The AIGP exam is not a memory test. It is a judgment test. Most candidates who fail do so not because they lack knowledge, but because they have not practised applying that knowledge to real-world scenarios under time pressure. This guide gives you a structured, practical approach to preparing for the exam from scratch.
Scored 475/500. This guide is based on the approach that produced that result, refined through building a playbook used by over 1,500 professionals across 65 countries.
The AIGP exam consists of 100 multiple-choice questions, of which 85 are scored and 15 are unscored experimental questions. You have 2.5 hours. Questions are scenario-based: they present a situation and ask you to identify the best course of action, the correct framework, or the right risk classification.
The key word is best. Multiple options may be partially correct. The exam tests whether you can identify the most appropriate response given the specific context, not just whether you recognise a concept.
| Phase | Duration | Focus |
|---|---|---|
| Foundation | Weeks 1-3 | Read the IAPP AIGP textbook. Map each chapter to the exam domains. Take notes on definitions, obligations, and key distinctions. |
| Framework depth | Weeks 4-6 | Go deep on EU AI Act, NIST AI RMF, OECD Principles, and ISO 42001. Understand what makes each framework distinct and when each applies. |
| Practice | Weeks 7-9 | Work through scenario-based questions daily. Review every wrong answer in detail. Identify the pattern of why you got it wrong. |
| Consolidation | Week 10 | Timed full sessions. Focus on weak domains. Review trap patterns. Rest the day before. |
This is the most heavily tested topic. You need to know all four risk tiers (prohibited, high-risk, limited transparency, minimal risk), the specific prohibited practices, which categories of systems are classified as high-risk, GPAI model obligations, and the roles of provider, deployer, importer, and distributor.
Know the four core functions: Govern, Map, Measure, Manage. Understand what each function covers and how they interact. Questions often test whether you can identify which function a specific activity belongs to.
Risk identification, assessment, treatment, and documentation. Know the difference between inherent and residual risk. Understand when a risk register is required and what it must contain.
Design, development, deployment, monitoring, and decommissioning. Know which governance controls apply at each stage and what model drift means in practice.
GDPR application to AI systems. Data minimisation, purpose limitation, DPIAs, and the legal bases for processing training data. Know when a DPIA is required for an AI system.
Every wrong answer is information. Read the explanation, understand why the correct option is right, and why each distractor is wrong. The patterns repeat.
Keep a simple log of which domain each wrong answer belongs to. After 50 questions, you will see a pattern. Spend extra time on those domains before your exam.
85 scored questions in 2.5 hours is approximately 1.75 minutes per question. Time yourself. If you are regularly running over, you need to practise faster elimination.
On most questions, two options can be eliminated immediately. Focus your deliberation on the remaining two. This halves the cognitive load and speeds up your answers.
Free access, no payment required. Every question includes a full SLIDE framework explanation.
Start Free Practice Quiz →