Why the category split matters
Practitioners searching for "AI certification" usually need one of three outcomes: prove they can deploy and operate AI safely, prove they can govern or audit it, or prove fluency on a specific cloud AI stack. Those outcomes do not overlap cleanly. A strong AWS AI Practitioner score does not answer a procurement question about PSF-style deployment controls. An ISACA AAISM credential does not teach LangGraph interrupt patterns.
ISACA launched three advanced AI credentials in quick succession: AAISM (AI security management, August 2025), AAIA (AI audit), and AAIR (AI risk, general availability 15 April 2026 per ISACA). AWS refreshed its security specialty (SCS-C03, December 2025) to include generative AI guardrail skills inside infrastructure security domains. Microsoft expanded its Azure AI engineer and Copilot-adjacent paths. Google's Professional Machine Learning Engineer remains the anchor for Vertex-scale ML, with less emphasis on agent orchestration.
Production AI Institute credentials sit in a fourth lane: vendor-neutral exams mapped to the eight-domain Production Safety Framework (PSF). Free associate exams (AIDA, AIMA, AIFA) establish shared vocabulary; paid specialist exams ($97) and portfolio reviews (CPAP, CPAA) test role-specific depth with public verification at /verify.
Comparison matrix (assessment)
Ratings reflect how directly each track prepares someone to meet production deployment and governance obligations, not brand recognition alone. Cloud vendor exams rate Partial on production safety because they optimize for platform features; practitioners still implement cross-cutting PSF controls in application code.
| Dimension | PAI (PSF) | ISACA AI | AWS | Microsoft | Google Cloud |
|---|---|---|---|---|---|
| Production safety (PSF-aligned) | Strong | Partial | Partial | Partial | Partial |
| Deployable agent/LLM operations | Strong | Gap | Strong | Strong | Partial |
| Enterprise GRC / audit depth | Partial | Strong | Partial | Partial | Gap |
| Vendor-neutral credential | Strong | Strong | Gap | Gap | Gap |
| Low barrier to start | Strong | Gap | Strong | Strong | Gap |
| Public verification for clients | Strong | Strong | Strong | Strong | Strong |
Strong = primary purpose of the track. Partial = relevant but requires companion study or implementation work. Gap = not a design goal of that track; add another credential or hands-on controls.
Track profiles
Production AI Institute (PSF-aligned)
Representative credentials: AIDA (free deployment associate), CAOP (agent operator), CAIA (auditor), CPAP (portfolio practitioner).
Practitioner action: Start with AIDA for every engineer and PM on an AI delivery team. Add CAOP when staff run autonomous or semi-autonomous agents in client environments. Add CAIA when someone owns independent PSF assessments before release.
Evidence basis: Exam blueprints published on /certify routes; pricing on terms page ($97 specialist, $297 CPAP). Suited when procurement or insurers ask for verifiable production AI competence without naming a single cloud.
ISACA advanced AI (AAISM, AAIA, AAIR)
Representative credentials: AAISM for security leaders (requires active CISM or CISSP per ISACA, launched 2025), AAIA for auditors (CISA/CIA/CPA family), AAIR for risk (25 qualifying designations including CRISC; launched April 2026).
Practitioner action: Route security managers to AAISM, internal audit to AAIA, enterprise risk to AAIR. Do not expect these exams to substitute for hands-on agent deployment training; pair with engineering credentials.
Evidence basis: ISACA credential pages and exam guides (isaca.org/credentialing). Best when boards and regulators expect ISACA-branded governance depth.
AWS
Representative credentials: AWS Certified AI Practitioner (foundational genAI on AWS), AWS Certified Generative AI Developer Professional (building on AWS), AWS Certified Security Specialty SCS-C03 (includes GenAI guardrail skills in Domain 3 per AWS exam guide, December 2025 refresh).
Practitioner action: AI Practitioner for mixed business/technical staff on Bedrock roadmaps; GenAI Developer Professional for engineers shipping agents; Security Specialty when security engineering owns model and agent guardrails in AWS accounts.
Evidence basis: AWS certification pages and third-party exam breakdowns (e.g., netguardia.com SCS-C03 analysis, December 2025). Scores Gap on vendor neutrality by design.
Microsoft Azure
Representative credentials: Azure AI Engineer Associate (AI-102), Azure AI Fundamentals (AI-900), plus Copilot and data science role-based paths listed on Microsoft Learn (2026 catalog).
Practitioner action: AI-102 for engineers implementing Azure OpenAI, AI Foundry, and agent tools in M365-heavy enterprises. Add separate governance study (CAIG, AAIA, or internal policy work) because the exam optimizes for platform delivery.
Evidence basis: Microsoft Learn role-based certification listings; CIO roundup of vendor programs (March 2025, updated 2026). Pair with Semantic Kernel PSF assessment when .NET agents are in scope.
Google Cloud
Representative credentials: Professional Machine Learning Engineer (production ML on Vertex AI).
Practitioner action: Use for data science and MLOps leads running custom models. Add agent-specific training (LangGraph, ADK, or PAI CAOP) when generative agents sit on top of Vertex endpoints.
Evidence basis: Google Cloud certification catalog; assessments note weaker agent-native coverage versus 2026 agent framework credentials.
Decision guide by primary constraint
If one constraint dominates hiring or L&D budget, start here. Mixed-role teams usually need a stack (for example, AIDA + AI-102 + AAIA for a regulated Azure shop with a strong audit function).
If production deployment is the bar
Production buyers increasingly ask for evidence beyond model accuracy: input governance, output validation, observability, human oversight, and vendor resilience. No single vendor exam covers all eight PSF domains as the primary learning objective. The practical standard is a credential stack plus implemented controls documented in runbooks.
- Minimum engineering baseline: AIDA or equivalent free associate exam plus hands-on PSF checklist from AI agent production ready checklist.
- Customer-facing agents: CAOP or CPAP evidence, LangSmith or equivalent tracing, documented human escalation (see D6 human oversight guide).
- Regulated data: Add data-protection implementation regardless of cloud cert (Presidio or commercial classification APIs). Cloud exams alone rated Partial on PSF Domain 3 in framework assessments.
- Third-party audit: CAIA or AAIA plus written control matrix mapped to PAI-8 or internal policy.
Cost and friction snapshot (May 2026)
PAI associate exams: $0. PAI specialist exams: $97 each per site terms. CPAP: $297 portfolio review. ISACA advanced exams: exam fee plus prerequisite designations (often years of prior study). AWS/Microsoft/Google: per-exam fees on vendor sites, typically $99 to $300 USD depending on level. Budget owners should model total cost including study time and prerequisite maintenance (CISM renewal, etc.), not exam sticker price alone.
Sources
- ISACA Advanced in AI Risk (AAIR) credential page, accessed May 2026
- ISACA AAISM launch coverage and prerequisite requirements (August 2025)
- AWS Certified Security Specialty SCS-C03 exam guide and GenAI guardrail skill mapping (December 2025)
- CIO, "11 AI certifications to grow your career" (vendor program overview)
- Production AI Institute /certify and /terms pages (exam scope and pricing)
For team rollout patterns, see How to certify your AI team and MSP AI certification guide. For framework depth after credentials are chosen, use the agent framework comparison and individual PSF assessments in Insights.
Turn the evidence into production practice.
Use the PSF, research library, and Lab material to review your own deployment. Credentials are available when a client, employer, or regulator needs public proof.