View AAISM Exam Questions

Q: 1

As organizations increasingly rely on vendors to develop AI systems, which of the following is the MOST effective way to monitor vendors and ensure compliance with ethical and security standards?

Options

Discussion

Reese G. Feb 25, 2026 9:31 am

Option A makes sense. Regular audits actually verify that vendors follow ethical and security standards, which is stronger than just letting them self-report or share docs. Pretty sure this is what most orgs would do in practice, but open to other thoughts.

Karan Q. Feb 20, 2026 7:27 am

Option A is right since audits actually verify what the vendor is doing, not just taking their word for it. Self-attestation and just sharing docs aren’t enough for real compliance. Pretty sure this is what ISACA expects here.

Nathan P. Feb 15, 2026 7:44 am

Option A is the strongest here. Regular audits actually verify vendor compliance, while options like D (self-attest) put too much trust in the vendor. Think audits are pretty standard for critical AI systems. Open if anyone has a different take.

Reese P. Mar 2, 2026 4:25 am

Makes sense to pick A since audits directly check what vendors are actually doing, not just what they say. Self-attestation like in D feels too weak for real assurance. I think A's the best bet but open if anyone sees it differently.

RileyL Feb 24, 2026 9:26 am

Probably A, because only regular audits give you independent evidence that vendors are following your AI security and ethics policies. Self-monitoring or self-attestation (like in B or D) relies too much on trust, so not as strong. Audits catch issues you might otherwise miss. Pretty sure that's the ISACA logic here but I'm open to debate!

Sean G. Feb 17, 2026 4:26 am

C or A, saw similar question in a practice set and both seemed possible but A is probably expected for "most effective".

Hannah O. Feb 21, 2026 4:09 am

For me, A. Official ISACA guides and some practice exams mention audits as the best compliance check.

Ishaan O. Feb 16, 2026 7:52 pm

A for sure. Regular audits (A) are actually checking the vendor's controls, not just taking their word like D. B is too hands-off and basically trust-based, which doesn't fly for real compliance. Could be wrong but most audits catch what self-attestation misses.

Ethan I. Feb 18, 2026 9:54 am

Probably A, seen this asked in a similar way on practice. Audits give real assurance where self-reporting just isn't enough for compliance.

Reese R. Feb 24, 2026 3:02 pm

It’s A, not D. Self-attest (D) is way less reliable for actual compliance monitoring.

Be respectful. No spam.

Correct Answer:

Explanation

Conducting regular, independent audits is the most effective method for monitoring vendor compliance. Audits provide direct, verifiable assurance that the vendor's processes, controls, and outputs align with contractually mandated ethical and security standards. This approach moves beyond trust-based models like self-attestation, offering a structured and evidence-based mechanism to assess the entire AI development lifecycle. It allows the contracting organization to proactively identify gaps, enforce accountability, and ensure that principles of fairness, transparency, and security are being actively implemented, rather than just claimed.

Why Incorrect

B. Requiring vendors to monitor their adherence to ethics and security standards: This approach lacks independent verification and creates a potential conflict of interest, making it less reliable than an external audit.

C. Mandating that vendors share source code and AI documentation with the contracting party: While useful for due diligence, code and documentation review is a static, point-in-time assessment and does not guarantee ongoing process compliance.

D. Allowing vendors to self-attest ethical AI compliance and implement benchmark monitoring: Self-attestation is the weakest form of assurance, as it is not independently verified and may not accurately reflect actual practices.

References

1. ISACA. (2023). Artificial Intelligence Audit Toolkit. In the section on "Third-Party Management

" the toolkit emphasizes the need for organizations to "Perform audits of the third party" and "Review third-party attestation reports (e.g.

SOC 2)" to gain assurance over the controls at the vendor. This directly supports the practice of conducting audits (Option A) over relying on vendor self-monitoring or attestation (Options B and D).

2. ISACA. (2021). Auditing Artificial Intelligence. This white paper states

"The audit and assurance professional should obtain an understanding of the third-party relationships and related processes to determine whether the enterprise has implemented appropriate governance and monitoring controls." It highlights the auditor's role in verifying these controls

which is the essence of an audit. (Page 18

Third-Party Management).

3. National Institute of Standards and Technology (NIST). (2023). AI Risk Management Framework (AI RMF 1.0). In the "Govern" function

section 4.4 "AI System and Third-Party Relationships

" the framework outlines the importance of establishing processes for "monitoring and reviews of third-party providers

" including "audits

and assessments." This underscores that active

independent verification like audits is a core component of managing third-party AI risk. (Page 21).

Q: 2

During the creation of a new large language model (LLM), an organization procured training data from multiple sources. Which of the following is MOST likely to address the CISO's security and privacy concerns?

Options

Discussion

Adam A. Feb 13, 2026 6:42 am

B. Data minimization.

Luke Feb 10, 2026 12:00 pm

I’d say it's B. Minimizing the data collected is the main protection for both privacy and security concerns in this scenario.

Noah Feb 19, 2026 6:58 pm

Maybe C, since you need to label the data before you can focus on privacy risks. Not 100% sure.

Ravi U. Mar 2, 2026 1:35 am

Honestly, these questions always overcomplicate things. Minimization is what CISOs actually care about for privacy, not just labeling stuff. B.

Grace S. Feb 23, 2026 6:50 am

B , since minimizing the data set actually removes sensitive info that could leak out of the LLM later. Classification helps control it but doesn't prevent risky data from getting in. Seen similar wording on practice questions, and B fits best unless they're asking for just an inventory, which they're not. Open to other views but this is pretty clear to me.

Vikram Feb 26, 2026 1:18 pm

Feels like it's B. Only minimizing the data actually deals with privacy risks up front, not just labeling or discovering it.

CalmSec867 Feb 23, 2026 8:12 am

I get why B is tempting but C makes more sense if you want to actually address privacy up front. C.

Hannah Feb 15, 2026 9:48 am

Ryan D. Feb 28, 2026 10:10 pm

Its B, data minimization. That actually reduces the amount of sensitive data in training sets, directly cutting down privacy risk. C is a common distractor but just labeling doesn't fix exposure. Pretty sure B is what CISOs want here.

Karan G. Feb 27, 2026 6:57 am

C tbh, since classification has to come first when pulling from multiple sources. Can't minimize what you haven't labeled yet. Pretty sure that's how most orgs would approach security here, but open to other thoughts.

Be respectful. No spam.

Correct Answer:

Explanation

Data minimization is a core privacy and security principle that involves processing only the data that is absolutely necessary for a specific purpose. In the context of training a large language model (LLM), applying data minimization means proactively identifying and removing any sensitive, personal, or proprietary information from the training datasets before the model is trained. This directly addresses the CISO's concerns by fundamentally reducing the risk surface. By ensuring sensitive data is not included, the organization mitigates the possibility of the model memorizing and later exposing this information, thus preventing potential data breaches and ensuring compliance with privacy regulations.

Why Incorrect

A. Data augmentation: This technique is used to increase the volume of training data to improve model accuracy and generalization, not to address security or privacy risks.

C. Data classification: This is a foundational step to identify sensitive data, but it does not, by itself, mitigate the risk; it only categorizes it.

D. Data discovery: This process locates data across systems. Like classification, it is a preliminary step that identifies the problem but does not implement a solution.

References

1. National Institute of Standards and Technology (NIST). (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0). (NIST AI 100-1).

Page 29

Table 7

MAP.T10: In the section on documenting training data

this subcategory explicitly lists "adherence to data minimization principles" as a key element for managing AI risks. This directly supports using data minimization to handle training data concerns.

2. ISACA. (2023). Artificial Intelligence: An Audit and Assurance Framework.

Page 21

Section 3.2.1 Data Governance: The framework states

"Data used to train AI models should be relevant

accurate and appropriate for the intended purpose... It is important to ensure that the data used for training does not contain any sensitive or confidential information that could be inadvertently exposed by the AI model." This aligns with the principle of data minimization to remove unnecessary sensitive data.

3. European Union. (2016). General Data Protection Regulation (GDPR).

Article 5(1)(c): This article establishes "data minimisation" as a core principle of data protection

stating that personal data shall be "adequate

relevant and limited to what is necessary in relation to the purposes for which they are processed." This legal and privacy principle is the direct solution to the CISO's concerns when applied to AI training data.

Q: 3

An organization needs large data sets to perform application testing. Which of the following would BEST fulfill this need?

Options

Discussion

Maya H. Feb 23, 2026 9:33 pm

C . Open-source data repositories literally exist to provide large, ready-to-use datasets. D is more for creating variation or synthetic data, not meeting the base requirement for large sets. Seen similar logic referenced in a few practice questions.

Ben N. Feb 13, 2026 12:10 am

Ishaan O. Feb 23, 2026 8:23 am

Probably C, unless the question is about generating unique test data instead of sourcing existing sets?

Jordan H. Feb 26, 2026 6:56 am

Probably C for this one.

Mason Feb 22, 2026 12:29 pm

Nah, I think C makes more sense than D. Data augmentation (D) is useful if you already have a dataset and need to expand it, but for just getting large data sets fast, open-source repositories (C) are built for this. Pretty sure that's what the exam wants, but open to debate.

QuickMentor2595 Feb 14, 2026 6:48 pm

C/D? I was thinking D since data augmentation can create even more data from what you have, which helps with scale in testing. But not sure if that matches the 'best fulfill' angle since you're starting from an existing set. Maybe someone who worked with both methods can weigh in.

Alex B. Feb 18, 2026 6:25 am

Not B, C. Saw a similar question in an exam report, open-source repo fits best for large data.

Amelia Feb 23, 2026 10:24 pm

Pretty clear it's C here.

Ben S. Feb 13, 2026 8:09 am

Makes sense, I think C is the one here.

Ravi Mar 1, 2026 12:38 pm

C tbh, D looks tempting for expansion but the question just wants large datasets, not synthetic ones.

Be respectful. No spam.

Correct Answer:

Explanation

Open-source data repositories are centralized platforms (e.g., Kaggle, UCI Machine Learning Repository, Google Dataset Search) that host a wide variety of large, often cleaned and labeled, datasets. They are specifically designed to provide data for research, development, and testing of applications, particularly in the AI and machine learning domains. Using these repositories is the most direct, efficient, and common method for an organization to acquire the large-scale data needed for comprehensive application testing without the significant overhead of collecting and preparing the data from scratch.

Why Incorrect

A. AI model cards are documents that provide transparency about a model's performance, limitations, and ethical considerations, not a source of raw data.

B. Incorporating data from search content is impractical; it is often unstructured, may have copyright or privacy restrictions, and requires extensive effort to scrape, clean, and label.

D. AI data augmentation is a technique to artificially increase the size of an existing dataset. It cannot be used without an initial dataset to augment.

References

1. ISACA

Artificial Intelligence Audit and Assurance Framework

2023. In the "AI Data Life Cycle" section

the framework discusses "Data Sourcing and Acquisition

" emphasizing the need to obtain relevant and sufficient data for training and testing AI models. Open-source repositories are a primary means of fulfilling this requirement for large-scale data needs.

2. Ng

A. (2023). Machine Learning (CS229) Course Materials. Stanford University. Lecture notes and project guidelines frequently reference the use of public datasets from repositories like the UCI Machine Learning Repository and Kaggle as standard practice for obtaining data for model development and evaluation. (See

for example

project guidelines which list acceptable data sources).

3. Roh

Heo

& Whang

S. E. (2021). A survey on data collection for machine learning: a big data - AI integration perspective. IEEE Transactions on Knowledge and Data Engineering

33(4)

1328-1347. This paper discusses various data collection methods

highlighting public datasets as a crucial resource. Section 3.1

"Using Existing Datasets

" explicitly states

"The easiest way to collect data is to use publicly available datasets... Many websites share public datasets

such as Kaggle

the UCI ML Repository

and the KDD Cup." This confirms that using such repositories is a primary and efficient method. (DOI: https://doi.org/10.1109/TKDE.2019.2946162)

Q: 4

An organization concerned about the ethical and responsible use of a newly developed AI product should consider implementing:

Options

Discussion

Robin Feb 12, 2026 12:50 am

Option C, Saw similar wording on a practice set and it matched the exam answer key.

Aaron S. Feb 26, 2026 7:45 pm

Saw something like this in a mock test before and C was the expected answer there too. The accountability model covers governance and ethics, not just transparency. Pretty sure that's what they want in this context.

Grace W. Feb 23, 2026 1:45 pm

Yeah C is the pick for this, covers the full ethical governance angle.

Robin Feb 19, 2026 5:27 am

Option C here. Accountability model is what covers full governance and responsible use, not just transparency or documentation like A. I think that's what the question wants, but open if someone has a different angle.

Olivia C. Feb 25, 2026 5:24 pm

Remember seeing a nearly identical question in a practice bank, and C was the correct choice there too. Ethical and responsible use points right to an accountability model over the others.

Arjun Feb 11, 2026 4:53 pm

Pretty sure it's C. Saw something like this in an exam dump, and accountability models cover all the governance and oversight for ethical AI use. The others (like model cards) help with transparency but don't handle the full responsibility angle. If someone thinks differently, open to discussion.

ArjunU Feb 14, 2026 3:35 am

Probably C. An accountability model sets up clear roles and oversight, so you actually have a structure for ethical AI use. The other options help, but without defined accountability you can't enforce responsible practices. Pretty sure that's what exam writers want here.

SanjayD Feb 21, 2026 12:22 pm

A? Saw a similar question in an old exam report where model cards came up for responsible AI docs.

Vikram X. Mar 2, 2026 4:52 am

I don't think D fits here, even though 'security by design' sounds tempting. The question is really about overall governance and ethics, which is what C (accountability model) covers. Security alone doesn’t cover responsible use as broadly. Pretty sure C is the safest pick unless I’m missing something.

Logan P. Feb 27, 2026 7:50 pm

C - accountability model is what they look for in these ethics questions. Saw similar wording in recent real exam threads, and C matches best for broad responsible use (not just AI transparency). Pretty confident here but let me know if someone read it differently.

Be respectful. No spam.

Correct Answer:

Explanation

An accountability model establishes a clear governance structure, defining roles, responsibilities, and oversight mechanisms for AI systems. This framework is fundamental to ensuring that an AI product is used ethically and responsibly throughout its lifecycle. It addresses the organization's concerns by creating clear lines of authority for managing risks related to fairness, bias, transparency, and societal impact. This model provides the foundation upon which specific tools and practices, such as model cards and security protocols, are implemented and enforced.

Why Incorrect

A. Model cards are a tool for transparency, which is a component of a responsible AI strategy, but they do not constitute the entire governance framework needed for accountability.

B. Vendor monitoring is relevant only when using third-party AI systems and does not address the organization's internal responsibility for a product it has developed.

D. Security by design is a critical practice focused on protecting the AI system from threats, but it does not cover the full spectrum of ethical considerations like fairness and bias.

References

1. ISACA

"Artificial Intelligence: An Audit and Assurance Framework

" 2023. Page 14

under the "AI Governance Framework" section

states

"A governance framework establishes accountability

roles and responsibilities

and decision rights... It also provides a structure for oversight to ensure that AI systems are aligned with the organization’s ethical principles."

2. National Institute of Standards and Technology (NIST)

"AI Risk Management Framework (AI RMF 1.0)

" January 2023. Section 3.1

"The GOVERN Function

" emphasizes that this function is central to responsible AI. It states

"Governance processes should be in place to ensure accountability for AI risks and their management... This includes assigning roles and responsibilities for all stages of the AI lifecycle."

