{"id":35229,"date":"2026-07-06T11:23:19","date_gmt":"2026-07-06T08:23:19","guid":{"rendered":"https:\/\/esi.edu.sa\/courses\/%d8%ad%d9%88%d9%83%d9%85%d8%a9-%d8%a7%d9%84%d8%b0%d9%83%d8%a7%d8%a1-%d8%a7%d9%84%d8%a7%d8%b5%d8%b7%d9%86%d8%a7%d8%b9%d9%8a-%d9%88%d8%a7%d9%84%d8%a7%d9%85%d8%aa%d8%ab%d8%a7%d9%84-%d9%84%d9%85%d8%aa\/"},"modified":"2026-07-06T14:56:22","modified_gmt":"2026-07-06T11:56:22","slug":"%d8%ad%d9%88%d9%83%d9%85%d8%a9-%d8%a7%d9%84%d8%b0%d9%83%d8%a7%d8%a1-%d8%a7%d9%84%d8%a7%d8%b5%d8%b7%d9%86%d8%a7%d8%b9%d9%8a-%d9%88%d8%a7%d9%84%d8%a7%d9%85%d8%aa%d8%ab%d8%a7%d9%84-%d9%84%d9%85%d8%aa","status":"publish","type":"courses","link":"https:\/\/esi.edu.sa\/en\/courses\/%d8%ad%d9%88%d9%83%d9%85%d8%a9-%d8%a7%d9%84%d8%b0%d9%83%d8%a7%d8%a1-%d8%a7%d9%84%d8%a7%d8%b5%d8%b7%d9%86%d8%a7%d8%b9%d9%8a-%d9%88%d8%a7%d9%84%d8%a7%d9%85%d8%aa%d8%ab%d8%a7%d9%84-%d9%84%d9%85%d8%aa\/","title":{"rendered":"AI Governance &amp; SDAIA Compliance"},"content":{"rendered":"<section class=\"block\">\n<h3 dir=\"ltr\" style=\"text-align: left;\">Programme Overview<\/h3>\n<p dir=\"ltr\" style=\"text-align: left;\">A specialist three-day programme that prepares organisations to design, deploy and operate AI systems in line with Saudi Arabia&#8217;s evolving AI-governance ecosystem. It covers SDAIA&#8217;s AI Ethics Principles, alignment expectations for the National AI Index (NAII), PDPL and data-protection obligations, AI management systems under ISO\/IEC 42001, and the sector-specific regulatory interfaces with the Saudi Central Bank (SAMA), the Communications, Space &amp; Technology Commission (CST), the National Cybersecurity Authority (NCA), the Ministry of Health (MoH) and the Ministry of Communications and Information Technology (MCIT). Participants leave with a working knowledge of compliance obligations, model-governance documentation, and the ability to conduct an AI risk-and-compliance assessment in their own organization.<\/p>\n<\/section>\n<section class=\"block\" dir=\"ltr\">\n<h4>Learning Objectives<\/h4>\n<p class=\"lead-line\">By the end of this programme, participants will be able to:<\/p>\n<ul>\n<li>Work with SDAIA&#8217;s AI Ethics Principles and apply its five principles (fairness, accountability, transparency, safety and sustainability) to real use cases.<\/li>\n<li>Interpret the PDPL and data-sovereignty requirements for AI systems that process Saudi data.<\/li>\n<li>Map the organisation&#8217;s AI portfolio to the National AI Index (NAII) maturity domains and identify compliance gaps.<\/li>\n<li>Design an AI management system aligned with ISO\/IEC 42001 and integrate it with existing ISO 27001 or 9001 programmes.<\/li>\n<li>Conduct an AI risk-and-compliance assessment on deployed and planned use cases.<\/li>\n<li>Prepare for regulatory engagement with SDAIA, sector regulators and external auditors.<\/li>\n<li>Establish the internal governance structures, policies and documentation required for responsible AI at enterprise scale.<\/li>\n<\/ul>\n<\/section>\n<section class=\"block\" dir=\"ltr\">\n<h4>Programme Content &amp; Modules<\/h4>\n<h5 class=\"day-head\">Day 1:\u00a0The governance landscape and the SDAIA framework<\/h5>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 1: <\/span>Why AI Governance Matters<\/div>\n<p>The types of risk in AI systems, including bias, hallucination, model drift, adversarial threats and sovereignty. The global governance picture, including the EU AI Act, the NIST AI Risk Management Framework, the OECD principles and UNESCO&#8217;s Recommendation on the Ethics of AI. How Saudi Arabia positions itself internationally.<\/p>\n<\/div>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 2: <\/span>SDAIA&#8217;s AI Ethics Principles in Depth<\/div>\n<p>Fairness, accountability, transparency, safety and sustainability. Case studies of how each principle applies inside real Saudi organisations. Common failure modes and how to avoid them.<\/p>\n<\/div>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 3: <\/span>The PDPL, Data Sovereignty &amp; Cross-Border Implications<\/div>\n<p>What the PDPL requires, how it interacts with AI systems, and the related data-sovereignty questions. Practical considerations for organisations deploying foreign foundation models.<\/p>\n<\/div>\n<h5 class=\"day-head\">Day 2: Management systems, maturity and sector interfaces<\/h5>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 4: <\/span>ISO\/IEC 42001 for AI Management Systems<\/div>\n<p>The structure of the standard. The AI-management-system life cycle. Linkage with existing ISO 27001 and ISO 9001 programmes. Documentation expectations and audit readiness.