Isaca ISACA Advanced in AI Security Management (AAISM) Exam AAISM Question # 19 Topic 2 Discussion
AAISM Exam Topic 2 Question 19 Discussion:
Question #: 19
Topic #: 2
When implementing a generative AI system, which of the following approaches will BEST prevent misalignment between the corporate risk appetite and tolerance?
A.
Ensuring effective AI key performance indicators (KPIs)
B.
Performing an AI impact assessment
C.
Creating and maintaining an AI risk register
D.
Establishing and monitoring acceptable levels of AI system risk
AAISM governance guidance specifies that alignment between AI system adoption and organizational risk appetite is achieved by defining and monitoring acceptable levels of system risk. This ensures that generative AI operations remain within boundaries approved by leadership and compliance frameworks. While KPIs track performance, they do not ensure alignment with risk tolerance. AI impact assessments help identify risks but do not maintain continuous oversight. A risk register records risks but does not dynamically enforce acceptable thresholds. The most effective governance approach is to establish and monitor acceptable AI system risk levels.
[References:, AAISM Study Guide – AI Governance and Program Management (Risk Appetite and Tolerance Alignment), ISACA AI Security Management – Generative AI Risk Governance, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit