Pass the Isaca AI-Centric Security Management AAISM Questions and answers with CertsForce

The AAISM framework specifies that the primary metric of effectiveness in vendor management is the vendor’s compliance with AI-related requirements defined in contracts and governance frameworks. This provides measurable assurance that vendors adhere to agreed-upon privacy, security, and ethical standards. Reviews of threat reports, training results, or research participation are supplemental and may support continuous improvement, but they do not establish compliance accountability. Governance requires a direct focus on whether contractual and regulatory obligations are being fulfilled. Therefore, vendor compliance with AI requirements is the most important monitoring focus.

AAISM states that AI agent security training should focus on the unique risks of agentic systems, which include:

• prompt injection

• memory control and context hijacking

• unsafe tool execution (agents triggering unauthorized actions)

These risks are specific to autonomous or semi-autonomous AI agents.

Bias, fairness (B) and output moderation (C) are important but not the most critical for agent security. API abuse and plug-in risk (D) matter but are secondary.

AAISM identifies continuous monitoring of AI outputs—especially generative outputs—as the most effective security control, ensuring that violations, unsafe responses, data leakage, and policy-breaking behavior are detected and corrected.

A kill switch (C) is a last-resort measure, not a primary control. Exceeding benchmarks (A) does not ensure relevance. Validating training data (D) is important but insufficient for generative output risks.

AAISM highlights unbounded consumption (token/payment exhaustion, unmetered tool calls, prompt bombs) as a key LLM risk affecting cost and availability. Controls include request quotas, max tokens, rate-limits, budget guards, circuit breakers, and cost-aware routing. Excessive agency (A) relates to unsupervised actions; sensitive disclosure (B) and prompt leakage (C) are confidentiality risks, not primary drivers of runaway compute spend.

When AI systems make consequential decisions over sensitive data, AAISM requires explicit performance thresholds tied to decision quality—i.e., accuracy (and related error/false-rate limits) aligned to business risk appetite and regulatory expectations. Availability and latency are important service metrics, but decision integrity and error bounds are primary risk drivers in sensitive contexts. Establishing, monitoring, and enforcing minimum accuracy thresholds (with subgroup performance checks) is essential to reduce harm, ensure fairness/compliance, and support auditability.

AAISM directs that AI adoption in security operations be governed through explicit operating models and RACI-mapped responsibilities spanning security operations, data science/ML, platform engineering, privacy, and compliance. Role clarity comes from updating the security program to codify AI-specific responsibilities (model monitoring, incident handling for AI failures, data governance, change control for models, bias/fairness reviews, supplier assurance) rather than deferring implementation, outsourcing core accountability, or relying on generic certifications. This ensures measurable accountability, reduces hand-off risk, and aligns day-to-day SOC practices with AI control objectives.

AAISM positions model cards as standardized documentation artifacts that record intended use and out-of-scope use, training/evaluation data characteristics, performance metrics across groups, limitations/risks, and governance controls/owners. Their purpose is transparency and assurance, not automated tuning or synthetic data generation. Visualization (A) may appear within a card, but the core role is structured documentation for governance, risk, and compliance.

Data splitting partitions a labeled dataset into training, validation, and test subsets to enable unbiased model tuning and evaluation. Training (A) consumes the training split; annotating (B) adds labels; learning (D) is a general term for model optimization, not a data management step.

AAISM categorizes unbounded consumption (also known as “resource exhaustion” or “infinite queries”) as an AI-specific vulnerability where attackers (or faulty prompts) trigger excessive computation, leading to high costs and degraded service.

This aligns precisely with unexpected large compute bills.

Excessive agency (A) refers to unsafe autonomy, while disclosure (B) and prompt leakage (D) do not relate to compute overuse.

AAISM requires formal model change governance: documented justification, risk assessment, validation/verification (V&V), approvals, and post-deployment monitoring when altering features, thresholds, or signals. Disabling risk indicators to reduce false positives without rigorous validation and controlled rollout reflects a failure in model validation and change control, which AAISM treats as a core safeguard against unintended harms and regulatory breaches.