AI Risk and Compliance: Audit and Governance Foundations
Keep adding new skills with 10,000+ programs for $239 (usually $399). Save now.
AI Risk and Compliance: Audit and Governance Foundations
This course is part of Managing AI Systems: Development, Deployment, and Governance Specialization
Instructor: Board Infinity
Included with
Ask Coursera
Recommended experience
Recommended experience
What you'll learn
Execute adversarial red teaming scans using Giskard to identify and prioritize AI vulnerabilities
Classify AI systems under the EU AI Act and apply NIST AI RMF across the AI lifecycle
Generate SHAP/LIME explanations and create audit-ready transparency documentation
Implement guardrails, PII scrubbing with Presidio, and governance controls to mitigate Shadow AI
Skills you'll gain
- Compliance Management
- Legal Risk
- Responsible AI
- Risk Management Framework
- Compliance Auditing
- Threat Modeling
- Risk Mitigation
- AI Security
- AI Integrations
- Law, Regulation, and Compliance
- Personally Identifiable Information
- Data Loss Prevention
- Regulatory Requirements
- Governance Risk Management and Compliance
- Safety Audits
- Compliance Reporting
- Safety Assurance
- Regulatory Compliance
- Regulatory Documents
- Vulnerability Assessments
Details to know
April 2026
16 assignments
See how employees at top companies are mastering in-demand skills
Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate
There are 4 modules in this course
This advanced course provides a practical, end-to-end approach to governing, securing, and auditing AI systems in enterprise environments. Learners begin by examining adversarial threats to AI systems—including jailbreaks, prompt injection, data leakage, manipulation, and misinformation attacks—and practice structured red teaming using both manual and automated techniques. Participants learn how to analyze vulnerability severity and exploitability, prioritize remediation, and evaluate AI system readiness under adversarial conditions while communicating findings through clear, audit-ready documentation.
The course then explores regulatory and governance frameworks, focusing on the EU AI Act and the NIST AI Risk Management Framework (Govern, Map, Measure, Manage). Learners analyze AI system classifications, risk tiers, and obligations, and apply NIST AI RMF principles across the AI lifecycle. The course also covers key legal and compliance risks, including copyright, licensing, and data usage concerns in training data and outputs, and guides learners in creating concise compliance documentation and policies aligned with EU AI Act and NIST AI RMF requirements. Learners dive into explainability for LLMs and other AI models, exploring challenges and techniques such as SHAP, LIME, and attention visualization. They apply these tools to generate human-readable explanations, and critically evaluate the faithfulness, reliability, and quality of these explanations for different stakeholders. Finally, the course turns to safety engineering and organizational governance, including implementing guardrails frameworks (e.g., Guardrails AI, NVIDIA NeMo) and using Presidio for PII detection, masking, and anonymization in AI and RAG pipelines. Learners assess Shadow AI risks and design governance strategies, monitoring, and control architectures that mitigate unsafe AI usage, document vulnerabilities, and support continuous regulatory compliance. Disclaimer: This is an independent educational resource created by Board Infinity for informational and educational purposes only. This course is not affiliated with, endorsed by, sponsored by, or officially associated with any company, organization, or certification body unless explicitly stated. The content provided is based on industry knowledge and best practices but does not constitute official training material for any specific employer or certification program. All company names, trademarks, service marks, and logos referenced are the property of their respective owners and are used solely for educational identification and comparison purposes.
In this module, learners dive into the adversarial threat landscape for modern AI systems and practice structured red teaming workflows. You will explore real-world AI threat models, including jailbreaks, prompt injection, leakage, and manipulation attacks, and distinguish benign failures from genuinely adversarial behavior. Through videos, readings, AI dialogues, and a hands-on lab using Giskard, you will learn how to execute automated red teaming, interpret vulnerability reports, and prioritize remediation actions. By the end of the module, you will be prepared to evaluate system readiness under adversarial conditions and document findings in an audit- and security-friendly format.
What's included
8 videos3 readings4 assignments1 plugin
8 videos•Total 65 minutes
- Career Scope in AI Governance, Red Teaming & Risk•6 minutes
- LLM Threat Categories: Jailbreaks, Leakage & Manipulation•10 minutes
- Distinguishing Benign Failures vs Adversarial Behavior•8 minutes
- How Prompt Injection Works (Attack Anatomy)•6 minutes
- How Prompt Injection Works (Attack Anatomy) - Part 2•1 minute
- Jailbreak Techniques Against Modern Chat Models•14 minutes
- Stress-Testing LLM Defenses Across Architectures•9 minutes
- Introduction to Giskard Vulnerability Scans•11 minutes
3 readings•Total 90 minutes
- “LLM Threat Taxonomy & Real-World Enterprise Attack Patterns”•30 minutes
- “Enterprise Adversarial Prompt Catalog”•30 minutes
- “Giskard Scan Interpretation Guide”•30 minutes
4 assignments•Total 105 minutes
- Topics: red teaming, threat models, adversarial techniques, Giskard findings.•60 minutes
- Understanding AI Threat Models•15 minutes
- Prompt Injection, Jailbreaks & Adversarial Stress-Testing•15 minutes
- Using Giskard for Automated Red Teaming•15 minutes
1 plugin
- Quick Course Check-In•0 minutes
This module focuses on the regulatory and risk-management frameworks that govern enterprise AI systems, with emphasis on the EU AI Act, the NIST AI Risk Management Framework (RMF), and key copyright and data usage issues. Learners will analyze EU AI Act risk tiers, high-risk obligations, conformity assessments, and post-market monitoring requirements. You will then map AI lifecycle activities to the NIST AI RMF functions and apply NIST-aligned risk assessment techniques. The module also examines training-data licensing, ownership of LLM outputs, enterprise liability, and unauthorized training risks. Through a lab and applied exercises, you will classify AI systems under the EU AI Act, map risks to NIST functions, and produce concise compliance documentation.
What's included
7 videos3 readings4 assignments
7 videos•Total 58 minutes
- EU AI Act Overview & Risk Categories•6 minutes
- Mandatory Requirements for High-Risk Systems•9 minutes
- Conformity Assessments & Post-Market Monitoring•8 minutes
- Applying RMF Across the AI Lifecycle•7 minutes
- NIST-Aligned Risk Assessment Techniques•14 minutes
- Training-Data Licensing Risks•5 minutes
- Enterprise Liability & Unauthorized Training•8 minutes
3 readings•Total 90 minutes
- “EU AI Act Compliance Checklist for Enterprises”•30 minutes
- “NIST RMF Implementation Blueprint”•30 minutes
- “Copyright & AI — Current Case Law & Risk Patterns”•30 minutes
4 assignments•Total 105 minutes
- EU AI Act, NIST mapping, copyright risk.•60 minutes
- EU AI Act: Risk Tiers, Obligations & Documentation•15 minutes
- NIST AI RMF (Govern, Map, Measure, Manage)•15 minutes
- Copyright, Data Usage & Legal Exposure•15 minutes
In this module, learners explore explainable AI (XAI) techniques and transparency practices for large language models and other complex systems. You will investigate why explainability is challenging for LLMs and compare leading XAI methods such as SHAP, LIME, and attention maps, including guidance on when to use each. The module then turns to stakeholder-facing communication, showing how to generate human-readable explanations and present them effectively to executives and regulators while maintaining faithfulness and reliability. Finally, you will design transparency workflows that satisfy governance and compliance requirements, including documentation of system and decision flows. A hands-on lab guides you through applying SHAP or LIME to a text classifier and drafting a transparency report suitable for audits.
What's included
10 videos3 readings4 assignments
10 videos•Total 66 minutes
- Why Explainability Is Difficult for LLMs•8 minutes
- Comparing XAI Techniques: SHAP, LIME, Attention Maps•8 minutes
- When to Use Which XAI Method•8 minutes
- When to Use Which XAI Method Part -2•1 minute
- Generating Human-Readable Explanations•6 minutes
- Presenting Explanations to Executives/Regulators•6 minutes
- Faithfulness & Reliability of Explanations•6 minutes
- Transparency Requirements Across Frameworks•6 minutes
- Creating System & Decision Flow Documentation•8 minutes
- Designing Transparency Workflows•9 minutes
3 readings•Total 90 minutes
- “XAI Playbook: Interpreting Predictive ML vs LLM Systems”•30 minutes
- “Executive Explanation Templates for Model Decisions”•30 minutes
- “Transparency Reporting & Audit Templates”•30 minutes
4 assignments•Total 105 minutes
- Topics: SHAP, LIME, documentation, transparency, explainability.•60 minutes
- Interpreting Black Box Models•15 minutes
- Using XAI Tools for Stakeholder Communication•15 minutes
- Transparency for Governance & Compliance•15 minutes
This capstone module addresses practical governance controls for safe AI usage, focusing on guardrails frameworks, PII protection, and Shadow AI mitigation. Learners begin by implementing guardrails for safety and policy enforcement using Guardrails AI and NVIDIA NeMo, including rule-based and semantic guardrails and testing them against attacks. The module then introduces Microsoft Presidio for PII detection and anonymization, demonstrating how to detect, mask, and scrub sensitive data and integrate Presidio into RAG pipelines. Finally, you will examine Shadow AI risks in enterprises, monitoring and enforcement techniques, and organization-wide governance controls. A major lab ties these elements together by red teaming a chatbot with Giskard, implementing Guardrails and Presidio, and producing comprehensive evidence and documentation that serve as the practical course capstone.
What's included
9 videos3 readings4 assignments
9 videos•Total 60 minutes
- Guardrails AI / NeMo Guardrails Overview•6 minutes
- Building Rule-Based and Semantic Guardrails•9 minutes
- Testing Guardrails Against Attacks•5 minutes
- Presidio Architecture & Entities•5 minutes
- Detecting & Masking Sensitive Data•9 minutes
- Integrating Presidio Into RAG Pipelines•8 minutes
- What Shadow AI Looks Like in Enterprises•6 minutes
- Monitoring, Policy, and Enforcement Techniques•7 minutes
- Designing Organization-Wide Governance Controls•7 minutes
3 readings•Total 90 minutes
- “Guardrails Implementation Guide”•30 minutes
- “PII Governance & Safe Data Handling”•30 minutes
- “Shadow AI Governance Framework”•30 minutes
4 assignments•Total 105 minutes
- “Help me design a governance strategy to eliminate Shadow AI risks.”•60 minutes
- Implementing Guardrails for Safety & Policy Enforcement•15 minutes
- PII Detection & Data Scrubbing with Presidio•15 minutes
- Shadow AI: Risks, Detection & Controls•15 minutes
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructor
Offered by
Explore more from Software Development
- B
Board Infinity
Course
- B
Board Infinity
Course
Why people choose Coursera for their career
Frequently asked questions
No formal governance experience is required. However, basic familiarity with AI/ML concepts and Python will help you get the most from the hands-on labs and tools used in this course.
While the course includes technical labs, the regulatory compliance and governance modules are highly relevant for policy makers, risk analysts, and compliance officers.
You'll work with Giskard for automated red teaming, SHAP and LIME for explainability, Microsoft Presidio for PII detection, and Guardrails AI/NeMo Guardrails for safety enforcement.
More questions
Financial aid available,