Model risk, regulatory compliance (MAS TRM, APRA CPS 234, EU AI Act), and responsible AI deployment.
Ship AI responsibly — model risk management, regulatory obligations (EU AI Act, MAS TRM, APRA CPS 234, NIST RMF), and the audit trail a serious governance program actually needs.
Risk, compliance, and audit leads, and heads of AI accountable for the safe deployment of models in regulated environments.
The guides are numbered — read in order for the curriculum path, or jump straight to the one you need. Each card is self-contained.
Why 2026 is the year AI governance moved from working group to board agenda, and what boards actually own.
How to design governance that speeds up safe work and slows down only the things that need to slow down.
A working map of the risks that actually show up in production, from bias and hallucination to privacy and prompt injection.
A practitioner's map of the AI rules in force globally, from binding regimes to sectoral supervision.
The EU AI Act in the specific detail practitioners need in 2026, tiered by risk and timed by phased milestones.
Which role you play under the EU AI Act, and the very different obligations that come with each.
How US AI regulation actually works in 2026, across federal executive orders, sectoral agencies, and diverging state law.
APRA, ASIC, the OAIC, and the 2026 supervisory shift, and what Australian firms should be doing now.
How Singapore's MAS and the broader APAC region regulate AI, and how their approach differs from EU-style rules.
The NIST AI RMF as a working operating system for AI risk: Govern, Map, Measure, Manage in practice.
Using ISO/IEC 42001 as the scaffolding for an AI management system that scales beyond a single team.
How MRM discipline extends to LLMs and agents: tiering, validation, monitoring, and challenger models.
Model cards, datasheets, and audit trails that survive a regulator, an incident, and a change of team.
Turning fairness, explainability, and human oversight into concrete operating practice, not slogans.
The new risk surface when AI takes action, and the guardrails, permissions, and oversight that keep it safe.
Governing the AI you didn't build and the AI your teams adopted without asking, without slowing the business.
Incident response, red-teaming, and audit readiness for AI systems, treated as a single operating capability.