3. Mittelstadt

B. (2019). "Principles alone cannot guarantee ethical AI." Nature Machine Intelligence

1(11)

501-507. This academic paper argues that high-level ethical principles are insufficient without practical implementation through "mechanisms of accountability" and robust governance structures to translate principles into practice. (DOI: https://doi.org/10.1038/s42256-019-0114-4)

Q: 5

Which of the following key risk indicators (KRIs) is MOST relevant when evaluating the effectiveness of an organization’s AI risk management program?

Options

Discussion

Chris M. Feb 17, 2026 6:00 am

Option C. Saw a similar question in exam reports, and compliance percentage is usually what they're looking for as a real KRI.

Liam Feb 28, 2026 10:26 am

I saw a similar question on a practice set and went with B.

Ava C. Feb 16, 2026 10:03 am

C is the pick here. Measures like compliance rates are classic KRIs in ISACA guides for showing how well an AI risk management process is doing, not just how much AI is used. Pretty sure practice questions back this up, but let me know if you see differently.

Grace Z. Feb 22, 2026 1:10 am

B or C. If they're only looking at breadth of AI in critical systems, B stands out for risk exposure since more coverage usually means higher risk surface. But depends if they're judging exposure vs effectiveness-I think B fits better for coverage metrics honestly.

Chloe R. Feb 16, 2026 7:51 am

NoahU Feb 15, 2026 6:22 am

C , compliance % is the clearest measure of risk management effectiveness here.

Vikram Feb 22, 2026 12:09 am

C , compliance percentage ties right to how effective those controls and policies actually are. Not totally sure though.

Kevin Feb 26, 2026 7:44 pm

I don't think it's B, C is better. B just shows how much AI you have in key systems but doesn't say anything about risk management performance. C directly reflects whether controls and policies are actually being followed. Training requests (D) is a classic distractor for these. Agree?

Jack L. Feb 14, 2026 7:40 pm

Yeah, C makes the most sense to me. Compliance rates directly show if controls and policies for AI risk are being followed, unlike A or D which don't really track effectiveness. B is more about exposure than management. Pretty sure C is what exam wants here, but open to other takes if I missed something.

Ben Y. Feb 12, 2026 11:47 am

Is there a scenario where A would ever be more relevant as a KRI here? Just curious if exam reports mention that.

Be respectful. No spam.

Correct Answer:

Explanation

A Key Risk Indicator (KRI) for an AI risk management program should measure the program's effectiveness in governing AI initiatives and ensuring they adhere to established policies and controls. The "Percentage of AI projects in compliance" is the most direct measure of this effectiveness. It quantifies how well the organization's AI activities are following the prescribed risk management framework, including mandatory assessments, controls, and documentation. A high compliance rate indicates a successful and effective program, while a low rate serves as an early warning that the program is not being implemented properly, increasing overall AI-related risk.

Why Incorrect

A. Number of AI models deployed into production: This is a volume or activity metric. It indicates the scale of AI adoption and potential risk exposure but does not measure the effectiveness of the program managing that risk.

B. Percentage of critical business systems with AI components: This metric measures the organization's inherent risk or attack surface related to AI. It identifies where risk management is crucial but does not evaluate how well it is being performed.

D. Number of AI-related training requests submitted: This is an ambiguous indicator. It could signify a positive culture of risk awareness or, conversely, a lack of adequate foundational training, but it does not directly measure the program's control effectiveness.

References

1. NIST AI Risk Management Framework (AI RMF 1.0): The "Measure" function of the framework is dedicated to tracking risk management effectiveness. It states

"Measurement enables learning from experience and improves the design

development

deployment

and use of AI systems." A compliance metric directly aligns with this goal of evaluating and improving risk management practices. (Source: NIST AI 100-1

January 2023

Section 4.4

"Measure

" Page 21).

2. ISACA

"COBIT 2019 Framework: Governance and Management Objectives": While not AI-specific

COBIT provides the foundational principles for IT governance that ISACA applies to new domains. The management objective APO12

"Manage Risk

" includes example metrics like "Percent of enterprise risk and compliance assessments performed on time." The "Percentage of AI projects in compliance" is a direct application of this established principle to the AI domain

measuring adherence to the defined risk management process. (Source: COBIT 2019 Framework

APO12

Page 113).

3. Thelen

B. D.

& Mikalef

P. (2023). "Artificial Intelligence Governance: A Review and Synthesis of the Literature." Academic literature on AI governance emphasizes the need for "mechanisms for monitoring and enforcement" to ensure compliance with internal policies and external regulations. A KRI measuring the percentage of projects in compliance is a primary tool for such monitoring and enforcement

directly reflecting the governance program's effectiveness. (This is a representative academic concept; specific DOI would vary

but the principle is standard in AI governance literature).

Q: 6

When integrating AI for innovation, which of the following can BEST help an organization manage security risk?

Options

Discussion

QuietReviewer2186 Feb 14, 2026 8:14 pm

B , saw a similar question on a mock and they pushed for outside perspectives for risk. Might be off here.

Sara W. Feb 21, 2026 9:52 am

D is the better choice, seen this in practice exams too. Phased rollout lets you adjust controls as new risks pop up, instead of guessing everything up front. Official guide and sample scenarios cover this approach a lot. Pretty confident but open to other arguments.

