Agentic AI Governance Practitioner
François B. Arthanas
Ph.D. Scholar, CISSP, CISA, AAIA™, CDPSE
Most people are learning how to build AI Agents Very few know how to govern them
Agentic AI Governance Practitioner is an 8-week hands-on practical live cohort course for people responsible for governing, testing, reviewing, buying, or selling enterprise AI agents.
The course is designed for professionals who need to:
Scope agentic AI systems by capability, autonomy, data access, tool use, and business impact.
Identify risks across data, privacy, security, safety, reliability, accountability, and societal misuse.
Turn governance expectations into controls, tests, logs, evidence, review routines, and decision memos.
Evaluate internal agents, vendor products, and communicate deployment readiness to various teams.
AI agents are not normal chatbots. A chatbot answers a question.
An AI agent can retrieve data, call tools, search documents, trigger workflows, draft customer responses, make recommendations, and interact with enterprise systems.
That means the risk is different. A normal software review does not answer:
-> Can this agent leak PII?
-> Can it be prompt-injected?
-> Can it call the wrong tool?
-> Can it issue an unauthorized refund?
-> Can it act outside its authority?
-> Who owns the risk?
-> What evidence proves the controls work?
This course fixes that.
What you’ll learn
By the end of this course, you will know how to evaluate an enterprise AI agent from first review to deployment decision.
Map the agent’s use case, users, data access, tools, autonomy, human review, and business impact.
Separate low-risk assistants from high-impact agents that need formal controls and approval.
Identify what is in scope, out of scope, unknown, and too risky to ignore before launch.
Identify security, privacy, safety, reliability, vendor, misuse, and accountability risks.
Map each risk to a control owner, evidence source, test method, and monitoring signal.
Move from vague AI concerns to practical governance artifacts leaders can act on.
Evaluate prompt injection, jailbreaks, indirect injection, data leakage, and unsafe outputs.
Test bad tool calls, privilege failures, unauthorized actions, and weak tool permissions.
Assess hallucinations, grounding, retrieval quality, citations, and response reliability.
Produce weekly artifacts covering scope, privacy, security, safety, reliability, and vendor risk.
Create monitoring signals, KRIs, retest triggers, evidence owners, and review cadences.
Package your work into a portfolio-ready Trust Evidence Pack you can reuse after the course.
Write a clear recommendation to approve, pilot, conditionally approve, delay, or reject.
Explain residual risk, missing evidence, control gaps, launch conditions, and monitoring needs.
Practice defending your decision in a mock deployment review board using evidence, not opinion.
Learn directly from François
François B. Arthanas
Agentic AI Governance Practitioner | Ph.D. Candidate, CISSP, CISA, AAIA™, CDPSE
Who this course is for
This course is for the person who will be asked: “Can we trust this AI agent?”
You are a strong fit if your role touches AI Governance, risk, security, privacy, product, vendor review, compliance, audit, and legal.
You are also a strong fit if you know AI agents are coming into your organization and you want to become the person who can evaluate them.
Prerequisites
There are NO technical prerequisites
You do not need: Coding skills, Machine learning experience, AI researcher, Advanced Cybersecurity background
You should have
Basic familiarity with GRC concepts risk management, internal controls, compliance frameworks, audit fundamentals
What's included
Live sessions
Learn directly from François B. Arthanas in a real-time, interactive format.
Agent Scope, Architecture & Control Applicability
Define what the agent does, who uses it, what systems it touches, what data it accesses, what tools it calls, where humans intervene, and which controls apply.
Data, Privacy & IP Evidence
Map prompts, outputs, logs, memory, retrieval, PII, IP, retention, deletion, model-provider use, tenant isolation, and data-handling evidence.
Security Threat Model & Adversarial Test Plan
Threat-model prompt injection, jailbreaks, indirect injection, endpoint abuse, tool misuse, unauthorized actions, privilege failures, and MCP/tool-interface risks.
Safety Risk Taxonomy & Human Review
Define harmful outputs, high-risk categories, out-of-scope behavior, escalation rules, severity levels, review workflows, and safety monitoring signals.
Reliability, Hallucination & Tool-Call Assurance
Evaluate hallucinations, grounding, retrieval quality, citation quality, tool selection, parameter correctness, authorization, rollback, and circuit breakers.
Accountability, Vendor Risk & Incident Response
Build the AI RACI, vendor due diligence checklist, acceptable use policy, incident response plan, logging requirements, disclosure approach, and regulatory mapping worksheet.
Production Monitoring & Control-to-Evidence Map
Create KRIs, alert thresholds, retest triggers, monitoring signals, evidence owners, review cadence, residual risk register, and customer-facing trust package.
Executive Deployment Decision Memo & Board Briefing
Present a clear recommendation to approve, approve for pilot, conditionally approve, delay, or reject deployment.
Office Hours & Community
Once a week for 60 minutes. Bring your deliverable drafts, your career questions, your workplace challenges and get personalized coaching. We also have a dedicate private community for ongoing discussions, updated templates, job opportunities, peer networking, and direct access to the instructor.
Certificate of Completion
Official program certificate. But more importantly a portfolio that proves you can do the work.
Maven Guarantee
Your purchase is backed by the Maven Guarantee.
Course syllabus
25 live sessions • 28 lessons • 16 projects
Week 1
Aug
3
Session 0 (Mon): Onboarding & Welcome Lecture
Introduction, Lab Setup & Our Favorite Agentic AI Governance Tools
Aug
4
Session 1 (Tue): The Enterprise Agentic AI Trust Problem
Aug
5
Optional: WEEK 1: Office Hours (Wednesday, 60 min) NOT 🔴 RECORDED
Aug
6
Session 2 (Thu): Agent Scoping, Architecture, and Risk Tiering
FAQ and Links
Week 2
Aug
11
Session 3 (Tue): Data, Privacy, IP, and Retention Controls
Aug
12
Optional: WEEK 2: Office Hours (Wednesday, 60 min) NOT 🔴 RECORDED
Aug
13
Session 4 (Thu): Data Leakage, PII, IP, and Tenant Isolation
[Lab Exercise] Designing Meridian’s AI Governance Charter, RACI, and Escalation
Case Study: Air Canada Chatbot Ruling (2024)
FAQ and Links
Schedule
Live sessions
3-5 hrs / week
Designed for working professionals
Mon, Aug 3
3:00 PM—4:30 PM (UTC)
Tue, Aug 4
10:00 PM—11:30 PM (UTC)
Wed, Aug 5
10:00 PM—11:00 PM (UTC)
Projects
2-3 hrs / week
Have Question? Schedule a Quick call w/ Francois
Frequently asked questions
Maven for Teams
Reimbursement
Get your company to pay
Everything L&D needs: email template, receipts, and certificate of completion.
Get reimbursedTeam discount
Learn with your teammates
Save 20%+ when 2 or more teammates enroll in the same cohort.
Save 20%+ with a teamPrivate cohort
Run a cohort for your org
A dedicated cohort with a custom schedule and curriculum, tailored to your team.
Book a private cohort$2,497
USD