- What the 65% Passing Score Actually Means
- 40 Questions, 90 Minutes: The Exam Format Breakdown
- Domain Weights and Where Your Points Come From
- The Open-Book Reality: What the AI Act Text Actually Helps With
- Scoring Strategy Mapped to Each Domain
- Why Practical Assignments Gate Your Exam Access
- Registration, Fees, and EXIN Anywhere Logistics
- The Preparation Math: 112 Hours Explained
- Frequently Asked Questions
- You need 26 correct answers out of 40 to pass-the 65% threshold is absolute, not curved.
- Domain 2 (Articles 8, 9, and 10 of the AI Act) carries the heaviest weight at 25% of the exam.
- The exam is open book: the EU AI Act text is permitted, but complex article interpretation still requires deep preparation.
- You cannot sit the exam without first completing accredited AICP training including Practical Assignments-no exceptions.
What the 65% Passing Score Actually Means
When EXIN sets a passing threshold for the Artificial Intelligence Compliance Professional (AICP) certification, it expresses that threshold as a percentage of total possible points-not as a curved or norm-referenced score. For the AICP exam, that threshold is 65%.
In practical terms, the exam contains 40 multiple-choice questions. Each question is worth one point. To pass, you need to answer at least 26 questions correctly. You can miss up to 14 questions and still earn your certification. There is no partial credit, no penalty for wrong answers, and no adjustment based on how other candidates perform on the same sitting.
This matters because it shapes how you should approach preparation. You are not competing against a cohort. You are competing against a fixed content standard defined by the 2025 exam literature, the EU AI Act, ISO/IEC 42001, and the NIST AI Risk Management Framework. Once you understand the domains and their weights, you can calculate exactly where your 26 points are most likely to come from.
40 Questions, 90 Minutes: The Exam Format Breakdown
The AICP exam consists of exactly 40 multiple-choice questions delivered within a 90-minute window. That gives you an average of 2 minutes and 15 seconds per question-enough time if you know the material, tight if you are hunting through the AI Act text for every answer.
EXIN's multiple-choice questions at this level are not simple recall items. The AICP exam is built around application and analysis. You will encounter scenario-based questions that describe an AI system deployment and ask you to identify the correct compliance obligation under a specific AI Act article, or questions that present a data governance situation and ask which principle from ISO/IEC 42001 applies.
Question Types You Should Expect
- Direct knowledge questions: "Which article of the EU AI Act establishes requirements for high-risk AI system documentation?" These reward candidates who know the structure of the Act well enough to navigate it quickly.
- Application scenarios: A short case description followed by a question asking which compliance action is required, which risk category applies, or which stakeholder bears responsibility.
- Framework integration questions: These ask you to connect concepts across the EU AI Act, ISO/IEC 42001, and the NIST AI RMF-the area where underprepared candidates most often drop points.
- Negative or exception questions: "Which of the following is NOT required under Article 9?" These test precise understanding, not general familiarity.
Practicing with realistic question formats before exam day is one of the highest-value activities you can do. The AICP practice test platform at aicptest.com is built around exactly this question style, helping you build fluency under timed conditions before your actual EXIN sitting.
Domain Weights and Where Your Points Come From
The AICP exam is divided into five domains, each carrying a defined percentage of the total questions. Understanding these weights is the foundation of any rational scoring strategy. Here is how the 40 questions are distributed:
| Domain | Weight | Approx. Questions | Points Available |
|---|---|---|---|
| Domain 1: General Understanding of the EU AI Act | 20% | ~8 questions | 8 points |
| Domain 2: In-Depth Analysis - Articles 8, 9, and 10 | 25% | ~10 questions | 10 points |
| Domain 3: Building Trustworthy AI - Privacy, Transparency, Data Governance | 20% | ~8 questions | 8 points |
| Domain 4: Ethical AI Frameworks and Human Rights | 15% | ~6 questions | 6 points |
| Domain 5: AI Compliance Lifecycle Management and Implementation | 20% | ~8 questions | 8 points |
To pass with exactly 26 correct answers, you could theoretically score perfectly in Domains 2, 3, and 1 (26 points total) and skip everything else-but that is a risky and unrealistic approach. What the weights tell you is where to invest disproportionate preparation time: Domain 2 alone is worth 10 of your 40 points. Missing half of Domain 2 costs you 5 points before you answer another question.
The Open-Book Reality: What the AI Act Text Actually Helps With
One of the most misunderstood aspects of the AICP exam is that it is open book-specifically, you are permitted to reference the EU AI Act text during the exam. Candidates sometimes interpret this as meaning preparation is less important. That interpretation is wrong, and it costs people their pass.
What the open book provision actually rewards is structured familiarity. Candidates who have studied the Act know which Title covers which obligations, roughly where Article 9 sits, and what Annex III lists. They can flip to the right section in under 30 seconds. Candidates who have not studied treat every reference lookup as a cold search-and they run out of time.