Jamie A. Feb 15, 2026 7:24 am

Honestly, I'm not sure C really helps manage the security risk specifically, since compliance is more about meeting minimum standards. D (adopting a phased approach) lets you iterate and adapt controls as new AI risks emerge, so I think that's strongest here. A is tempting but doesn't give you practical steps for mitigation. Anyone see a case for B?

LeoT Feb 18, 2026 9:30 am

C is wrong, B. Getting third-party advice can really help spot blind spots or unseen risks, especially if you're new to AI integration. Sometimes fresh external eyes catch things internal teams miss. I'm pretty sure about B but curious if others disagree.

FriendlyAnalyst6103 Feb 17, 2026 6:56 am

D imo, phased approach actually lets you catch unknown risks as you scale up AI. B looks tempting but third-party advice isn't as hands-on for security control. Pretty sure D's right but willing to hear why someone might choose B.

Ajay C. Feb 25, 2026 3:10 pm

D for sure, phased rollout lets you find security gaps early before full deployment. Risk management is all about controlling the blast radius as you scale. The other options help, but nothing beats a controlled, step-by-step process for new AI stuff. Pretty confident on this but open if someone has a different take.

Kevin Mar 1, 2026 7:09 pm

I don’t think C or B are right here. Phased approach (D) is usually the better call for managing risk with new tech like AI, lets you spot issues before going big. Compliance (C) only covers legal/reg chores, not full risk. Anyone think otherwise?

Ravi Feb 22, 2026 7:54 pm

C or B. Compliance is always a big deal so C seems solid, but B makes sense for fresh perspectives too.

Morgan D. Feb 25, 2026 7:25 pm

Its C, not D. Compliance checks can uncover required controls you’d miss otherwise. D is a trap since it’s not always risk-driven.

QuietLearner508 Feb 21, 2026 6:33 am

C/D? I like D because rolling out AI step by step helps you test controls and adapt if you find new risks. C is about compliance but doesn't always cover new threats from AI. Pretty sure D edges it here for real-world risk management, but open to other thoughts.

Be respectful. No spam.

Correct Answer:

Explanation

Adopting a phased approach is the most effective strategy for managing the security risks associated with integrating a novel technology like AI. This method allows an organization to introduce AI capabilities incrementally, starting with pilots or limited-scope projects. Each phase serves as a controlled environment to identify, assess, and mitigate emergent security risks before they can impact the entire enterprise. This iterative process facilitates learning, allows for the refinement of security controls and governance policies, and ensures that the complexities and potential vulnerabilities of AI are understood and managed before scaling up. It is a foundational risk management practice for complex technology adoption.

Why Incorrect

A. Re-evaluating the risk appetite is a critical governance activity that sets tolerance levels but does not, by itself, constitute a management strategy for implementation risks.

B. Seeking third-party advice is a valuable, supportive measure for gaining expertise but is not the primary, overarching strategy for managing the integration process.

C. Evaluating compliance requirements is essential for establishing a baseline and avoiding legal penalties but often fails to address novel, technology-specific security risks not yet covered by regulations.

References

1. ISACA

COBIT® 2019 Implementation Guide

2018. Chapter 3

"The Implementation Lifecycle

" details a seven-phase

iterative approach. Phase 4

"Plan

" and Phase 5

"Design

" emphasize planning for incremental implementation. This phased methodology is a core principle for managing risk during the implementation of any significant IT change

including AI. The guide states

"The lifecycle should be iterative

meaning that the enterprise can cycle through the phases as needed." This directly supports a phased approach for managing complex integrations.

2. ISACA

"Auditing Artificial Intelligence

" White Paper

2021. Page 14 discusses the "AI Journey" and the importance of starting with pilot projects. It states

"The AI journey is a marathon

not a sprint... It is important to start small with a few pilot projects to learn and build momentum." This recommendation to "start small" is the essence of a phased approach to manage the risks and complexities of AI adoption.

3. Hiekkanen

et al. "This Time It’s Different? A Review of the AI Governance Literature." Proceedings of the 53rd Hawaii International Conference on System Sciences

2020. (https://doi.org/10.24251/HICSS.2020.638). The paper discusses AI governance frameworks

which often implicitly or explicitly recommend iterative and adaptive strategies for AI adoption. The concept of "sandboxing" and pilot programs is highlighted as a key mechanism for exploring AI's potential while containing risks

which is a form of a phased approach.

Q: 7

Which area of intellectual property law presents the GREATEST challenge in determining copyright protection for AI-generated content?

Options

Discussion

Vikram L. Feb 15, 2026 5:23 pm

Makes sense that B is the main issue here. Copyright law wants a human author, and figuring out who (if anyone) actually owns AI-generated stuff is still a big gray area. Licensing (D) matters too, but ownership needs to be solved first. Pretty sure that's what most study resources highlight, let me know if you see it differently.

Morgan A. Feb 27, 2026 6:16 am

I don’t think it’s D, ownership (B) is the bigger challenge since copyright law still wants a human author.

Anita H. Feb 10, 2026 11:55 pm

B is the right pick here.

Ishaan H. Feb 19, 2026 3:04 pm

B tbh

Quinn S. Feb 17, 2026 10:49 am

Pretty sure it's B. Copyright law still needs a human author, so ownership is the biggest issue with AI-generated content.

