AAIA vs AAISM vs AAIR: ISACA's Three AI Certs, Compared (2026)

ISACA now offers three AI certifications. AAIA for AI audit, launched May 2025. AAISM for AI security management, launched August 2025. AAIR for AI risk, launched April 15, 2026. Pick the one that matches your current role and credential: CISA holders go to AAIA, CISM or CISSP holders to AAISM, CRISC and risk-track holders to AAIR. Stacking two is rarely worth the cost in time, money, and 20-CPE-per-year recertification load. The cross-credential matrix below is the fastest way to find your answer.

The 60-Second Answer

Between May 2025 and April 2026, ISACA released three AI-focused certifications in eleven months. The order matters. AAIA came first because audit was the function most behind on AI, and ISACA's audit constituency — CISA holders — is the largest installed base. AAISM followed because the security-management track was demanding it, and AAISM finally gave CISM and CISSP holders an AI-specific specialization that wasn't a generic vendor course. AAIR arrived this spring as the risk-track answer, mapping to CRISC and to 24 other risk-and-governance credentials.

The cert you take should match the job you do. If you audit AI systems, AAIA. If you manage AI security posture, AAISM. If you govern AI risk, AAIR. If none of those describe your role precisely, the decision matrix below handles the edge cases.

One note on scope. I hold AAIA and passed on the first attempt in January 2026. I have not sat AAISM or AAIR. Everything in this article about AAIA is first-hand. Everything about AAISM and AAIR is sourced from ISACA's primary materials, the official exam content outlines, and cross-referenced secondary sources.

What ISACA Actually Built — and When

Three Certs in Eleven Months

ISACA shipped three AI certifications inside a single fiscal year. That pace is unusual for an organization whose credentialing process typically runs on multi-year cycles. The explanation is competitive: the AI governance and assurance market moved faster than any standards body anticipated, and ISACA needed to plant flags across all three lines of defense before vendor-led alternatives absorbed the professional demand.

The shipping order reflects ISACA's installed base. CISA holders number in the hundreds of thousands globally — the largest single constituency. AAIA launched first because it served the largest addressable audience and because AI audit was the most acute gap: regulators were already asking for AI audit evidence, and CISA holders had no AI-specific credential to point to. AAISM came second, serving CISM and CISSP holders who were fielding AI security questions from boards and regulators. AAIR arrived third, serving the CRISC-anchored risk function that sits between governance and operations.

Each Cert Maps to an Existing ISACA Track

The design logic is explicit. AAIA extends the CISA track into AI audit. AAISM extends the CISM track into AI security management. AAIR extends the CRISC track — and a broader set of 25 qualifying credentials — into AI risk governance. Each cert assumes you already hold the base credential and adds the AI layer on top. None of them is a standalone entry point into the profession.

This matters for how you study. If you hold CISA and pursue AAIA, roughly half of what you already know from CISA maps directly to AAIA's governance and auditing domains. The new material is concentrated in AI operations — MLOps, model risk, AI system architecture — which is Domain 2 of the AAIA exam and carries 46% of the weight. The same pattern holds for AAISM (new material is AI-specific security controls and threats) and AAIR (new material is AI-specific risk lifecycle management and program governance).

AAIA, AAISM, and AAIR Side-by-Side

Exam Content and Domains

The domain structures reveal where each cert diverges. All three share a governance and frameworks domain — NIST AI RMF, ISO/IEC 42001, EU AI Act, and ISACA's own frameworks appear across all three exams. That overlap is real and useful if you're stacking certs. Beyond Domain 1, the exams pull in different directions.

AAIA domains: AI Governance and Risk (33%), AI Operations (46%), AI Auditing Tools and Techniques (21%). Domain 2 is the one that surprises CISA holders — nearly half the exam tests AI operations knowledge, including MLOps pipelines, model training and validation, AI system architecture, and data governance in AI contexts.

AAISM domains: AI Governance and Program Management (31%), AI Risk Management (31%), AI Technologies and Controls (38%). AAISM weights security controls and AI technology knowledge most heavily. Domain 3 covers adversarial ML, AI-specific threat modeling, MITRE ATLAS, and the controls landscape for AI systems in production.

AAIR domains: AI Risk Governance and Framework Integration (37%), AI Life Cycle Risk Management (21%), AI Risk Program Management (42%). AAIR's heaviest domain is Risk Program Management — the operational side of running an AI risk function: policies, procedures, reporting, escalation, and cross-functional coordination.