For Domain 2 specifically, which covers Articles 8 (General obligations for providers of high-risk AI systems), 9 (Risk management system), and 10 (Data and data governance), the open book advantage is real but limited. These articles are dense with conditional language. You need to have worked through them analytically before exam day, not meet them for the first time under the clock.
Scoring Strategy Mapped to Each Domain
Domain 1: General Understanding of the EU AI Act (20% | ~8 questions)
This domain establishes your foundational knowledge of the Act's structure, scope, and risk classification system. Questions here tend to be more direct than in other domains.
- Know the four risk tiers: unacceptable risk, high risk, limited risk, and minimal risk
- Understand which AI systems are prohibited outright under the Act
- Know the difference between a provider, deployer, importer, and distributor under the Act's definitions
- Understand the Act's relationship to GDPR and the AI liability directive
Domain 2: In-Depth Analysis - Articles 8, 9, and 10 (25% | ~10 questions)
This is the highest-weighted domain and the one where passing candidates separate from failing ones. The questions require precise knowledge of specific obligations.
- Article 8: What general obligations apply to providers of high-risk AI systems-technical documentation, conformity assessment, post-market monitoring
- Article 9: The components of a compliant risk management system-continuous iterative process, residual risk evaluation, testing requirements
- Article 10: Data governance requirements-training, validation, and testing datasets; data quality criteria; bias and relevance
- How Articles 8, 9, and 10 interact as a compliance cluster, not isolated obligations
Domain 3: Building Trustworthy AI - Privacy, Transparency, Data Governance (20% | ~8 questions)
This domain bridges the EU AI Act with GDPR principles and ISO/IEC 42001 data governance requirements. Candidates with GDPR or ISO 27001 backgrounds have an advantage here.
- Transparency obligations for AI systems under Articles 13 and 50
- How ISO/IEC 42001 establishes an AI management system framework
- Privacy-by-design principles applied to AI system development
- Logging, traceability, and human oversight requirements
Domain 4: Ethical AI Frameworks and Human Rights (15% | ~6 questions)
The lightest-weighted domain, but one where candidates without an ethics background can lose avoidable points. Focus on the NIST AI RMF's govern-map-measure-manage structure and UNESCO's AI ethics framework.
- The NIST AI RMF core functions and how they relate to EU AI Act obligations
- Fundamental rights impact assessments for high-risk AI
- Non-discrimination and fairness principles in AI system design
Domain 5: AI Compliance Lifecycle Management and Implementation (20% | ~8 questions)
This domain tests your ability to operationalize compliance-moving from regulatory text to real implementation steps across an AI system's lifecycle.
- Conformity assessment procedures and CE marking requirements for high-risk AI
- Post-market monitoring obligations and incident reporting
- Roles and responsibilities of the AI compliance officer within an organization
- Integration of compliance into development pipelines and procurement processes
Understanding how each domain contributes to your final score is what allows you to build a rational study plan. If you explore the AICP Study Schedule 2026: Building Your 112-Hour Plan, you will see how domain weights map directly to recommended study hours across a structured preparation timeline.
Why Practical Assignments Gate Your Exam Access
Unlike many professional certifications where paying a fee is sufficient to book an exam, the AICP has a mandatory prerequisite that candidates often underestimate: you must complete accredited AICP training including Practical Assignments before EXIN will allow you to sit the exam.
This prerequisite exists because the AICP is built around applied compliance competency, not just theoretical knowledge. The Practical Assignments are where candidates demonstrate the ability to analyze a real or simulated AI system against EU AI Act requirements, produce compliant documentation, and apply the risk management lifecycle. These are the skills the exam then tests in scenario form.
From a scoring perspective, this matters because candidates who engage seriously with their Practical Assignments enter the exam with a significant advantage. The scenarios they worked through during training become the mental models they apply when reading exam questions. Candidates who rush their assignments to clear the prerequisite gate typically struggle with Domain 5 in particular, where lifecycle implementation questions require exactly the applied reasoning the assignments develop.
Registration, Fees, and EXIN Anywhere Logistics
The AICP exam is administered exclusively by EXIN (Examination Institute for Information Science), one of the largest independent IT certification bodies in the world. Understanding the registration mechanics helps you avoid logistical surprises that can affect your exam performance.
Fee Structure
The exam fee is typically bundled into a training package rather than purchased separately. Combined training and exam packages range from approximately $800 to $1,700 depending on the accredited training provider you select. This range reflects differences in delivery format (self-paced versus instructor-led), included study materials, and provider reputation. The exam voucher itself is issued by your training provider upon completion of the required Practical Assignments.
EXIN Anywhere: Remote Proctoring
EXIN offers candidates two testing paths. The first is the EXIN Anywhere platform, which supports both live proctoring (a proctor monitors you in real time via webcam) and video proctoring (your session is recorded for review). This allows you to test from your home or office without traveling to a test center. The second path is on-site testing through an EXIN accredited partner location.