<\/p>\n<\/div>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 5: <\/span>NAII Alignment &amp; Maturity Assessment<\/div>\n<p>The National AI Index framework, its main and sub-pillars, and what the maturity levels require in practice. A practical exercise mapping a participant organisation to the NAII domains.<\/p>\n<\/div>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 6: <\/span>Sector-Specific Regulatory Interfaces<\/div>\n<p>The Saudi Central Bank (SAMA) AI guidance for the financial sector. The Communications, Space &amp; Technology Commission (CST) for telecoms and digital services. The National Cybersecurity Authority (NCA) for cybersecurity controls. The Ministry of Health (MoH) for health AI. The Ministry of Communications and Information Technology (MCIT) for public-sector digital services. Handling multi-regulator situations.<\/p>\n<\/div>\n<h5 class=\"day-head\">Day 3: Applied compliance and the operating model<\/h5>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 7: <\/span>Conducting an AI Risk-and-Compliance Assessment<\/div>\n<p>A structured methodology. Documentation templates. A facilitated workshop in which participants assess one of their live use cases against the full SDAIA and sector ecosystem.<\/p>\n<\/div>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 8: <\/span>Building the Governance Operating Model<\/div>\n<p>The roles, including an AI ethics committee, a model-risk officer and an AI review board. Policies, controls, documentation and reporting indicators. Organisational placement and escalation paths.<\/p>\n<\/div>\n<div class=\"unit\">\n<div class=\"unit-head\"><span class=\"unit-tag\">Module 9: <\/span>The Sovereign-AI Question &amp; the Capstone Project<\/div>\n<p>The long-term strategic implications of relying on foreign AI infrastructure. Where sovereign boundaries matter and where they do not. Applied capstone project: each participant presents a 90-day compliance roadmap for their organisation.<\/p>\n<\/div>\n<\/section>\n<section class=\"block\" dir=\"ltr\">\n<h4>Suggested Duration<\/h4>\n<p>Three training days.<\/p>\n<\/section>\n<section class=\"block aud\" dir=\"ltr\">\n<h4 style=\"text-align: left;\">Target Audience &amp; Prerequisites<\/h4>\n<p style=\"text-align: left;\"><strong>Target audience:<\/strong>\u00a0Chief compliance officers, chief data officers, chief AI officers, data-protection officers, chief risk officers, legal counsel and heads of legal, internal auditors, members of AI-governance committees and senior policy leaders in government, financial institutions, healthcare, telecoms, energy and the public sector under SDAIA&#8217;s oversight.<\/p>\n<p style=\"text-align: left;\"><strong>Prerequisites:<\/strong>\u00a0Working knowledge of the organisation&#8217;s compliance, risk or legal environment. Basic familiarity with AI concepts is helpful but not required, as the programme includes foundational AI content on Day 1. Participants are encouraged to bring one live use case from their organisation to work on in the Day 3 capstone workshop.<\/p>\n<\/section>\n","protected":false},"author":2043,"featured_media":35227,"template":"","course_category":[1371,945],"class_list":["post-35229","courses","type-courses","status-publish","has-post-thumbnail","hentry","course_category-governance","course_category-ai","infinite-scroll-item","no-featured-image-padding"],"acf":[],"_links":{"self":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses\/35229","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses"}],"about":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/types\/courses"}],"author":[{"embeddable":true,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/users\/2043"}],"version-history":[{"count":3,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses\/35229\/revisions"}],"predecessor-version":[{"id":35350,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses\/35229\/revisions\/35350"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/media\/35227"}],"wp:attachment":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/media?parent=35229"}],"wp:term":[{"taxonomy":"course_category","embeddable":true,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/course_category?post=35229"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}