Prerequisites

AAIA requires holding CISA or a recognized equivalent audit credential. As of July 22, 2025, ISACA expanded the prerequisite list to nine qualifying credentials: CISA (ISACA), CIA (IIA), US CPA (AICPA), ACCA, FCCA (both from the Association of Chartered Certified Accountants), Canadian CPA (CPA Canada), CPA Australia, FCPA (CPA Australia), and Japanese CPA (JICPA). AAISM has the strictest gate: active CISM or CISSP, full stop. ISACA has not expanded the AAISM prerequisite list the way it has for AAIR. If you hold CISA but not CISM or CISSP, you cannot currently sit AAISM. AAIR has the broadest prerequisite list — 25 qualifying credentials including CISA, CISM, CRISC, CGEIT, CDPSE, CRMP, CRMA, CGRC, CISSP, CERP, CRCM, and others.

Cross-Credential Decision Matrix

Find your current credential and read across to find the recommended path. CISA: AAIA eligible, AAIR eligible — recommended AAIA. CISM: AAISM eligible, AAIR eligible — recommended AAISM. CISSP: AAISM eligible, AAIR eligible — recommended AAISM. CRISC: AAIR eligible only — recommended AAIR. CGEIT: AAIR eligible only — recommended AAIR. CISA + CISM: all three eligible — role-dependent (audit → AAIA, security → AAISM). CISA + CRISC: AAIA and AAIR eligible — role-dependent (audit → AAIA, risk → AAIR). CISM + CRISC: AAISM and AAIR eligible — role-dependent (security → AAISM, risk → AAIR). CIA: AAIA only. CPA (AICPA): AAIA only.

What It Actually Felt Like to Sit AAIA

First-hand. January 2026, first attempt. The exam is 90 questions in 150 minutes — 100 seconds per question. The questions are scenario-based, not definitional. You won't be asked to define NIST AI RMF's Govern function. You'll be asked what an AI auditor should do when a model's risk classification has changed since the last audit cycle and the business unit hasn't updated the documentation.

Domain 2 — AI Operations — is where the exam earns its difficulty. Nearly half the exam lives there. Questions cover MLOps pipeline stages, model validation approaches, data drift and concept drift, AI system architecture decisions, and the audit implications of each. If you've spent your career in financial or compliance audit without touching AI systems, this domain will require the most preparation.

MITRE ATLAS appeared more frequently than I expected. It's not just a reference; it's a framework that shows up in scenario questions about adversarial AI threats and audit response. Know it at the application level, not just the definitional level. The scaled scoring (200–800) means you can miss questions and still pass. Pattern recognition matters more than perfect recall.

AAISM and AAIR: From Someone Who Hasn't Sat Them

I hold AAIA. I have not sat AAISM or AAIR. What follows is sourced from ISACA's primary materials, the official exam content outlines, cross-referenced accounts from AAISM holders on LinkedIn and r/isaca, and the Training Camp AAIR guide published in April 2026.

On AAISM: the consistent observation from holders is that Domain 3 — AI Technologies and Controls — is the hardest domain for CISM holders who haven't worked directly with AI systems in production. The adversarial ML content, MITRE ATLAS threat taxonomy, and AI-specific control frameworks require learning that doesn't transfer from traditional security management. Holders with hands-on AI security engineering experience report the exam as manageable; those coming purely from governance and policy roles report Domain 3 as the gap to close.

On AAIR: the cert is six weeks old at the time of writing. The first-hand accounts are sparse. What can be reasonably inferred from the exam content outline: Domain 3 (AI Risk Program Management, 42%) will reward CRISC holders who have built or managed risk programs. Domain 2 (AI Life Cycle Risk Management, 21%) is the new material for most CRISC holders, covering AI-specific risk across model development, deployment, and monitoring. ISACA's prep materials are available at launch; third-party resources are still developing.

Should You Take Two — or All Three?

Every certification comparison article you read on this topic was written by someone whose business model depends on you taking the certs. Bootcamp companies sell prep. ISACA sells the exam, the membership, the renewal CPEs. Training providers sell their curricula. I sell an iPad app for one of the three. So the contrarian read deserves to be in the article: for most working professionals, taking one of these three certs is enough, and stacking two costs more than it pays.

The math on stacking: two ISACA AI certs cost roughly $1,200 in exam and application fees at member rates, before study materials. Eighty hours of focused prep per cert is realistic. Stacking two costs 160 hours of evenings and weekends inside a calendar year. Renewal load doubles — 20 CPEs per year per cert (120 CPEs over the three-year cycle), plus fees stacked. The hiring signal from a second AI cert in the same family is incremental, not multiplicative.

The case for stacking exists in three narrow situations: you hold a hybrid role (a senior CISA who performs both AI audit and AI risk treatment); you're building a consulting practice where breadth is a market signal; or your employer is paying. Outside those three, the better move is to earn one cert and spend the 80 hours you would have spent on the second cert on a project that demonstrates AI capability at your job. A documented internal AI control framework or real engagement with EU AI Act compliance work signals more than a second three-letter acronym. This is an opinion, not an ISACA position.

Salary and Career Impact, Honestly

Certification-driven compensation claims are weakly sourced for credentials that are less than a year old. AAIA launched in May 2025. AAISM in August 2025. AAIR in April 2026. There is no credible salary premium data for any of them yet — the sample sizes are too small and the time horizon too short for meaningful regression. Information Security Analysts (SOC 15-1212) had a median annual wage of $124,910 in the May 2024 BLS OES release. These certs likely act as a tiebreaker in hiring decisions rather than a salary multiplier — signaling current-domain relevance in a way that a generic CISA or CISM renewal doesn't.

How to Prepare for Each

AAIA: the exam rewards scenario fluency over definitional recall. Domain 2 (AI Operations, 46%) is where most CISA holders need to invest the most time. Six to eight weeks at 10 hours per week is realistic for a CISA holder with 3+ years of audit experience. The AAIA Prep app adds 1,155 original scenario questions and a full framework library mapped to exam domains.

AAISM: Domain 3 (AI Technologies and Controls, 38%) is the gap for most CISM holders. Prioritize adversarial ML concepts, MITRE ATLAS threat taxonomy, and AI-specific control frameworks. ISACA's Q&A database is the primary resource; bootcamp providers offer structured preparation for those who prefer guided instruction.

AAIR: the cert is new enough that third-party prep resources are still developing. ISACA's own materials are the primary resources at launch. Domain 3 (AI Risk Program Management, 42%) maps closely to what senior CRISC holders already do; invest preparation time in Domain 2 (AI Life Cycle Risk Management, 21%), which covers AI-specific risk across the model development and deployment lifecycle.

FAQ

When did AAIA, AAISM, and AAIR launch?

AAIA was released in May 2025. AAISM followed on August 19, 2025. AAIR formally launched April 15, 2026, with registration and prep materials available at launch.

Which is hardest?

Different, not strictly harder. AAIR draws on risk-treatment fluency that CRISC holders carry natively. AAISM weights security-engineering controls heavily and assumes CISM-level baseline. AAIA weights AI operations (46% of the exam) and rewards pattern recognition in audit scenarios. The hard one is whichever sits furthest from your day job.

Does AAIR replace AAIA or AAISM?

No. ISACA's positioning is explicit: the three certs serve three different functions and are designed to coexist. AAIR is not a successor; it's a sibling.

I hold CISA and CISSP. AAIA or AAISM?

Take the one that matches your role today. If you audit, AAIA. If you manage security, AAISM. If you're in a hybrid or career-transition role, AAIA is the more flexible signal because audit is the function that pulls AI governance toward operational evidence — and that's where most organizations' near-term AI compliance work will live.

I'm CRISC-certified. Should I take AAIR or AAIA?

If your day-to-day is risk identification, treatment, and governance, AAIR is the closer match. If you're a CRISC holder who has moved into an audit or assurance role, AAIA may serve you better — your CRISC qualifies you for both, so the decision comes down to function, not eligibility.

Will employers value these by 2027?

Yes for AAIA and AAIR. Less so for AAISM as a standalone signal. Regulated organizations are formally building AI audit and AI risk functions in 2026 under EU AI Act enforcement timelines and US sectoral AI guidance. AI security is being absorbed into existing CISM and CISSP roles in most organizations, which dilutes AAISM's distinct value proposition. This is an opinion, not a guarantee.

Bottom Line

ISACA built three certs for three jobs. Find your current credential in the matrix above, read across to your role, and pick the cert that aligns. If you audit AI systems, AAIA. If you manage AI security posture, AAISM. If you govern AI risk, AAIR. Stacking is a real option for hybrid-role professionals and consultants. For everyone else, one cert done well — backed by actual project work — is worth more than two certs done in parallel.