Pass the Isaca AI-Centric Security Management AAISM Questions and answers with CertsForce

According to the AI Security Management™ (AAISM) study framework, compliance with privacy and regulatory standards must begin with a formalized process of identifying, documenting, and maintaining applicable obligations. The guidance explicitly notes that organizations should maintain a comprehensive register of legal and regulatory requirements to ensure accountability and alignment with privacy laws. This register serves as the foundation for all governance, risk, and control practices surrounding AI systems that handle personal data.

Maintaining such a register ensures that the recommendation system operates under the principles of privacy by design and privacy by default. It allows decision-makers and auditors to trace every AI data processing activity back to relevant compliance obligations, thereby demonstrating adherence to laws such as GDPR, CCPA, or other jurisdictional mandates.

Other measures listed in the options contribute to good practice but do not achieve the same direct compliance outcome. Retraining models improves technical accuracy but does not address legal obligations. Oversight committees are valuable but require the documented register as a baseline to oversee effectively. Indefinite storage of customer data contradicts regulatory requirements, particularly the principle of data minimization and storage limitation.

AAISM Domain Alignment:

This requirement falls under Domain 1 – AI Governance and Program Management, which emphasizes organizational accountability, policy creation, and maintaining compliance documentation as part of a structured governance program.

References from AAISM and ISACA materials:

AAISM Exam Content Outline – Domain 1: AI Governance and Program Management

AI Security Management Study Guide – Privacy and Regulatory Compliance Controls

ISACA AI Governance Guidance – Maintaining Registers of Applicable Legal Requirements

In the AAISM™ guidance, vendor management for AI adoption highlights that large AI providers often resist contractual changes, particularly when customers seek to impose stricter security, transparency, or ethical obligations. The official study materials emphasize that while organizations must evaluate AI risk and build internal expertise, the primary challenge lies in negotiating acceptable contractual terms with dominant AI vendors who may not be willing to adjust their standardized agreements. This resistance limits the ability of organizations to enforce oversight, bias controls, and compliance requirements contractually.

AAISM lifecycle governance guidance specifies that before any AI solution is moved into production, it must undergo testing, evaluation, validation, and verification to ensure accuracy, resilience, security, and compliance with standards. These steps confirm that the solution performs as expected under varied conditions. Conducting gap analysis is part of compliance checks but comes earlier in design. Management sign-off provides approval but cannot substitute for assurance of technical reliability. Deploying prototypes is a testing method but not the final assurance step. The critical requirement is a complete cycle of testing, validation, and verification.

The AAISM technical controls framework emphasizes data validation as the primary safeguard against data poisoning attacks. Poisoning occurs when attackers insert malicious or corrupted data into training sets. Validation techniques verify the quality, authenticity, and consistency of input data before training, preventing compromised samples from corrupting the model. Restoration helps after compromise, watermarking protects ownership, and intrusion detection monitors networks rather than data quality. The most effective preventive measure is data validation.

AAISM describes AI architecture as a strategic alignment framework, ensuring AI systems, data pipelines, governance processes, and capabilities match organizational business goals and regulatory requirements.

While threat identification (B) and scalability (D) are advantages, the primary purpose is business alignment. Option A is not a core architectural objective.

AAISM describes GANs as effective for synthetic data generation to augment scarce or imbalanced security datasets. In anomaly IDS contexts, GANs can create realistic synthetic attack traffic and edge-case behaviors that improve detector sensitivity and robustness. While labeled “real” data is valuable, the specific advantage of a GAN-integrated pipeline is the capability to generate adversarially realistic synthetic intrusions for training and stress testing. Automated rules are a signature-based paradigm and do not leverage GAN strengths; validation sets are for evaluation, not primary improvement of anomaly coverage.

AAISM highlights threat modeling and supply chain integrity checks as key controls for managing AI-specific risks, including hidden backdoors in third-party models, libraries, or fine-tuning artifacts. The official guidance states that organizations should “identify adversarial insertion points, verify component integrity, and continuously test for malicious behaviors introduced via external components.” This is precisely what option B describes. Simply using open-source (A) does not guarantee security; code can still contain malicious modifications. Disabling runtime logs (C) would reduce visibility, making backdoor detection harder. Choosing unsupervised learning (D) is a modeling approach and has no inherent relation to backdoor risk reduction. The explicit combination of AI-focused threat modeling and integrity verification of external components is the recommended best practice to mitigate this class of attack.

Effective AI BCP requires validation through exercises and controlled failover tests to prove recovery objectives can be met in practice. Merely documenting backups (Option D), hardening access (Option B), or improving monitoring (Option A) does not confirm that the AI stack—data pipelines, feature stores, model registries, inference services, and dependent infrastructure—can actually fail over and recover within RTO/RPO. AAISM prescribes periodic BCP/DR testing (including model artifact restoration, configuration reconstitution, dependency failover, and data pipeline continuity) to verify readiness and identify gaps before real incidents.

AAISM defines an AI BCP as requiring validated failover and recovery testing of AI components, including:

• model hosting environments

• model-serving APIs

• feature stores

• inference pipelines

Only Option B tests actual continuity of AI functionality.

Monitoring (A) detects issues but does not ensure continuity. Access controls (C) relate to security, not continuity. Backup detail (D) is insufficient without recovery testing.

In AI Security Management, bias evaluation is primarily a data problem before it is a model or performance problem. The official AI Security Management content explains that impact assessments must specifically analyze training data representativeness against the demographics and characteristics of all relevant users and stakeholders. If the data used to train an AI system underrepresents or omits particular groups, the resulting model will systematically disadvantage them, regardless of how fast or “accurate” it is on average. While comparing outputs to historical data (option B) can help, historical data itself may be biased. Performance-related options (C and D) relate to efficiency and scalability, not fairness. Therefore, systematically assessing whether the training data covers all relevant end-user groups is the most direct and effective way to evaluate and mitigate bias.