AICP logo
Focused certification exam prep
Start practice
Home / Study Resources / Core Study Guides / AICP Open Book Policy: What You Can Bring to the

AICP Open Book Policy: What You Can Bring to the Exam

Updated 11 min read AICP Exam Prep
Table of Contents
TL;DR
  • The AICP exam is officially open book - the EU AI Act text is the one permitted reference document during the 40-question test.
  • EXIN administers the exam via the EXIN Anywhere platform, which means your reference must work within a proctored digital environment.
  • A passing score is 65% on 40 multiple-choice questions within a 90-minute window - time management with an open reference is a skill in itself.
  • Domains 2 (Articles 8, 9, and 10) and 3 (Privacy, Transparency, Data Governance) are most directly supported by having the AI Act text on hand.

What "Open Book" Actually Means for the AICP Exam

The Artificial Intelligence Compliance Professional (AICP) certification, administered by EXIN, includes a feature that surprises many first-time candidates: the exam is open book. Specifically, you are permitted to consult the EU AI Act text during your 90-minute, 40-question exam session. This is not a loophole or an informal arrangement - it is an explicit design decision baked into the current 2025 exam literature.

Understanding why EXIN made this choice clarifies what the exam is actually testing. The AICP is not a memorization credential. It exists to certify that professionals can apply regulatory frameworks to real-world AI systems, interpret specific articles and annexes, and make compliance judgments in ambiguous situations. These are precisely the skills organizations need as EU AI Act enforcement timelines run from 2025 through 2027. A candidate who can navigate the Act under time pressure and reason about its requirements is far more valuable than one who simply memorized article numbers.

Why Open Book Doesn't Mean Easy: The exam questions are designed around application and analysis, not lookup. Knowing where to find Article 9's risk management requirements takes preparation. Actually using that text to answer a nuanced question about a high-risk AI system under time pressure requires deep familiarity - not just possession of the document.

This design also aligns with how compliance professionals actually work. In practice, an AICP-certified professional will have the regulation available when advising a development team. The exam simulates that reality. If you are still building your foundational knowledge, reviewing the AICP practice test environment will show you the type of scenario-based reasoning the exam demands.

What You Are Permitted to Bring

The permitted reference material is straightforward: the full text of the EU AI Act. This is the official legislative document that forms the backbone of the AICP certification's 2025 exam literature. Here is what matters practically:

  • Digital copy: Because EXIN Anywhere is a live or video-proctored online platform, your reference will be a digital document open on your device alongside the exam interface.
  • Annotated copy: You may annotate your version of the EU AI Act prior to exam day. Highlights, bookmarks, margin notes, and tabs are all legitimate preparation tools.
  • Official EXIN exam literature: The exam is explicitly based on the 2025 exam literature package that EXIN and accredited training providers supply. Your training materials may include a formatted version of the Act that is easier to navigate than a raw legislative PDF.
  • On-site option: If you sit the exam at an accredited partner testing center, physical printed copies of the EU AI Act text may be permitted per that center's protocols. Confirm directly with your provider.
Confirm with Your Provider: Training and exam packages range from approximately $800 to $1,700 depending on provider. Higher-tier packages often include formatted, navigable versions of the exam literature. Ask your provider explicitly what format of the AI Act is included and whether it is the version aligned to current exam objectives.

Because the exam fee is typically bundled with accredited training - and because accredited training is a mandatory prerequisite - you should receive guidance on the permitted reference during your course. If your training provider does not address this, ask before exam day.

What Is Not Permitted

Open book does not mean open internet, and it does not mean unlimited reference materials. The EXIN Anywhere proctoring environment monitors your session for browser switching, unauthorized applications, and secondary devices. Candidates should be clear on these boundaries:

  • No supplementary standards documents unless explicitly permitted - ISO/IEC 42001 and the NIST AI RMF, both of which appear in AICP training content, are not automatically open-book references during the exam.
  • No external websites, search engines, or AI tools. The proctor monitors for tab switching and navigation away from the exam and your single permitted reference.
  • No communication with other individuals, whether via messaging, phone, or any other method.
  • No additional notes documents beyond annotations within the permitted reference text itself, unless your provider has confirmed otherwise.

This means the exam places a premium on your knowledge of ISO/IEC 42001 and NIST AI RMF from memory, since you have studied them in depth during your accredited training but cannot look them up in real time. Candidates who underestimate this are often caught off guard by questions in Domain 5 (AI Compliance Lifecycle Management and Implementation) that require reasoning about framework integration without a reference document in hand.

How to Use the EU AI Act Text Strategically During the Exam

The candidates who use the open-book policy most effectively are not the ones who read the AI Act for the first time on exam day. They are the ones who have already internalized the structure of the Act and use the document only to verify specific details, article numbers, or annex classifications under time pressure.

Know the Architecture Before You Walk In

The EU AI Act is a long, structured document. Its most exam-relevant sections include:

  • Title I and II: Scope, definitions, and prohibited practices - foundational for Domain 1 questions.
  • Title III (especially Articles 8, 9, and 10): Requirements for high-risk AI systems - the entire focus of Domain 2, which carries the highest weighting at 25%.
  • Annexes I and III: Lists of high-risk AI application areas. Candidates must be able to locate these quickly.
  • Title IV: Transparency obligations - relevant to Domain 3.
  • Title IX: Codes of conduct and Article 69 provisions - relevant to Domain 4.

Build a Lookup Index

Before exam day, create a personal index or bookmark set organized by topic: risk classification, conformity assessment, data governance obligations, transparency requirements, and so on. During the exam, you are not reading - you are confirming. The difference is 30 seconds versus 3 minutes per question.

Key Takeaway

Treat your annotated EU AI Act copy as a precision instrument, not a safety net. Candidates who open the document to figure out an answer from scratch will run out of time. Use it only to verify what you already understand.

Which Domains Benefit Most from Open-Book Access

The five AICP exam domains are not equally served by the open-book policy. Understanding this asymmetry shapes how you allocate preparation time.

Domain 2: In-Depth Analysis of Articles 8, 9, and 10 (25% of Exam)

This is the domain most directly supported by the open-book policy. Article 8 covers compliance with requirements, Article 9 covers risk management systems, and Article 10 covers data and data governance for high-risk AI. These articles are dense with specific procedural requirements.

  • Bookmark Article 9's iterative risk management cycle provisions
  • Know Article 10's data quality criteria in detail - questions may ask you to identify which criterion applies to a given scenario
  • Article 8's cross-referencing structure rewards candidates who understand how it links to the annexes

Domain 1: General Understanding of the EU AI Act (20% of Exam)

Foundational knowledge of scope, definitions, and prohibited AI practices. The open-book reference helps with edge cases - borderline definitions, exact prohibition language - but strong candidates know this material cold.

  • Focus on the definitions article and Annex III classification lists
  • Prohibited AI practices under Title II are frequently tested with scenario-based questions

Domain 3: Building Trustworthy AI - Privacy, Transparency, and Data Governance (20% of Exam)

Draws heavily on the Act's transparency title and overlaps with GDPR principles. Your reference supports article-specific transparency requirements, but GDPR and ISO 27001 familiarity must come from your training.

  • Title IV transparency obligations are bookmarkable and testable
  • Data governance questions may connect Article 10 back to GDPR concepts - a recommended background per AICP prerequisites

Domain 4: Ethical AI Frameworks and Human Rights (15% of Exam)

This domain draws on international frameworks, UNESCO recommendations, and ECHR principles that are not in the EU AI Act text. The open-book policy provides minimal direct support here.

  • Ethical frameworks must be studied from memory - your reference document will not save you in this domain
  • Article 69 codes of conduct provisions are the main AI Act hook

Domain 5: AI Compliance Lifecycle Management and Implementation (20% of Exam)

Integrates ISO/IEC 42001 and NIST AI RMF alongside the EU AI Act. Since only the Act is an open-book reference, the framework integration content must be mastered through study.

  • Know the ISO/IEC 42001 AI management system structure from memory
  • NIST AI RMF's four core functions (Map, Measure, Manage, Govern) should be internalized, not looked up
Domain Exam Weight Open-Book Utility Must-Know from Memory
Domain 1: General EU AI Act Understanding 20% Moderate - edge case definitions Scope, prohibited practices, classification logic
Domain 2: Articles 8, 9, and 10 In-Depth 25% High - detailed procedural requirements Conceptual flow of risk management cycle
Domain 3: Privacy, Transparency, Data Governance 20% High for AI Act provisions, low for GDPR GDPR principles, ISO 27001 basics
Domain 4: Ethical AI and Human Rights 15% Low - external frameworks not in reference Ethics frameworks, human rights conventions
Domain 5: Compliance Lifecycle Management 20% Partial - Act lifecycle provisions only ISO/IEC 42001, NIST AI RMF structure

Building a Usable Reference: Annotation Before Exam Day

Your annotated EU AI Act copy is a competitive advantage - if it is built correctly. Many candidates make the mistake of annotating reactively as they study, producing a document that mirrors their confusion rather than clarifying it. A more disciplined approach:

Phase 1: Structure Mapping

Before your first read-through, create a table of contents overlay: a handwritten or digital index that maps exam-relevant topics to title, chapter, and article numbers. This is your navigation layer. A candidate who knows that data governance requirements sit in Article 10 of Chapter 2, Title III, will locate them in seconds.

Phase 2: High-Risk Annotations

Focus deep annotation energy on the sections most likely to appear under Domain 2 - Articles 8, 9, and 10. For each article, write a two-to-four word summary in the margin: what the article requires, not what it says. "Article 9: iterative risk management process - lifecycle-wide" is more useful than a highlighted block of legislative text.

Phase 3: Cross-Reference Flagging

The AI Act's high-risk system provisions cross-reference Annex I and Annex III repeatedly. Flag these cross-references with sticky arrows or digital bookmarks so you can move between them without reading - just clicking or flipping.

Once your annotation is complete, do timed practice runs using the AICP practice test platform with your annotated document open. Identify which questions you still reach for the reference on, and whether your annotations actually help you find the answer quickly.

