Course Outline
AI in the Enterprise: Strategic and Legal Perspectives
- AI adoption in core business functions: opportunities and risks
- Executive responsibility in AI governance
- High-risk AI systems and organisational exposure
AI Risk Classification and the Global Regulatory Landscape
- EU AI Act: risk tiers, requirements, and penalties
- U.S. Executive Order on AI and emerging federal and state regulations
- AI-related compliance within GDPR, HIPAA, and other frameworks
- Overview of ISO/IEC 42001, NIST AI RMF, and OECD AI Principles
Security and Oversight of AI Systems
- AI security posture: threats, vulnerabilities, and safeguards
- Incident response and breach notification in AI-driven workflows
- Auditing and traceability of model inputs, decisions, and outputs
Responsible AI Procurement and Vendor Risk
- Due diligence when sourcing AI tools (including LLMs and APIs)
- Key contract elements: data ownership, model explainability, and SLAs
- Evaluating vendor claims: bias mitigation, privacy guarantees, and safety
Internal Governance Frameworks and Organisational Controls
- Creating AI use policies across departments
- Ethics committees, risk review boards, and cross-functional oversight
- Training, documentation, and compliance integration
Use Case Evaluation and Risk Scenarios
- Assessing high-impact use cases (e.g., HR screening, finance scoring, customer service bots)
- Tools and templates for AI risk assessments
- Scenarios: misalignment, drift, hallucination, and discrimination
Emerging Trends and Future Considerations
- Anticipating regulatory evolution and global convergence
- GenAI-specific risks and governance extensions
- Responsible scaling of AI operations within the enterprise
Summary and Next Steps
Requirements
- A foundational understanding of enterprise risk, legal, or technology frameworks.
- Experience in executive leadership, cybersecurity, or compliance oversight.
- No prior technical knowledge of AI development is required.
Target Audience
- Chief Information Security Officers (CISOs)
- Legal counsel and compliance officers
- Chief Technology Officers (CTOs)
Testimonials (2)
I really enjoyed learning about AI attacks and the tools out there to begin practicing and actively using for security testing. I took a lot of knowledge away which I didn't have at the beginning and the course met what I hoped it would be. My favorite part shown from the training was Comet Browser and was amazed at what it could do. Definitely something will be looking into more. Overall it was a great course and enjoyed learning all OWASP GenAI Top 10.
Patrick Collins - Optum
Course - OWASP GenAI Security
The profesional knolage and the way how he presented it before us
