Isaca ISACA Advanced in AI Audit (AAIA) AAIA Question # 15 Topic 2 Discussion
AAIA Exam Topic 2 Question 15 Discussion:
Question #: 15
Topic #: 2
Which of the following is MOST important for an IS auditor to consider when identifying AI risk in a know your customer (KYC) application within a banking organization?
In high-stakes financial applications like KYC, the primary concern is the potential business and regulatory impact of an AI error—such as false customer rejection or failure to detect fraudulent accounts. The AAIA™ Study Guide emphasizes aligning AI risk assessments with business impact and regulatory exposure.
“In financial institutions, the most material risk of AI errors lies in operational disruption and regulatory fines. KYC models must be assessed for how errors can lead to compliance failures or reputational harm.”
Benchmarking (B) supports best practice alignment, and incident response (C) is part of mitigation, but D addresses the most critical consequence of AI risks in banking.
[Reference: ISACA Advanced in AI Audit™ (AAIA™) Study Guide, Section: “AI Governance and Risk Management,” Subsection: “Risk Impact and Business Alignment in AI Systems”, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit