Periodic monitoring is the MOST critical governance mechanism for protecting privacy and data security in AI systems, especially those handling sensitive or personal data. ISACA’s AAIA guidance emphasizes that data governance must be continuous because AI systems evolve, data drifts, risk exposures shift, and privacy threats increase over time.
Periodic monitoring ensures:
Detection of unauthorized access
Identification of anomalous data use
Confirmation that privacy controls remain effective
Early detection of data misclassification or leakage
Verification of compliance with retention, deletion, and minimization requirements
Options A and C do not protect privacy. Acceptable use policies (B) provide guidelines but do not enforce ongoing protection. Continuous monitoring is the operational safeguard that enforces privacy and security controls at all times.
[References:, AAIA Domain 1: Data Governance Controls, AAIA Domain 5: Privacy and Data Protection Monitoring, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit