Pass the Isaca AI-Centric Security Management AAISM Questions and answers with CertsForce

AAISM materials emphasize that the primary ethical concern with generative AI is the risk to information integrity. Generative models can create content that appears authentic but is fabricated, misleading, or manipulated. This undermines trust in information ecosystems and can have wide-reaching social, legal, and organizational impacts. While confidentiality breaches and bias are concerns, they are not the central ethical issue inherent to generative models. Availability is less relevant in this context. The most pressing concern is that generative AI may compromise the integrity of information.

Sustained stakeholder sponsorship hinges on demonstrated, quantified business value communicated in terms they own (KPIs, ROI, cost-to-serve, risk-adjusted outcomes). AAISM frames stakeholder alignment as a value-assurance loop: define value hypotheses, measure realized value, and continuously communicate results to sponsors. While an AI roadmap (C), risk optimization (B), and training (A) are important, they support rather than drive ongoing executive buy-in. Quantified value narratives secure resources and reinforce alignment to strategic goals.

AAISM identifies output review and annotation as the most practical compensating control when robust input validation cannot be applied.

Output moderation detects:

• maliciously influenced responses

• unsafe outputs

• security-policy violations

IAM (B) does not mitigate prompt injection itself. Human review of inputs (C) is unrealistic at scale. Fine-tuning (A) cannot guarantee full prevention.

AAISM materials describe data segregation and segmented access as core technical controls to prevent unintended information disclosure by AI systems. Siloing refers to logically or physically separating data into distinct repositories or contexts, ensuring that sensitive datasets are not available to components or applications that only require non-sensitive information. This is directly aligned with preventing a chatbot from accessing or mixing confidential data with general conversational content. Zero Trust (A) is an overarching security architecture principle, focusing on identity and continuous verification; it does not by itself guarantee separation of data. Sandboxing (B) isolates processes but is less about fine-grained data separation. Containerization (D) packages applications and their dependencies, again not necessarily solving the specific problem of mixing sensitive and non-sensitive datasets. Siloing is explicitly highlighted as a way to prevent cross-context leakage in AI use cases.

In AI governance frameworks, credit scoring is treated as a high-risk application. For such systems, the highest-priority safeguard is human oversight to ensure fairness, accountability, and prevention of bias in automated decisions.

The AI Security Management™ (AAISM) domain of AI Governance and Program Management emphasizes that high-impact AI systems require explicit governance structures and human accountability. Human-in-the-loop design ensures that final decisions remain the responsibility of human experts rather than being fully automated. This is particularly critical in financial contexts, where biased outputs can affect individuals’ access to credit and create compliance risks.

Official ISACA AI governance guidance specifies:

High-risk AI systems must comply with strict requirements, including human oversight, transparency, and fairness.

The purpose of human oversight is to reduce risks to fundamental rights by ensuring humans can intervene or override an automated decision.

Bias controls are strengthened by requiring human review processes that can analyze outputs and prevent unfair discrimination.

Why other options are not the highest priority:

A. Regular updates improve accuracy but do not guarantee fairness or ethical decision-making. Model drift can introduce new bias if not governed properly.

B. Appeals mechanisms are important for accountability, but they operate after harm has occurred. Governance frameworks emphasize prevention through human oversight in the decision loop.

D. Restricting criteria to “objective metrics” is insufficient, as even objective data can contain hidden proxies for protected attributes. Bias mitigation requires monitoring, testing, and human oversight, not only feature restriction.

AAISM Domain Alignment:

Domain 1 – AI Governance and Program Management: Ensures accountability, ethical oversight, and governance structures.

Domain 2 – AI Risk Management: Identifies and mitigates risks such as bias, discrimination, and lack of transparency.

Domain 3 – AI Technologies and Controls: Provides the technical enablers for implementing oversight mechanisms and bias detection tools.

References from AAISM and ISACA materials:

AAISM Exam Content Outline – Domain 1: AI Governance and Program Management (roles, responsibilities, oversight).

ISACA AI Governance Guidance (human oversight as mandatory in high-risk AI applications).

Bias and Fairness Controls in AI (human review and intervention as a primary safeguard).

In AAISM, usage of AI for activities involving personal data and profiling, such as personalized advertising, is explicitly mapped to stringent regulatory and compliance requirements (e.g., data protection, consent, profiling limitations, fairness obligations). The material notes that these activities may trigger “heightened regulatory scrutiny, mandatory impact assessments, and potential penalties for non-compliance.” While reputational (B), fraud (A), and commercial (C) risks are all relevant, the primary, non-optional constraint is compliance with applicable regulations governing personal data, automated profiling, and targeted content. Failure in this area can lead not only to reputational harm but also to legal sanctions, enforced remediation, and operational restrictions. Therefore, regulatory risk is identified as the most important consideration when deploying generative AI for personalized advertising.

Security by design in AI requires establishing risk-informed requirements at the earliest stages of the lifecycle and systematically translating them into architectural controls. Conducting AI-specific threat modeling before deployment is the highest-leverage action because it identifies assets (data, models, pipelines), trust boundaries (feature stores, training/inference services), threat events (poisoning, evasion, model extraction), and attack paths unique to ML systems. The outputs (abuse/misuse cases, control objectives, verification plans) then drive selection and prioritization of controls such as privacy-enhancing techniques, access controls, isolation, monitoring, and assurance testing. While differential privacy (C) is a strong control for leakage risk, it is one control choice among many and should be selected as a result of threat modeling. IP allow lists (B) and container segmentation (A) are valuable hardening measures but are narrower and do not replace the lifecycle-wide governance and design traceability that threat modeling enables.

AAISM highlights that uncontrolled access to generative AI in critical systems introduces the highest level of risk, as such models can:

• expose sensitive data

• execute unintended actions

• be manipulated through injected prompts

• cause operational instability

Monitoring (A) is important but not the core risk. Bias (B) is significant but secondary in critical systems. Regulatory enhancements (C) are indirect.

The AAISM framework stresses that the most effective way to maintain oversight of organizational AI usage is by maintaining a comprehensive inventory of all AI systems and the business units using them. Such an inventory provides a centralized, transparent record of where AI is deployed, ensuring accountability, monitoring, and compliance. While board approval, dashboards, and KPIs are important governance tools, they do not provide holistic visibility across the enterprise. The inventory ensures traceability and governance alignment, making it the best method to maintain visibility of AI usage.

AAISM highlights that post-incident remediation and demonstrating lessons learned is essential to restoring trust. Governance guidance specifies that stakeholders regain confidence only when organizations show clear corrective actions, transparency, and improvements to prevent recurrence.

Validating outputs (B) supports accuracy but is not trust-restoring. Monitoring (C) and prioritization (D) relate to operations, not trust rebuilding.