Layla I. Mar 2, 2026 11:35 pm

B tbh, saw a similar question on a practice set. The real problem is figuring out who owns the work when AI generates it, since copyright law expects a human author. Not 100% but that's what most guides highlight.

Noah H. Feb 28, 2026 10:49 am

I get why some might go for D, but it's B here. The big hurdle is figuring out who the actual owner is when AI creates something, since copyright needs a human author. Pretty sure that's what exam guides say too, but open to other opinions if I've missed something.

Avery S. Feb 22, 2026 10:00 pm

I don’t think it’s B. D, since setting up licensing frameworks seems like the main challenge for AI content copyright to me.

Nora U. Feb 22, 2026 6:21 pm

I don’t think D is right, B makes more sense since the big issue is about who owns what AI creates.

Reese X. Feb 15, 2026 7:32 pm

A is wrong, B. Biggest headache is about who actually owns the AI-generated content, since copyright usually needs a human author. The other options come after you figure that out. Open to other takes but that's how I've seen it.

Be respectful. No spam.

Correct Answer:

Explanation

The greatest challenge in applying copyright law to AI-generated content is determining rightful ownership. Traditional copyright frameworks, such as the U.S. Copyright Act, are predicated on the principle of "human authorship." Because an AI is not a legal person, it cannot be considered an "author" in the legal sense. This creates a fundamental conflict: if there is no human author, it is unclear who, if anyone, owns the copyright. The debate involves whether ownership should fall to the user providing the prompt, the AI developer, the owner of the computing resources, or if the work should enter the public domain. This foundational issue of authorship and ownership must be resolved before other issues, like licensing, can be effectively addressed.

Why Incorrect

A. Enforcing trademark rights is concerned with the branding of the AI system itself (e.g., its name or logo), not the copyright of the content it generates.

C. Protecting trade secrets applies to the AI's underlying algorithms, models, and training data, which are distinct from the copyright status of the AI's output.

D. Establishing licensing frameworks is a secondary issue that depends entirely on first resolving the primary challenge of who holds the ownership rights to be licensed.

References

1. U.S. Copyright Office. (2023). Copyright Registration Guidance: Works Containing Material Generated by Artificial Intelligence. Federal Register

88(51)

16190-16194.

Page 16192

Section III.A: The guidance states

"the Office will not register works produced by a machine or mere mechanical process that operates randomly or automatically without any creative input or intervention from a human author." This directly highlights that the lack of human authorship is the central barrier to establishing copyright

and thus ownership.

2. World Intellectual Property Organization (WIPO). (2020

May). WIPO Conversation on Intellectual Property (IP) and Artificial Intelligence (AI): Revised Issues Paper on Intellectual Property Policy. WIPO/IP/AI/2/GE/20.

Page 11

Issue 11: Authorship and Ownership: The paper explicitly poses the core question: "Should copyright be attributed to original literary and artistic works that are autonomously generated by AI? If so

who should be considered the author or owner of the copyright...?" This frames the ownership question as the primary policy challenge for international IP bodies.

3. Stanford University Human-Centered AI (HAI). (2023

September 12). Generative AI and the Future of Work.

In the section on "Intellectual Property

" the report discusses the legal ambiguity surrounding AI-generated works

stating

"Current U.S. copyright law protects only works with human authors

leaving the ownership of purely AI-generated content in a gray area." This reinforces that ownership is the central unresolved issue.

Q: 8

When documenting information about machine learning (ML) models, which of the following artifacts BEST helps enhance stakeholder trust?

Options

Discussion

Taylor C. Feb 18, 2026 9:37 am

C . Model cards are designed for transparency and cover intended use, risks, and performance in a way non-technical folks can digest. B is great for internal controls but doesn't address broad trust. Pretty sure C is what they want, but open to counterpoints.

Ava O. Mar 1, 2026 2:31 am

C or B? Had something like this in a mock and C was correct because model cards explain limitations and intent in plain language, not just technical details. That helps everyone understand what the model does. Pretty sure it's C here, anyone disagree?

Robin R. Feb 16, 2026 5:32 pm

Why is it always "model card" for these trust questions? I've seen similar on other practice sets, and C is the only option that actually targets both technical and non-technical stakeholders, not just internal devs.

Meera O. Mar 2, 2026 1:36 pm

Maybe B since I had something like this in a mock and data quality controls were highlighted. They help ensure input data is reliable which should boost trust, right? Not 100% on this one.

Kevin Y. Feb 13, 2026 1:43 am

Option C Model cards are specifically meant for sharing model details with a wide range of stakeholders. Hyperparameters and data controls matter but don't give a full, understandable picture. Not 100% if everyone uses model cards in production but that's the intent. Disagree?

Ethan H. Feb 13, 2026 9:48 am

B tbh, since data quality controls are often highlighted in official guides as key for stakeholder confidence on the exam.

Ishaan Feb 20, 2026 7:44 am

I don’t think it’s B. C provides a structured summary for everyone, not just technical teams, so stakeholders actually understand the model. B is important but doesn’t show transparency the same way. Agree?

AaronM Feb 15, 2026 2:38 pm

C is the way to go here. Model cards give a clear overview to all stakeholders, not just technical folks, so they're best for building trust. B is helpful but not as broad. Pretty confident, but let me know if you see it differently.

Nathan Feb 12, 2026 6:43 am

Ivy C. Feb 11, 2026 11:16 pm

Be respectful. No spam.

Correct Answer:

Explanation

A model card is a standardized documentation artifact designed to increase transparency and accountability for machine learning models. It provides a structured summary of a model's intended uses, performance metrics (often disaggregated across different groups), limitations, ethical considerations, and the data used for training and evaluation. By presenting this crucial information in a concise and accessible format, model cards enable various stakeholders—including developers, policymakers, and end-users—to understand the model's capabilities and risks. This transparency is a cornerstone for building trust in AI systems, as it demonstrates due diligence and provides a basis for informed decision-making.

Why Incorrect

A. Hyperparameters: These are low-level technical settings for the training algorithm. They are not meaningful to most stakeholders and do not describe the model's real-world performance or impact.

B. Data quality controls: While essential for building a reliable model, these are processes and metrics related to the input data, not a comprehensive summary document about the finished model itself.

D. Model prototyping: This is an early, experimental phase in the model development lifecycle. A prototype is not a formal documentation artifact for a deployed model and lacks the rigorous evaluation needed for trust.

References

1. ISACA

Artificial Intelligence Security and Management (AAISM) Study Guide

1st Edition

2024. Chapter 3

"AI Model Development and Training

" emphasizes the need for comprehensive documentation to ensure transparency and accountability. It identifies model cards as a key tool for documenting model details

performance

and limitations to communicate effectively with stakeholders.

2. Mitchell

Zaldivar

et al. (2019). Model Cards for Model Reporting. Proceedings of the Conference on Fairness

Accountability

and Transparency

pp. 220-229. This foundational academic paper introduces model cards as a framework to "encourage transparent model reporting" and provide stakeholders with essential information to "better understand the models." (DOI: https://doi.org/10.1145/3287560.3287596)

3. Stanford University

Center for Research on Foundation Models (CRFM). (2023). Transparency Section. The courseware and publications from Stanford's AI programs

such as those from the CRFM

consistently highlight the role of artifacts like model cards in achieving AI transparency and building trust. They are presented as a best practice for responsible AI development and deployment.

Q: 9

An attacker crafts inputs to a large language model (LLM) to exploit output integrity controls. Which of the following types of attacks is this an example of?

Options

Discussion

Amelia G. Mar 1, 2026 5:18 pm

Option A. Had something like this in a mock, fits prompt injection best here.

EthanC Feb 22, 2026 2:49 pm

C/D? I keep seeing similar questions on practice exams, but the official guide really highlights prompt injection for LLM attacks targeting output controls. Anyone else leaning A after going through the latest sample tests?

Drew M. Feb 13, 2026 2:18 am

Nah, I don’t think it’s D here. A is the better fit since prompt injection is all about crafting inputs that mess with how the LLM processes output, targeting the model’s interpretation itself. D (evasion) usually means avoiding detection or filtering, not directly manipulating output logic. B (jailbreaking) is tempting but is more about bypassing full system restrictions. Pretty sure ISACA wants A for this scenario. Agree?

Olivia I. Feb 24, 2026 12:56 am

B or D here, since jailbreaking is often about bypassing controls too. A feels more direct but the wording threw me off.

Nora Z. Feb 21, 2026 11:01 pm

A or B? Crafting inputs to mess with output integrity is really prompt injection (A), but if those crafted prompts are used to push the model past checks, some call that jailbreaking (B). The key is whether the question wants the attack method or intent-here it's more about manipulating via the prompt, so A fits best. Still, ISACA sometimes blurs these lines in their wording. Anyone see a question where B was preferred in this context?

Arjun Y. Mar 2, 2026 11:35 pm

My pick: it's A, since official study materials and practice tests always point to prompt injection for LLM input manipulation scenarios. B sometimes comes up but only when the attack is about totally bypassing restrictions, not just changing outputs. Anyone checked the official guide chapter on LLM attacks?

Mason K. Feb 15, 2026 10:30 pm

A tbh, since prompt injection is about feeding crafted prompts to mess with what the LLM outputs. Jailbreaking (B) usually means bypassing all kinds of restrictions, not just output integrity controls. Saw similar logic used in practice sets.

Piya S. Feb 21, 2026 10:29 am

A Had similar phrasing in official practice tests and the ISACA study guide. This one's straight prompt injection, not evasion.

Zoe Z. Feb 12, 2026 9:45 am

Its D since evasion is about getting past security controls-seems like that's what they're doing by exploiting output controls. Pretty sure that's the angle here, but could be missing something.

Casey F. Feb 22, 2026 10:44 am

Be respectful. No spam.

Correct Answer:

Explanation

The scenario describes an attacker crafting specific inputs to bypass an LLM's built-in restrictions and manipulate its output. This technique is known as prompt injection. The attacker injects malicious instructions within the prompt, causing the model to ignore its original system-level instructions and follow the attacker's commands instead. This directly exploits the model's interpretation of input to compromise its output integrity, making it the most accurate description of the attack.

Why Incorrect

B. Jailbreaking is a specific goal or outcome of a prompt injection attack, aimed at bypassing safety and ethical filters, rather than the attack technique itself.

C. Remote code execution involves executing arbitrary code on the server, a more severe and distinct attack that is not inherently part of manipulating LLM text output.

