Isaca ISACA Advanced in AI Security Management (AAISM) Exam AAISM Question # 26 Topic 3 Discussion
AAISM Exam Topic 3 Question 26 Discussion:
Question #: 26
Topic #: 3
An organization plans to implement a new AI system. Which of the following is the MOST important factor in determining the level of risk monitoring activities required?
AAISM risk management guidance clarifies that the organization’s risk tolerance is the most important factor in determining how much monitoring is needed. Risk tolerance specifies the amount of risk the organization is willing to accept and defines the threshold for triggering monitoring or mitigation activities. Risk appetite is broader and strategic, while tolerance sets the operational limits. The number of users may influence scale, and compensating controls may affect resilience, but neither dictates monitoring intensity as directly as risk tolerance.
[References:, AAISM Study Guide – AI Risk Management (Risk Appetite vs. Tolerance), ISACA AI Security Management – Monitoring Based on Risk Tolerance, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit