Skip to main content
Back to Academy catalog
LeadershipIntermediate

AI Governance & Risk for Boards

A 40-minute brief for board directors — what to ask, what to require, and how to report on AI risk without becoming a technical expert.

55 min·8 chapters·Board · Executive·Free

Last updated: 2026-05-19

What you'll learn

By the end of this course you'll be able to:

  • The five questions every audit committee agenda should carry
  • The framework landscape — NIST, ISO 42001, EU AI Act, GCC frameworks — and what each expects of a board
  • The six-category AI risk taxonomy — and the one sharp question per category
  • Board reporting on AI — one page, eight numbers, four narratives
  • Vendor and third-party AI risk — five risks, six contract clauses
  • Incident response — four phases, and the five board-only actions
  • The board's own AI competence — and the director-duty implications
  • Your AI governance charter on one page — formally ratifiable

Who this is for

Board directors, audit committee members, risk committee chairs, and non-executive directors. Especially valuable for boards across BFSI, healthcare, public sector, and any regulated industry where AI is now a material risk.

Curriculum

8 chapters · 1 hands-on exercises · capstone challenge

Each chapter ends with the learning objectives ticked off. Quizzes are auto-graded with feedback; exercises are open-ended and produce artifacts you can take to your team.

1

1. What boards should ask about AI

7 min
  • Carry the five questions into the next audit committee meeting
  • Recognise three governance failure modes before the incident
2

2. The framework landscape

8 minQUIZ
  • Anchor on ISO 42001 internally; map to NIST, EU AI Act, GCC
  • Translate five ISO 42001 clauses into board agenda items
3

3. The AI risk taxonomy

8 minEXERCISE
  • Name six AI risk categories with their owners and controls
  • Apply one sharp board question per category
4

4. Reporting & metrics

7 min
  • Define the one-page quarterly board pack: 8 numbers, 4 narratives
  • Recognise what does not belong on the board page
5

5. Vendor and third-party AI risk

7 min
  • Identify the five vendor risks unique to foundation-model dependence
  • Confirm six contract clauses are in place with top AI vendors
6

6. Incident response

7 min
  • Recognise five incident shapes — loud and quiet
  • Run the four-phase response, with five board-only actions
7

7. The board's own AI competence

6 min
  • Map why AI is now material to director duty
  • Make four moves to build board competence — without becoming engineers

Capstone: Capstone — Your AI governance charter on one page

5 min
  • Collapse the entire course into a five-section, board-ratifiable charter
  • Run the three-meeting adoption sequence: audit committee, full board, ratify

Capstone deliverable: Every learner who completes this course produces «Your 1-Page Board AI Governance Charter» — a tangible artifact you take back to your organization.

Interactive Course · Free

Full web-rendered experience available now.

All 8 chapters live with interactive slides, audio narration, mock-exam practice, and cross-device progress tracking. The first two chapters are accessible without an account.

Take the interactive course

References & sources

Built on cited sources — not vibes.

Every course is researched fresh against vendor documentation, regulatory sources, and peer-reviewed work. Sources used in this course:

NIST AI Risk Management Framework

National Institute of Standards and Technology · Source link

EU AI Act — Final Text

European Parliament · Source link

OECD AI Principles

OECD · Source link

NACD — Director's Handbook on Cyber Risk Oversight

National Association of Corporate Directors · Source link

Course details

Track

Leadership

Level

Intermediate

Audience

Board, Executive

Industry

Cross-Industry

Stack

Stack-agnostic

Paired Gennoor Way phase

diagnose, sustain

Format

interactive, video, reading

You finished the course. Now what?

From course to outcome.

Reading this course is step one. The next step is applying it where you work. Here's how Gennoor helps — without the deck, without the pitch.

Run this for your team

A 2-day workshop or virtual cohort for up to 25 of your people, with exercises run on your data and a 30-day adoption plan.

From $5k · 2 weeks · function-specific

Talk to us about a workshop

Apply this to your data

A 4–6 week pilot that takes what you learned and ships a working system inside your environment. Fixed scope, fixed price, code transferred day one.

From $25k · 6 weeks · production-grade

Scope a pilot

Just want to talk?

Free 30-minute call. No deck, no pitch. We listen to your situation and tell you honestly what makes sense — even if it isn't us.

Free · no commitment · 30 minutes

Book a call

Or just keep learning. We recommend next:

leadership

AI Strategy for the C-Suite

60 min

industry

AI in Financial Services

65 min

Just finished «AI Governance & Risk for Boards». Want this to go further at your organization?

Back to all 43 Academy courses