ISACA AAIR, short for Advanced in AI Risk, is the newest credential in ISACA's growing AI portfolio, and it landed at exactly the moment that boards, regulators and auditors started asking hard questions about how organisations manage artificial intelligence. If you already hold CRISC, CISM, CISA or another ISACA-recognised certification and you keep getting pulled into AI risk conversations, AAIR is the credential built for your lane. The question every risk professional is asking is simple: are the three domains, the exam fee and the study time actually worth it in 2026?
This guide gives you the honest answer. We cover the exam format, the three domains, the prerequisites that gate entry, the full cost (including the fees nobody mentions), how AAIR differs from ISACA's other two AI certifications, and who should and should not sit it this year.
What Is the ISACA AAIR Certification?
AAIR is an advanced, specialist credential that bolts an AI risk layer onto an existing ISACA-level qualification. ISACA launched it on 15 April 2026 as the third member of a family of AI extensions, alongside AAISM (for security managers) and AAIA (for auditors). AAIR is the one aimed squarely at risk and governance practitioners.
The credential validates that you can identify, assess and manage the risks that AI systems introduce across their entire life cycle, from data sourcing and model training through deployment, monitoring and eventual retirement. It maps directly to the frameworks regulators and clients now expect risk teams to know, including the NIST AI Risk Management Framework, ISO/IEC 42001, the EU AI Act, the OWASP Top 10 for Large Language Models and MITRE ATLAS.
Exam Tip: AAIR is not an entry-level certification. It assumes you already understand core IT risk concepts and hold a qualifying ISACA-recognised credential, so treat it as a specialism on top of your existing expertise, not a first step into risk management.
In short, AAIR is for the person who already runs a risk programme and now has to fold AI into it without breaking the framework they have spent years building.
AAIR Exam Format at a Glance
The exam is delivered by PSI and follows the familiar ISACA advanced-credential pattern. Here are the confirmed details for 2026.
| Attribute | Detail |
|---|---|
| Full name | Advanced in AI Risk (AAIR) |
| Launch date | 15 April 2026 |
| Number of questions | 90 multiple-choice |
| Exam duration | 2.5 hours (150 minutes) |
| Scoring scale | 200 to 800 (scaled) |
| Passing score | 450 |
| Number of domains | 3 |
| Delivery provider | PSI |
| Prerequisite | A qualifying ISACA-recognised certification plus risk or advisory experience |
Exam Tip: A scaled passing score of 450 out of 800 does not mean you can get 56 percent of raw questions right. Scaled scoring weights items by difficulty, so aim to be comfortably above the line on every domain rather than scraping a bare pass.
With 90 questions in 150 minutes, you have roughly 100 seconds per question. That is generous compared with some technical exams, which tells you the difficulty is in the judgement each question demands, not in time pressure.
The Three AAIR Domains Explained
AAIR is built around three domains. ISACA has confirmed the domain titles, though the official percentage weightings were still being finalised at launch, so treat all three as roughly equal in importance until ISACA publishes the exact split in the AAIR Exam Content Outline.
Domain 1: AI Risk Governance and Framework Integration
This domain is about fitting AI risk into the governance structures you already run. It tests how well you can align AI initiatives with enterprise risk appetite, map AI controls to established frameworks, and translate regulation into practical policy.
Expect questions grounded in the NIST AI RMF, ISO/IEC 42001 and the EU AI Act. You need to know how these frameworks overlap, where they diverge, and how to integrate them into an existing GRC programme rather than running AI governance as a separate silo.
Domain 2: AI Life Cycle Risk Management
This is the technical heart of the exam. It covers the risks that appear at each stage of the AI life cycle: data quality and bias at the training stage, model robustness and explainability at validation, adversarial threats and prompt injection in production, and drift and decommissioning at end of life.
This is where the OWASP Top 10 for LLMs and MITRE ATLAS matter most. You should be able to recognise threats such as data poisoning, model inversion and prompt injection, and recommend proportionate controls for each.
Domain 3: AI Risk Program Management
The third domain steps back up to the programme level. It tests how you build, run and mature an AI risk function: defining roles, setting up continuous monitoring, reporting risk to senior stakeholders, and demonstrating ongoing compliance to auditors and regulators.
This domain rewards real-world experience. If you have actually stood up a risk register, run a third-party AI vendor assessment, or reported AI risk to a board, you will recognise the scenarios immediately.
AAIR Prerequisites: Who Can Sit the Exam?
AAIR is gated. You cannot simply book it cold. To earn the certification you need both proven experience in an IT risk or advisory role and one of roughly 25 qualifying ISACA-recognised designations.
Common qualifying credentials include:
- CRISC (Certified in Risk and Information Systems Control)
- CISA (Certified Information Systems Auditor)
- CISM (Certified Information Security Manager)
- CGEIT (Certified in the Governance of Enterprise IT)
- CDPSE (Certified Data Privacy Solutions Engineer)
- CISSP (Certified Information Systems Security Professional)
- CGRC, CRMA, CRMP and several other recognised risk and governance designations
If your background is CRISC, AAIR is the most natural fit of the three ISACA AI certifications. CRISC holders already think in terms of risk identification, assessment and response, so AAIR simply extends that mental model to AI systems.
