Isaca ISACA Advanced in AI Security Management (AAISM) Exam AAISM Question # 37 Topic 4 Discussion
AAISM Exam Topic 4 Question 37 Discussion:
Question #: 37
Topic #: 4
An organization develops and implements an AI-based plug-in for users that summarizes their individual emails. Which of the following is the GREATEST risk associated with this application?
According to AAISM risk management guidance, the greatest risk in AI applications handling personal communication data is inadequate parameter controls, which may allow unintended access, manipulation, or leakage of sensitive information. Plug-ins that interact with emails must enforce strict parameter validation and security restrictions to prevent unauthorized or manipulated inputs. While vulnerability scanning, format incompatibility, and API rate limiting are valid concerns, they are secondary. The primary risk is a lack of strong parameter controls that could expose sensitive content.
[References:, AAISM Exam Content Outline – AI Risk Management (Application Security Risks), AI Security Management Study Guide – Plug-in and API Security Risks, , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit