law, privacy law, or principles. Use this table as your final-review cheat sheet.