Welcome to AI Governance and Compliance

If you ship an AI product in 2026, regulators in three continents already have something to say about it. The EU AI Act enforces in August. The NIST AI RMF is becoming the de facto US standard. ISO 42001 is the certification your enterprise customers will start asking for. GDPR is still the elephant in the room. Most teams approach this by panic: hire a consultant, fill out forms, hope it works. This course is the alternative. The frameworks overlap more than they conflict. If you build governance once, properly, you satisfy all of them. We'll cover: • The regulatory landscape in 2026: who regulates what, where, and when • EU AI Act vs NIST AI RMF vs ISO 42001 in plain English • How to classify your AI system (and why this drives everything else) • The integrated compliance approach: do the work once, document it for all frameworks • GDPR for AI: DPIAs, lawful basis, automated decision rights • Anti-discrimination law: where AI systems get sued, and how to avoid it • Building a compliance culture that doesn't slow product development This course assumes you're building an AI product, not auditing one. The lens is product and engineering, not pure legal. If you need a lawyer, hire a lawyer. This course will help you ask them better questions. Time: ~4 hours across 10 articles. Step 3 (the framework comparison) is the spine of the course. Re-read it after step 10.