Isaca ISACA Advanced in AI Audit (AAIA) AAIA Question # 23 Topic 3 Discussion
AAIA Exam Topic 3 Question 23 Discussion:
Question #: 23
Topic #: 3
A healthcare organization uses patient data to train an AI model for early disease detection. Which of the following practices provides the BEST assurance that personal data is secure and its integrity is maintained?
A.
Encrypting stored data to reduce exposure and log access
B.
Updating the AI model with new data and tracking changes
C.
Implementing strict data access controls and conducting security tests
D.
Anonymizing patient data and performing regular quality checks
In healthcare AI applications, protecting patient data is critical. The AAIA™ Study Guide identifies anonymization as one of the most effective strategies to preserve privacy and maintain data integrity. When combined with quality checks, it ensures data accuracy and compliance with health data protection regulations (e.g., HIPAA, GDPR).
“Anonymizing sensitive data removes identifying attributes, significantly reducing risk if data is accessed or leaked. Ongoing data quality checks ensure the integrity and utility of the anonymized dataset.”
While encryption (A) and access controls (C) are necessary technical safeguards, D provides the strongest dual assurance of privacy and accuracy. Option B focuses on model management rather than data security.
[Reference: ISACA Advanced in AI Audit™ (AAIA™) Study Guide, Section: “Ethical and Legal Considerations in AI,” Subsection: “Privacy and Security of Sensitive AI Data”, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit