1.1 AIGP exam facts & study strategy

Key Takeaways

  • The AIGP is administered by the IAPP and, launched in 2024, was the first broadly recognized certification focused on governing AI rather than building it.
  • The exam is computer-based with roughly 100 multiple-choice questions and about 2.5 hours to complete, delivered through Pearson VUE.
  • The Body of Knowledge spans six domain areas: AI foundations, responsible-AI principles, AI laws and standards, the development lifecycle, governance/risk implementation, and ongoing issues.
  • IAPP reports results as pass/fail on a scaled score, and the credential is maintained with 20 CPE credits per two-year cycle plus an annual maintenance fee.
  • Governance exams reward conceptual understanding and cross-mapping frameworks (NIST AI RMF, EU AI Act, ISO/IEC 42001) over rote memorization.
Last updated: July 2026

What the AIGP is and who issues it

The Artificial Intelligence Governance Professional (AIGP) is a certification administered by the International Association of Privacy Professionals (IAPP), the same organization behind the established CIPP, CIPM, and CIPT privacy credentials. Introduced in 2024, the AIGP was the first broadly recognized professional certification aimed squarely at governing artificial intelligence rather than engineering it. It certifies that a professional can help an organization develop, procure, integrate, deploy, and oversee AI systems responsibly and in line with emerging laws, technical standards, and stakeholder expectations. The credential is deliberately vendor-neutral and framework-agnostic: it does not teach one company's platform or one jurisdiction's statute, but instead builds a shared vocabulary and mental model that a governance professional can apply across the NIST AI Risk Management Framework, the EU AI Act, ISO/IEC 42001, and internal corporate policy.

Who the exam is for

The AIGP is designed for professionals who sit at the intersection of technology, law, ethics, and business — not for data scientists writing model code. Typical candidates include privacy officers expanding into AI oversight, compliance and risk managers, in-house counsel, audit and assurance staff, product and program managers, information-security leaders, and consultants advising on AI strategy. There is no formal prerequisite, degree, or prior IAPP certification required, though IAPP recommends candidates have some working familiarity with technology programs, project management, or data governance. Because AI governance is inherently cross-functional, the exam rewards people who can connect a technical concept (say, model drift) to a legal obligation (ongoing monitoring) and an organizational control (a human-in-the-loop review gate).

Exam format and the body of knowledge

The AIGP exam is a computer-based, multiple-choice test of roughly 100 questions delivered through Pearson VUE, either at a physical test center or via online proctoring. Candidates are given about 2.5 hours (150 minutes) to complete it. Some items are unscored "pretest" questions the IAPP is trialing for future exams, but they are indistinguishable from scored items, so you should answer every question with equal care. There is no penalty for guessing, so never leave a question blank.

The exam is built from a published Body of Knowledge (BoK) organized into domains. At a high level the six domain areas are:

Domain areaWhat it covers
Foundations of AIDefinitions of AI, ML, deep learning, and generative AI; core technical vocabulary
AI impacts & responsible-AI principlesHarms and benefits to people; fairness, transparency, accountability, and related principles
AI laws and standardsHow existing laws apply to AI, plus emerging laws (EU AI Act) and standards (NIST, ISO/IEC 42001)
AI development life cycleStages from planning and data through build, test, deploy, monitor, and retire
Implementing AI governance & risk managementGovernance structures, risk assessment, controls, and documentation
Ongoing issues and concernsFrontier questions: autonomous systems, misinformation, environmental impact, ethics

IAPP's official blueprint actually splits the laws area into two sub-domains (how current laws apply, and emerging laws/standards), which is why some sources describe seven domains; the substance is the same. Roughly speaking, foundations and responsible-AI principles anchor the early questions, the lifecycle and governance-implementation domains carry the heaviest practical weight, and laws thread through the entire exam.

Scoring and recertification

IAPP reports results as pass or fail based on a scaled score rather than a simple percentage of questions answered correctly. Scaling accounts for slight differences in difficulty between exam forms, so there is no single published "you need X% right" number; the practical goal is solid competence across every domain, not squeaking past a threshold. You typically learn your provisional result immediately after finishing.

Once earned, the certification must be maintained. IAPP requires continuing professional education (CPE) — 20 CPE credits over each two-year certification cycle — plus payment of an annual certification maintenance fee. CPE can be earned through IAPP events, approved training, webinars, and relevant professional activity. Letting CPE or fees lapse can suspend the credential, so plan maintenance from day one. (Exam and maintenance fees change over time; confirm current amounts on iapp.org before you register.)

How to study a governance exam

An AI governance exam rewards conceptual understanding and cross-mapping far more than rote memorization. Use these strategies:

  • Learn concepts, not trivia. You will rarely be asked to recite an article number; you will be asked to apply a principle to a scenario. Understand why a control exists.
  • Cross-map frameworks. Practice lining up the NIST AI RMF functions (Govern, Map, Measure, Manage), the EU AI Act's risk tiers, and ISO/IEC 42001's management-system approach so you can translate between them.
  • Think in scenarios. Many items describe a situation and ask for the best next step. Read for the stakeholder affected, the lifecycle stage, and the risk in play.
  • Connect roles to responsibilities. Know who does what — provider versus deployer, board versus model owner — because governance questions hinge on accountability.
  • Master the vocabulary early. Foundations questions are "free points" if you know terms like inference, parameters, and drift cold, so front-load this Chapter 1 material.

Treat the six domains as an integrated system: a fairness principle (responsible AI) becomes a bias test (lifecycle) enforced by a control owner (governance) to satisfy a legal duty (laws). Studying the connections, not the silos, is what the AIGP is really testing.

Test Your Knowledge

Which organization administers the AIGP certification?

A
B
C
D
Test Your Knowledge

A candidate finishes the exam with time left and notices two questions she is unsure about and left blank. Given how the exam is scored, what should she do?

A
B
C
D
Test Your Knowledge

How does IAPP report AIGP results, and how is the credential maintained afterward?

A
B
C
D