AIGP body of knowledge — a Go engineer's reading map

What the AIGP covers

The IAPP AI Governance Professional certification’s body of knowledge spans:

Foundations of AI (technical + risk vocabulary)
Trustworthy AI principles
AI lifecycle governance
AI risk management
Implementing responsible AI
AI law and policy

For a Go engineer, the value is the vocabulary — being able to talk to risk officers, compliance teams, and regulators in their language about systems you’ve built.

Reading map for an engineer

Foundations. Skip the AI-101 basics if you’ve shipped AI in production. Focus on the vocabulary: “trustworthiness,” “fairness,” “explainability,” “accountability.” Knowing what these mean in IAPP’s framing helps you translate when a risk officer asks.

Lifecycle governance. This is the big one. The IAPP framework: design → develop → deploy → monitor → retire. Each phase has its own governance artefacts. Map to your stack:

AIGP phase	Genie artefact
Design	`docs/free-ai-mapping.md` + the agent’s risk class declaration
Develop	Tests + adversarial corpus + tier promotion checklist
Deploy	`pkg/agent.Tier`, audit chain init, fallback wiring
Monitor	OTel dashboards, incident log, drift alerts
Retire	Tier demotion + decommission script + data retention purge

Risk management. Risk identification → risk assessment → risk mitigation → risk monitoring. Maps to the threat model in docs/ai-governance-security.md and the per-incident grading in pkg/incidents/grading.go.

Responsible AI. Fairness assessments, explainability requirements, transparency disclosures. Maps to:

Fairness → pkg/safety/bias.go (demographic parity)
Explainability → pkg/governance/compliance.go::ExplainabilityPolicy
Transparency → /v1/disclosures endpoint + per-output Disclaimer field

AI law and policy. This section is jurisdiction-dependent. For India, you supplement with the RBI FREE-AI report. For EU, you supplement with the AI Act. For US, NIST AI RMF. The AIGP framework gives you the meta-structure; the jurisdiction-specific doc fills in the substance.

How to study it as an engineer

The IAPP study materials are written for non-engineers. The pacing assumes you don’t know what an LLM is. Skim past those parts.

The parts to study carefully:

The terminology. There’s a vocabulary; learning it removes friction with non-engineer reviewers.
The frameworks (lifecycle, risk, governance). They’re useful even if you don’t certify; they’re the shared mental models.
The case studies. Real incidents; how they were handled; what controls would have prevented them.

Time to study: 2-3 weeks for a senior engineer who’s shipped AI. The cert exam itself is doable on top of that with another week of practice questions.

What you get from the cert (or just the knowledge)

Vocabulary alignment with risk + compliance teams.
A defensible “I understand AI governance” claim on your resume.
A framework for the documentation you produce for any AI system (the AIGP framework maps cleanly to artefacts you should produce anyway).

For senior engineering roles in regulated AI, this is becoming a checkbox. Not yet “required” but increasingly “preferred” in JDs from banks, healthcare orgs, and government AI procurement teams.

What it doesn’t replace

Domain certs (PCSE, AWS Security Specialty).
Hands-on engineering chops (no cert tells a hiring manager you can write Go).
Specific framework knowledge (RBI FREE-AI for India, AI Act for EU, etc.).

It’s a complement, not a substitute. If you’re building AI for a regulated industry, the AIGP plus a domain cert is the combination that maps to where you’re working.

For Genie’s audience (Indian regulated finance), the AIGP + the FREE-AI framework mastery is the right combination. For a US healthcare AI team, AIGP + HIPAA + the Cures Act. The framework transfers; the specifics localise.