AAIR vs AAISM vs AAIA: Which ISACA AI Cert Is Right for You?
ISACA deliberately split AI into three role-based extensions rather than building one giant certification. Picking the wrong one wastes money, so match the credential to your day job.
| Certification | Built for | Typical prerequisite |
|---|---|---|
| AAIR (Advanced in AI Risk) | Risk and governance professionals | CRISC, CISA, CISM, CISSP or a qualifying risk designation |
| AAISM (Advanced in AI Security Management) | Security managers and leaders | Active CISM or CISSP |
| AAIA (Advanced in AI Audit) | IT auditors | CISA or a recognised audit designation such as CIA or CPA |
The rule of thumb is straightforward. If you manage risk, choose AAIR. If you manage security, choose AAISM. If you audit, choose AAIA. They share DNA, but the exam scenarios are framed through the lens of each role, so the one that matches your job is the one you will pass most comfortably and use most at work.
If you want the security-management angle instead, our ISACA AAISM guide breaks that credential down the same way. For the broader picture of where AI certifications are heading, see AI Certifications Are Exploding, But Which Ones Actually Get You Hired?.
How Much Does AAIR Cost in 2026?
The exam fee is the headline number, but it is not the whole bill. Here is the realistic total cost of earning and keeping AAIR.
| Cost item | ISACA member | Non-member |
|---|---|---|
| Exam fee | $575 | $760 |
| Application fee | $50 | $50 |
| Annual maintenance | $45 to $85 | $45 to $85 |
A couple of points worth knowing before you book:
- ISACA membership costs around $135 a year. Because members save $185 on the exam fee alone, taking out membership before you register almost always works out cheaper if you are sitting any ISACA exam this year.
- AAIR carries an ongoing CPE requirement. You will typically need around 10 AI-domain continuing professional education hours each year to keep the credential active, on top of the annual maintenance fee.
Exam Tip: Do the membership maths before you pay. The member exam fee plus the $135 membership is still cheaper than the non-member exam fee on its own, and membership also unlocks discounted maintenance and study resources.
So the true first-year cost for a member is roughly $760 (membership, application and exam combined), not the $575 sticker price. Budget for that and the renewal will not surprise you.
Is AAIR Worth It in 2026? An Honest Verdict
Here is the balanced answer, not a sales pitch.
AAIR is worth it if:
- You already hold CRISC, CISM, CISA or a similar credential and AI risk is becoming part of your remit.
- Your organisation is subject to the EU AI Act or expects to align with ISO/IEC 42001 and the NIST AI RMF.
- You want to be early. AI risk roles are commanding premium pay in 2026, and being one of the first risk professionals with a dedicated AI risk credential is a genuine differentiator on a CV or in an internal promotion case.
AAIR is probably not worth it yet if:
- You do not already hold a qualifying ISACA credential. You cannot earn AAIR without one, so your time is better spent on CRISC, CISM or CISA first.
- You are chasing clean salary data. AAIR is new, so there is no large body of "AAIR holders earn X" evidence yet. The value case rests on early-mover advantage and role relevance, not on proven salary uplift.
- Your role has no AI exposure. If AI is not touching your risk register, the credential is premature.
The honest summary is that AAIR is a strong specialism for the right person and a waste of money for the wrong one. The deciding factor is whether AI risk is genuinely landing on your desk. If it is, the credential pays for itself in credibility the first time you walk into a board meeting and can speak fluently about the EU AI Act, model drift and third-party AI assurance.
How to Prepare for AAIR
Because AAIR is experience-led, the best preparation blends framework study with scenario practice.
- Master the frameworks. Read the NIST AI RMF and skim ISO/IEC 42001 and the EU AI Act risk tiers. You do not need to memorise clause numbers, but you must understand how the frameworks fit together.
- Learn the threat models. Work through the OWASP Top 10 for LLMs and MITRE ATLAS so you can recognise AI-specific attacks and match controls to them.
- Practise applied questions. AAIR tests judgement, not recall. The fastest way to find your weak domain is to sit realistic practice questions and review every explanation, right or wrong.
- Map it to your job. For each domain, write down how your current risk programme already handles (or fails to handle) that area. This turns abstract syllabus points into things you actually understand.
Ready to Start Practising?
AAIR rewards candidates who can apply risk judgement under exam conditions, and the only way to build that is realistic, exam-style practice with explanations that tell you why an answer is right. CertCrush helps you train exactly that way, across ISACA and the wider AI and security certification landscape.
Browse our certification courses to build your AI risk knowledge, and when you are ready to test yourself under real conditions, create a free CertCrush account and start practising today. Get the judgement sharp before exam day, not on it.