In AI Security Management, bias evaluation is primarily a data problem before it is a model or performance problem. The official AI Security Management content explains that impact assessments must specifically analyze training data representativeness against the demographics and characteristics of all relevant users and stakeholders. If the data used to train an AI system underrepresents or omits particular groups, the resulting model will systematically disadvantage them, regardless of how fast or “accurate” it is on average. While comparing outputs to historical data (option B) can help, historical data itself may be biased. Performance-related options (C and D) relate to efficiency and scalability, not fairness. Therefore, systematically assessing whether the training data covers all relevant end-user groups is the most direct and effective way to evaluate and mitigate bias.