Pipelines for
real workloads,
not demos.
8 micro-lessons · ~84 min · Real Docker images
AI Governance & Compliance
EU AI Act ready by 2 Aug 2026. ISO 42001 evidence as a side-effect of CI.
Real skills, real career delta.
Skills you'll gain
10- Map the 2026 AI regulatory landscapeWorking
Decode EU AI Act timelines (Annex III, Annex IV, Annex VI vs VII), NIST AI RMF + Generative AI Profile, ISO/IEC 42001:2023 vs 23894, US state laws (Colorado SB 24-205, CA AB 2013, NYC LL 144), GDPR Art. 22 + Art. 32, India DPDP Rules — and translate each into a concrete platform-engineering control.
- Author audit-ready model cards & datasheetsWorking
Generate a Mitchell et al model card and a Gebru et al datasheet from a model registry's metadata; align fields to EU AI Act Annex IV technical documentation; ship as part of CI; sample-tight against ISO 42001 evidence requirements.
- Run a fairness audit with Fairlearn + AIF360Production
Use MetricFrame + demographic_parity_difference + equalized_odds_difference + equal_opportunity_difference on tabular data; mitigate with ThresholdOptimizer / ExponentiatedGradient; emit disparity_report.html and a plain-English exec summary that survives a regulator's read.
- Train with differential privacy in PyTorchProduction
Wire Opacus DP-SGD + Ghost Clipping into a real training loop; tune noise_multiplier / max_grad_norm; explain (ε, δ) budgets to legal; visualise the privacy/utility curve; finetune a LoRA adapter on a foundation model with formal DP guarantees.
- Stand up an LLM guardrail gatewayProduction
Compose NeMo Guardrails 0.20 IORails + LLM Guard input/output scanners in front of a LiteLLM proxy; triage a real jailbreak corpus; report precision/recall against MITRE ATLAS techniques; publish per-tenant policy YAML.
- Build PII scrubbing pipelinesProduction
Deploy Microsoft Presidio analyzer + anonymizer with spaCy + transformer recognizers; add custom recognizers for product-specific identifiers; benchmark recall on synthetic + real corpora; integrate into log/ticket egress for GDPR Art. 32.
- Eval-gate prompt and model changes in CIProduction
Author Inspect AI Tasks + Solvers + Scorers; wire into GitHub Actions on PRs that touch prompts or model versions; trace runs in Phoenix (OpenInference / OpenTelemetry); publish a regression delta as a PR comment.
- Write policy-as-code for model registriesProduction
Author Rego v1 (or Cedar v4.5) policies that gate MLflow promotion on model-card / fairness-report / ATLAS-threats / owner-email presence; ship a tiny admission controller in Go or Python; version the policy file in Git like Terraform.
- Trace data lineage end-to-endWorking
Emit OpenLineage events from a RAG pipeline (loader → chunker → embedder → vector store → retriever → LLM); wire to a Marquez 0.51 server; produce a screenshot-able DAG that answers GDPR Art. 15 / DPDP source-tracing requests.
- Drive an ISO 42001 / SOC 2 + AI engagementAdvanced
Map the 38 ISO 42001 Annex A controls to your platform; produce a Statement of Applicability and AI Impact Assessment per system; pre-stage Stage 1 evidence; map to AICPA-HITRUST converged SOC 2 + AI controls (CC6/CC7/CC8/PI1); brief auditors and own the exception register.