Appalachia AI Operators
Sign inSubscribe
← Back to courses

AI Governance and Risk Basics

A $75 governance course for small teams adopting AI. Covers NIST AI RMF concepts, generative AI risk categories, data exposure, prompt injection, model behavior monitoring, user disclosures, and lightweight approval processes. Built for operators who need a usable risk desk without enterprise bureaucracy. Core sources: - https://www.nist.gov/itl/ai-risk-management-framework - https://www.nist.gov/itl/ai-risk-management-framework/generative-artificial-intelligence-profile - https://owasp.org/www-project-top-10-for-large-language-model-applications/

Curriculum

  1. 1.
    Governance that operators can actually use
    A lightweight operating model for ownership, documentation, approvals, incident handling, and review cadence.
  2. 2.
    NIST AI RMF in plain language
    Map, measure, manage, and govern as a working loop rather than a compliance slogan.
  3. 3.
    Generative AI risk inventory
    Hallucination, data leakage, overreliance, bias, IP exposure, excessive agency, and third-party model dependencies.
  4. 4.
    Prompt injection and tool risk
    Why connected tools change the risk profile and what constraints reduce blast radius.
  5. 5.
    Policy templates for small teams
    Acceptable use, sensitive data handling, review standards, vendor review, and customer-facing disclosure.
  6. 6.
    Risk review meeting
    A monthly review format that keeps owners, incidents, metrics, and next actions visible.