For remote testing via EXIN Anywhere, system requirements include a stable internet connection, a functioning webcam, and a clean testing environment. You will need to complete an identity verification process before the exam begins. Given that the AI Act text is permitted during the exam, you should have your reference document ready in an approved format before the session starts-confirm with EXIN's current guidelines on what formats are permitted for open-book materials during remote proctoring.
The exam is currently available in English, French, Dutch, and Portuguese. Candidates who are not testing in their primary language should factor in additional reading time when practicing, particularly for the dense regulatory language in Domain 2 questions.
The Preparation Math: 112 Hours Explained
EXIN and accredited training providers recommend approximately 112 total hours of preparation for the AICP exam. Understanding how those hours break down explains a great deal about the exam's scope and scoring challenge.
The 112 hours consist of roughly 14 contact hours of formal training (typically spread across two days of instructor-led sessions or equivalent self-paced modules) plus substantial self-study. The remaining 98 hours cover independent reading of the EU AI Act, ISO/IEC 42001, and the NIST AI RMF; completion of Practical Assignments; and exam practice.
Foundation and Framework Mapping
- Complete formal training contact hours; absorb Domain 1 and Domain 3 content
- Read the EU AI Act Titles I-IV; annotate risk classification logic
- Begin Domain 2 deep dive: read Articles 8, 9, and 10 with annotations
Application and Practical Assignments
- Complete Practical Assignments (mandatory prerequisite work)
- Study Domain 4 (NIST AI RMF, ethical frameworks) and Domain 5 (lifecycle implementation)
- Begin timed practice questions at aicptest.com to identify weak domains
Targeted Review and Exam Simulation
- Focus additional study hours on Domain 2 (highest weight, most complex)
- Run full 40-question timed simulations to build exam-pace fluency
- Practice navigating AI Act text quickly for open-book efficiency
The 112-hour recommendation also reflects the certification's unique position as the first credential to integrate the EU AI Act, ISO/IEC 42001, and the NIST AI RMF into a single lifecycle-based compliance framework. You are not studying one regulatory document-you are learning to work at the intersection of three distinct frameworks simultaneously. For a detailed week-by-week breakdown, see AICP Study Schedule 2026: Building Your 112-Hour Plan.
Key Takeaway
The 112 recommended preparation hours are not padding. The AICP is the first certification to combine the EU AI Act, ISO/IEC 42001, and NIST AI RMF into a single exam-candidates who underestimate preparation depth and rely on the open-book provision alone routinely run out of time on Domain 2 questions. Budget your hours proportionally to domain weights, with Domain 2 receiving the most dedicated study time.
For candidates evaluating whether their background is sufficient, the recommended prerequisites include AI fundamentals and familiarity with GDPR or ISO 27001. These are not formal gatekeeping requirements, but candidates without this background should add additional study hours-particularly for Domain 3 (where GDPR concepts appear directly) and Domain 2 (where data governance requirements under Article 10 assume fluency with data quality concepts).
You can assess your current domain-level readiness before committing to a full study schedule by taking a diagnostic practice session at aicptest.com. Understanding which domains you are already strong in and which require the most remediation allows you to allocate your 112 hours more efficiently than following a generic week-by-week template.
For a detailed look at how EXIN structures scoring across question types-and how the AICP Exam Scoring 2026 framework connects to your overall preparation approach-reviewing the official EXIN exam specification alongside your practice results gives you the most complete picture of where you stand relative to the 26-question threshold.
Frequently Asked Questions
You need to answer at least 26 out of 40 questions correctly to meet the 65% passing threshold. There is no negative marking, so you should answer every question even when uncertain-an unanswered question guarantees zero points, while a guess carries some probability of a correct answer.
No. The AICP passing score is a fixed criterion-referenced threshold, not a norm-referenced curve. Your score is calculated as the percentage of questions you answer correctly, measured against the fixed 65% standard. How other candidates perform on the same sitting has no impact on your result.
Domain 2 (In-Depth Analysis of Articles 8, 9, and 10) carries the highest weight at 25% of the exam-approximately 10 of 40 questions. If preparation time is constrained, allocate disproportionate study hours to this domain first. Articles 8, 9, and 10 cover the core compliance obligations for high-risk AI systems and appear both directly and embedded within scenario questions across other domains.
EXIN permits retakes of the exam. Since your Practical Assignments prerequisite is already completed and on record, you typically do not need to retake the full training to book a retake exam sitting-however, you will need a new exam voucher, which may involve an additional fee. Confirm the exact retake policy with your training provider and with EXIN directly, as policies can vary.
The AICP certification is currently valid for life with no mandatory recertification requirement. This is consistent with EXIN's policy for this certification at launch. However, given that the EU AI Act is a living regulatory framework with implementation timelines running through 2025-2027 and beyond, candidates should monitor EXIN's official communications for any future updates to recertification policy as the regulatory landscape evolves.