Content Domain 5: Security, Compliance, and Governance for AI Solutions - AWS Certification
Task Statement 5.1: Explain methods to secure AI systems.Task Statement 5.2: Recognize governance and compliance regulations for AI systems.

Content Domain 5: Security, Compliance, and Governance for AI Solutions

Domain 5 covers security, compliance, and governance for AI solutions and represents 14% of the scored content on the exam.

Task Statement 5.1: Explain methods to secure AI systems.

Objectives:

  • Identify AWS services and features to secure AI systems (for example, IAM roles, policies, and permissions; encryption; Amazon Macie; AWS PrivateLink; AWS shared responsibility model).

  • Describe the concept of source citation and documenting data origins (for example, data lineage, data cataloging, Amazon SageMaker Model Cards).

  • Describe best practices for secure data engineering (for example, assessing data quality, implementing privacy-enhancing technologies, data access control, data integrity).

  • Describe security and privacy considerations for AI systems (for example, application security, threat detection, vulnerability management, infrastructure protection, prompt injection, encryption at rest and in transit).

Task Statement 5.2: Recognize governance and compliance regulations for AI systems.

Objectives:

  • Identify AWS services and features to assist with governance and regulation compliance (for example, AWS Config, Amazon Inspector, AWS Audit Manager, AWS Artifact, AWS CloudTrail, AWS Trusted Advisor).

  • Describe data governance strategies (for example, data lifecycles, logging, residency, monitoring, observation, retention).

  • Describe processes to follow governance protocols (for example, policies, review cadence, review strategies, governance frameworks such as the Generative AI Security Scoping Matrix, transparency standards, team training requirements).