Isaca ISACA Advanced in AI Security Management (AAISM) Exam AAISM Question # 32 Topic 4 Discussion
AAISM Exam Topic 4 Question 32 Discussion:
Question #: 32
Topic #: 4
A newly hired programmer suspects that the organization’s AI solution is inferring users’ sensitive information and using it to advise future decisions. Which of the following is the programmer’s BEST course of action?
AAISM directs personnel to use established AI governance channels for suspected privacy, ethics, or compliance risks. The governance panel (risk, privacy, legal/compliance, security, product/data science) is chartered to triage, record, investigate, and direct remediation for potential inference of sensitive attributes and resulting decision impacts. Direct technical action (A or C) bypasses due process and accountability; escalating directly to a single executive (B) lacks the structured, cross-functional oversight required for regulated and ethical AI risk handling.
[References:AI Security Management™ (AAISM) Body of Knowledge: AI Governance Operating Model; Roles & Responsibilities; Risk Intake and Triage for Privacy/Inference Risks.AAISM Study Guide: Ethics & Responsible AI Escalation Pathways; Governance Board Procedures; Documentation and Decision Records., ===========]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit