A4Q AI Compliance

The curriculum is designed to develop practical compliance skills and produce business-relevant results:

1. Understanding AI compliance and the EU AI Act
   • AI in a regulatory context: Scope, roles, and obligations under the EU AI Act
   • Prohibited AI practices, enforcement mechanisms, and potential sanctions
   • Interfaces between the EU AI Act, the GDPR, product safety law, and sector-specific regulations
2. Risk-based approach and classification
   • Classification of AI systems into four risk categories: prohibited, high risk, limited risk, and minimal risk
   • Application of Annex III and qualitative criteria for identifying high-risk systems
   • Risk assessment for system changes and scaling scenarios
   • Practical implications of classification for organization, documentation, and operation
3. Implementing high-risk obligations
   • Overview of requirements: Risk management, data governance, logging, transparency, human oversight, cybersecurity, and robustness
   • Preparing audit-ready technical documentation and evidence in accordance with Annex IV
   • Industry-specific obligations in HR, finance, and public administration
4. Establishing an AI risk management system
   • AI-specific risk management cycle in accordance with the EU AI Act and ISO/IEC 23894
   • Integrating AI governance into existing management systems (QMS, ISMS, and DSMS)
   • Systematically maintaining risk registers, controls, and compliance evidence
   • Linking governance, responsibilities, and continuous improvement
5. Conformity assessment, CE marking, and transparency obligations
   • Internal vs. external conformity assessment; when to involve notified bodies
   • CE marking, declarations of conformity, and EU database registration
   • Transparency and labeling obligations for systems with limited risk (chatbots, biometric categorization, generative AI)
6. General-Purpose AI (GPAI) systems and systemic risks
   • Obligations for GPAI providers and operators: transparency, documentation, testing, copyright, incident reporting
   • Due diligence review of external foundation models (checklists and evaluation procedures)
   • Establish internal guidelines for the secure, compliance-compliant use of generative AI
7. FRIA and post-market monitoring
   • Conduct fundamental rights impact assessments (FRIAs) and integrate them with DPIA
   • Establish processes for post-market monitoring and reporting of serious incidents
   • Use monitoring findings for continuous compliance improvement
8. AI governance, ethics, and international considerations
   • Establish and embed governance roles, committees, and escalation pathways
   • Apply voluntary governance frameworks (Ethical AI, CSR, ESG) and international ethical standards (OECD, UNESCO)
   • Navigate cross-border regulation, export controls, IP/licensing, and global supply chain risks

Upon completing the training, participants can take the Certified Professional for AI Compliance (A4Q AI Compliance) exam. This internationally recognized certificate demonstrates that its holders can competently implement, document, and audit the EU AI Act in a corporate environment.

• Exam format: 40 multiple-choice questions, 60 minutes; a minimum of 65% correct answers is required to pass
• Exam provider: GASQ or iSQI
• Validity period: 2 years. Recertification is required thereafter.
• A4Q AI Compliance is the third module in the A4Q AI Certification Portfolio, building upon the foundational certifications A4Q AI Essentials and A4Q AI Foundation.
• Sample exams and the syllabus are available for download.

All participants receive a certificate for completing the course, regardless of the exam option selected.

• Structured compliance expertise covering the entire AI system lifecycle, from risk classification to audit documentation.
• Strong practical focus: FRIAs, post-market monitoring, and technical documentation in accordance with Annex IV are developed using a practical approach.
• Broad international regulatory coverage: EU AI Act, GDPR, ISO/IEC 42001, ISO/IEC 23894, and NIST RMF.
• Internationally recognized certificate from GASQ or iSQI.
• Ideal follow-up to A4Q AI Essentials or A4Q AI Foundation, offering a logical next step for those responsible for regulated AI environments.

• Prerequisites: Knowledge equivalent to the A4Q AI Foundation level, or comparable professional experience in AI governance or compliance, is recommended.
• Course duration: 2 days
• Format: Live online training. Optional certification exam administered by GASQ or iSQI.
• Language: Curriculum, exam, and sample exam available in German and English
• Certificate: Certificate of attendance + option for A4Q AI Compliance certification (Certified Professional for AI Compliance – EU AI Act)

The A4Q AI Compliance training is designed for:

• AI compliance officers, data protection officers (DPOs), and legal experts who are responsible for implementing the EU AI Act within their organizations
• Professionals in risk management, audit, and governance who design and operate AI control systems
• Product managers, project managers, and architects working on high-risk or regulated AI systems
• Procurement and supplier management teams evaluating AI systems and GPAI providers
• Public sector officials responsible for AI-supported decision-making processes and required to conduct fundamental rights impact assessments
• Executives in CSR, ESG, and digital transformation seeking to embed AI in a trustworthy and compliant manner

The EU AI Act has been phased in since 2024. Implementation deadlines are now in effect. Organizations that use or develop AI systems must classify and document them and demonstrate that they meet legal requirements. Violations can result in severe penalties.

The A4Q AI Compliance training provides you and your team with the structured knowledge needed to navigate this regulatory framework, covering everything from risk classification and audit-ready documentation to integrating AI governance into existing management systems. You will learn to not only operate in compliance, but also to view compliance as a strategic advantage through clear responsibilities, documented controls, and an AI governance framework that grows with your organization.