The Time Reality: 90 Minutes, 40 Questions, One Document

Ninety minutes for 40 questions gives you an average of 2 minutes and 15 seconds per question. That sounds generous - until you factor in the time it takes to open, navigate, and read from a reference document. A single lookup that takes 90 seconds eats 67% of that question's time budget.

This arithmetic has one clear implication: the open-book policy is a safety net for specific verifications, not a replacement for preparation. Candidates who need to look up more than four or five items during the exam are likely not prepared at the level the 65% passing threshold demands.

Passing Score in Context: The AICP requires a 65% passing score - that is 26 correct answers out of 40. Given the scenario-based, application-focused question style, each domain's questions require reasoning under time pressure. Wasting time on lookups in low-return domains (like Domain 4) costs you time you need for high-complexity Domain 2 questions.

The recommended total preparation time for the AICP is approximately 112 hours, including 14 contact hours of accredited training. That remaining self-study time is where you build the fluency that makes the open-book policy useful rather than a distraction. To understand more about eligibility and training requirements, review the AICP Exam Prerequisites and Eligibility Requirements 2026 article.

A Focused Preparation Calendar

Given the 112-hour total preparation recommendation and the five domain structure, here is a realistic pre-exam schedule for a candidate who has completed their accredited training and is now in the self-study phase:

Week 1

Foundation and Reference Setup

  • Read the EU AI Act in full - focus on structure, not memorization
  • Build your annotation index: title and chapter map, key definitions page
  • Review Domain 1 content (20% weight) - scope, definitions, prohibited practices
  • Goal: complete reference architecture so navigation becomes automatic
Week 2

Domain 2 Deep Work - Articles 8, 9, 10

  • Annotate Articles 8, 9, and 10 intensively - margin summaries, cross-reference flags
  • Work through scenario exercises on high-risk AI system classification
  • Run timed practice questions on Domain 2 specifically using the practice test platform
  • Goal: navigate Articles 8-10 and locate specific requirements in under 45 seconds
Week 3

Domains 3 and 4 - Memory-Heavy Content

  • Study GDPR principles, ISO 27001 basics, and transparency obligations from memory
  • Annotate Title IV of the AI Act (transparency) - high open-book value
  • Commit Domain 4 ethical frameworks to memory - these cannot be looked up
  • Goal: fluency in GDPR-AI Act intersections; confidence in ethical framework application
Week 4

Domain 5 Integration and Full Exam Simulation

  • Review ISO/IEC 42001 management system structure and NIST AI RMF from training materials
  • Complete two full 40-question timed practice exams with annotated reference open
  • Identify lookup patterns - any article you look up more than twice needs deeper study
  • Goal: complete a full practice exam under 85 minutes with reference use under 10 minutes total

Candidates who have questions about whether their training background satisfies accreditation requirements before beginning this preparation schedule should review the AICP Exam Prerequisites and Eligibility Requirements 2026 in detail before registering.

Frequently Asked Questions

Can I use my annotated EU AI Act during the EXIN Anywhere exam?

Yes. Annotation of the permitted reference document is allowed and encouraged. You can highlight, add margin notes, bookmarks, and cross-reference flags before exam day. The key constraint is that you cannot use additional documents, websites, or external resources - only the EU AI Act text as your open-book reference.

Is the ISO/IEC 42001 standard also available during the exam?

No. The ISO/IEC 42001 AI management system standard and the NIST AI RMF are not automatically permitted open-book references. Only the EU AI Act text is explicitly permitted. Content from these frameworks, which is covered in Domains 3 and 5, must be mastered through your accredited training and self-study.

How do I receive the permitted reference material?

Your accredited training provider typically supplies the exam literature package, which includes a version of the EU AI Act formatted for exam use. Since the exam fee is normally bundled with training packages ranging from approximately $800 to $1,700, this material is part of your package. Confirm the format with your provider - some supply formatted PDFs that are easier to navigate than raw legislative downloads.

Will I have enough time to look things up during the 90-minute exam?

Only if you use the reference selectively. With 40 questions in 90 minutes, your average per-question budget is just over two minutes. Efficient candidates limit reference lookups to specific detail verification - article numbers, annex classifications, exact procedural requirements - rather than using the document to understand concepts during the exam. Preparation is what makes the open-book policy an asset rather than a time drain.

Does the open-book policy make the AICP easier than other compliance certifications?

Not in the way candidates hope. The AICP is designed to test application and analysis, meaning questions present realistic compliance scenarios that require reasoning, not lookup. The open-book policy reflects how compliance work actually functions - professionals have the regulation available, but they must be able to interpret and apply it quickly and accurately. Candidates who treat the reference as a substitute for preparation consistently struggle with time and conceptual questions.

Ready to Start Practicing?

Test your ability to apply the EU AI Act under timed, exam-realistic conditions. Our AICP practice tests are built around the same five domains, question formats, and scenario-based reasoning the real exam demands - so you walk in knowing exactly how to use your open-book reference when it counts.

Start Free Practice Test
Continue reading:

Ready to pass your AICP exam?

Put this into practice with free AICP questions across every exam domain.