D. Evasion is an adversarial attack that typically causes a model (e.g., a classifier) to make an incorrect prediction, which is different from overriding an LLM's core instructions.

References

1. OWASP Foundation. (2023). OWASP Top 10 for Large Language Model Applications. In the "LLM01: Prompt Injection" section

the vulnerability is defined as: "Prompt injection vulnerabilities allow a malicious user to manipulate the output of a Large Language Model (LLM) through crafted inputs... This can lead to data exfiltration

unauthorized access

or other security breaches."

2. National Institute of Standards and Technology (NIST). (2023). Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations (NIST.AI.100-2 E2023). Section 3.2.1

"Data/Input Poisoning

" describes how attackers can manipulate inputs. Prompt injection is cited as a prime example for LLMs where "an attacker can carefully craft a prompt to an LLM to have it ignore previous instructions."

3. Greshake

Abdelnabi

Mishra

Endres

Holz

& Fritz

M. (2023). Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection. arXiv preprint arXiv:2302.12173. Section 2

"Background

" defines prompt injection as an attack where an "adversary controls a part of a prompt... to manipulate the LLM's behavior." (https://doi.org/10.48550/arXiv.2302.12173)

Q: 10

Which of the following is MOST important to consider when validating a third-party AI tool?

Options

Discussion

Adam Q. Feb 23, 2026 3:14 am

Gotta go with B here. The ability to audit the vendor is crucial for real validation, not just relying on their word or compliance docs. Pretty sure that's what ISACA is looking for.

Ethan M. Feb 19, 2026 10:56 pm

B tbh

Aaron Feb 26, 2026 4:02 pm

B . Had something like this in a mock exam and right to audit was flagged as most critical for third-party AI tools. It's all about being able to independently verify how the AI operates and handles your data, not just relying on what the vendor claims. C sounds good but isn't enough for full validation. Others agree?

Mia F. Feb 17, 2026 2:33 am

Official study guides always push for audit rights (B) when you're dealing with third-party tools. Practice questions I've seen echo this too.

Alex Feb 12, 2026 3:26 pm

I get why some argue C but it's gotta be B for long-term control.

Quinn Q. Feb 21, 2026 3:34 am

I don’t think it’s C. B is stronger since relying just on certifications can be a trap, but audit rights actually let you dig in. Saw similar focus in practice sets.

Arjun Q. Mar 1, 2026 6:15 am

Had something like this in a mock and B was the right call. Audit rights let you actually verify controls and compliance, not just rely on vendor promises or shiny certs. Pretty sure that's what they're testing for here, but open to other views.

Emma H. Feb 28, 2026 9:19 am

C vs B, I feel like industry certs (C) carry a lot of weight too but maybe that's the trap here.

Leo Feb 16, 2026 6:14 am

Its B since right to audit means you can actually check what the third-party tool does, not just trust their paperwork. C is tempting but industry certs are surface level. I think audit rights is what most exam prep points to, agree?

ChloeT Feb 22, 2026 1:13 am

Official practice tests and guides both highlight right to audit (B) as a must for validating third-party AI tools.

Be respectful. No spam.

Correct Answer:

Explanation

The right to audit is the most critical consideration because it provides the organization with the contractual authority to independently verify and validate the third-party AI tool's performance, security controls, data handling processes, and compliance with legal and ethical standards. Given the often opaque nature of AI models, this right is a fundamental governance mechanism for ongoing assurance. It allows the organization to move beyond relying solely on vendor attestations and certifications, enabling direct assessment against specific internal requirements and risk tolerances, which is the core of validation.

Why Incorrect

A. Terms and conditions: While essential, this is a broad legal document. The right to audit is a specific, crucial clause within the terms and conditions that directly enables validation.

C. Industry analysis and certifications: These are valuable for initial due diligence but are often generic, point-in-time assessments that may not cover the organization's specific use case or risk profile.

D. Roundtable testing: This is a specific, often informal, testing technique. It is only one small component of a comprehensive validation strategy, not the most important overarching consideration.

References

1. ISACA

Auditing Artificial Intelligence

2021. Chapter 5

"Auditing AI Governance and Risk Management

" emphasizes the importance of managing third-party AI risks. It states that contracts with AI service providers should include "clauses for independent security assessments and the right to audit to ensure that the organization’s data are adequately protected and that the AI solution is performing as expected." (Page 63).

2. ISACA

Artificial Intelligence: An Audit/Assurance Framework

2023. In the "GOVERN" function

section 3.4

"Third-Party Management

" discusses the need to "Establish and monitor third-party relationships to ensure that AI-related risks are managed." The right to audit is a primary mechanism for such monitoring and for gaining assurance over the third party's controls and processes.

3. NIST

AI Risk Management Framework (AI RMF 1.0)

January 2023. The GOVERN function (Section 4.1

GOVERN 3) discusses policies and procedures for third-party AI systems. It highlights the need for organizations to have mechanisms to understand and manage risks from externally sourced AI

for which audit and assessment rights are a prerequisite for effective implementation. (Page 21).

Question 1 of 20 · Page 1 / 2

Premium Access Includes

✓ Quiz Simulator
✓ Exam Mode
✓ Progress Tracking
✓ Question Saving
✓ Flash Cards
✓ Drag & Drops
✓ 3 Months Access
✓ PDF Downloads

Get Premium Access

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE