Upcoming Chapter Events
Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
Audit and Control of AI Implementation Workshop
June 9, 2026
Virtual Event (Zoom)
Earn up to 7 CPE
$200 for GWDC Members
$300 for Non-Members
Audit and Control of AI Implementation Workshop
Artificial Intelligence is being rapidly adopted by organizations. In many cases, the pervasive promotion in the media, the perceived superman-like benefits, and the ease with which AI technology can be accessed are driving adoption faster than the risks can be understood and controls put in place to mitigate and manage those risks.
This one-day seminar will provide auditors, risk managers and security professionals with an understanding of the risks inherent in AI. It presents the methods for assessing and managing the risks of AI projects, from inception through design, development, deployment and into ongoing operational use. The course will introduce the participants to important relevant regulatory standards and key industry frameworks. Best practices from industry will be introduced and discussed.
Intended audience: I.T. Auditors, Risk Managers, Security Professionals, Internal and External Auditors, IT Management and Staff, Business Managers Business Continuity and Disaster Recovery Managers, Financial Executives, Legal Counsel
Registration for this event is temporarily closed and will re-open soon!
Share this Event
If you are interested, planning to attend, or attending this event, please share with your colleagues across your social media networks.
Event Details
Date and Time
The workshop will be held on June 9, 2026 from 9:00 am to 5:00 pm.
Add this event to your calendar using the Add to Calendar link at the bottom of the page.
Virtual Event
The conference will be held using Zoom.
Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
Pricing
The fee for GWDC Members is $200 for the workshop.
The fee for all other registrants is $300 for the workshop.
To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.
Event Policies
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services.
All complaints should be submitted through the Registration Contact Form.
ISACA AI Certifications
ISACA has launced new certifications in the AI space: Advanced in AI Audit™ (AAIA™) and Advanced in AI Security Management™ (AAISM™). Click on the links below to learn more about these certifications and how they can further your career in AI. If you are interested in taking one of these certification exams, check our events calendar for upcoming review courses.
Course Outline
1. Auditing AI – Why?
- The need for auditing AI
- The value proposition for an AI audit
- The goals and objectives of an AI audit
2. Understanding AI and Generative AI (GenAI) – A Primer
- What is AI?
- How AI works
- How AI fails
3. The Risks of Artificial Intelligence
- Can we trust AI?
- Ensuring that AI is ethical
- Learning from some well-known failures
- How AI risks differ from legacy IT project risks
4. Best Practices for Controlling AI and Project Risks
- Control objectives
- Best practices
- Axiomatic and corollary AI risks
- Industry examples of success and failure
- Case study #1
5. Conducting an AI Audit
- Defining an AI audit
- Determining scope and objectives
- Key components to audit and how to do so
- Case study #2
6. The AI System Development Methodology and Project Lifecycle
- Project workstream and project approval
- Data-build workstream
- Model-build workstream
- Train, test, validate workstream
- Case study #3
7. Regulatory Statutes Relevant to an AI Audit
- General Data Protection Regulation
- California Consumer Privacy Act
- Current EU Legislation on AI
- NYC Bias Audit Law
8. Frameworks Relevant to AI
- NIST AI Risk Management Framework 1.0
- IIA AI Auditing Framework
- NIST Taxonomy of Adversarial Intelligence
- Cross Industry Standard Process for Data Mining
- AIRS+ Framework for Identifying and Classifying Implementation Risk
- GAO: An AI Accountability Framework
- Other relevant frameworks
9. Conclusion
Instructor
Allan Cytryn
Principal @ Risk Masters International LLC
Allan Cytryn is a Principal with Risk Masters International. He has more than 35 years of experience in senior IT leadership roles, including Regional CIO for Deloitte, Director of Applications for Deloitte, CIO for Simpson Thacher & Bartlett, Vice-President of Corporate Finance at Goldman Sachs, and Group Vice-President for Funds Transfer and Foreign Exchange at Bankers Trust Company. In these roles, Allan had a broad range of IT responsibilities, including Business Continuity and Disaster Recovery Planning, and the implementation and operation of many high-performance mission-critical 24/7/365 system.
Allan began working in AI in the early 1970s, where he developed the first suite of AI systems to support computer assisted design in architecture and planning. This suite of systems reduced the time for facilities planning of large offices from 2-4 weeks to under 5 minutes, while providing a more consistent and higher quality design solution. He subsequently licensed these products to Computervision. Following that, he developed several AI systems that were deployed successfully in the financial services industry. At Goldman Sachs, he led the development of an AI-based multi-currency global equity valuation system that supported the Corporate Finance Department. The system reduced the time to develop equity valuation models from 6 weeks to 5 minutes. Also at Goldman, he developed the first system to use AI to identify “trades of interest” for screening for insider trading. At the law firm of Simpson Thacher & Bartlett, he developed an interactive research system that identified in seconds contextually relevant documents in a repository of more than 2,000,000 documents.
More recently, Allan has been involved in AI policy. In his work with the Boston Global Forum where he is on the Executive Board, he has co-authored with Governor Michael Dukakis and faculty from Harvard, MIT and Brown several papers on AI Ethics. In November, 2019, he presented at the BCI International conference in London on the subject of When your Artificial Intelligence Becomes Adversarial Intelligence: Risk and Control Considerations.
Additionally, Allan also has significant global IT experience. He was responsible for building the first global networks at Bankers Trust Company, Simpson Thacher and Bartlett, and Goldman Sachs Corporate Finance. At Deloitte, he established the application development offshoring operation in Hyderabad, India, and subsequently supported the growth of the offshored Audit practice from its initiation to more than 5,000 employees.
While at Deloitte, Allan led the IT recovery after the 9/11 Attack. At Simpson Thacher and Bartlett, Allan led the recovery after the 1993 NatWest Tower bombing in London.
Over the past five years, Allan has published and spoken on Business Continuity and Disaster Recovery Planning, Management of High-Risk Mission Critical Projects, Global Cyber Security Policy, and as previously mentioned, AI Risk and Control. More recently, as a member of the Executive Board of the Boston Global Forum (www.bostonglobalforum.org), he has advised the governments of Japan and Vietnam on national cyber-security strategy and has co-authored the cyber-security recommendations presented by the Government of Japan to the G7 Leaders at their May, 2016 G7 Summit in IseShima, Japan.
Allan is a graduate of Columbia University, where he received a BS in Electrical Engineering and Computer Science, a Master of Architecture, and an MS in Operations Research. He is an active alumnus, where his roles have included Chair of the Alumni Board of Visitors of the School of Engineering and Applied Sciences and the Treasurer of the Society of Columbia Graduates.
CPE Information
Earn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
Poll Questions
Participants must respond to all the poll questions polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
Learning Objectives
Participants in this seminar will learn:
- What AI and Generative AI are, and how they work.
- The risks associated with developing, deploying, and operating AI systems.
- Best practices for controlling the risks of AI projects, systems, and their ongoing use in production.
- Essential goals and techniques for conducting an AI Audit.
- Best practices that provide relevant guidance, including:
- An AI System Development Methodology and Project Lifecycle.
- Regulatory statutes and frameworks relevant to AI.
- Frameworks relevant to an AI audit.
CPE-Related Details
- Prerequisites: None
- Advance Preparation: None
- Program Knowledge Level: Basic
- Delivery Method: Group Internet Based
- Field of Study: Information Technology – Technical