Question 7 - CompTIA SecAI+ CY0-001 Exam Questions [April 2026 Update]

Q: 7

Establishing a robust institutional foundation is essential before deploying high-risk AI applications in a cloud-based MLOps pipeline. The Chief Information Security Oeicer (CISO) wants to align the organization's culture and processes with the Govern function of the NIST AI RMF to ensure long-term accountability and transparency. Which of the following activities are considered core components of the Govern function within the NIST AI RMF? (Choose TWO).

Options

Correct Answer:

T, R, U, E

Explanation

The answer choices A and D are correct. According to the NIST AI Risk Management Framework (AI RMF), the GOVERN function establishes and maintains the organizational infrastructure needed for AI risk management. This includes:

- Option A (Allocating resources and personnel) is correct because the GOVERN function explicitly requires organizations to establish the necessary resources, including human capital and infrastructure, to support AI risk management activities throughout the AI lifecycle.

- Option D (Developing organizational culture) is correct because the GOVERN function emphasizes creating a culture of risk management that promotes responsible AI development and deployment, ensuring accountability and transparency across the organization.

Why Incorrect

- Option B (Implementing technical controls for Model Inversion attacks) is incorrect because this is a technical mitigation activity that falls under the MAP or MANAGE functions, not GOVERN. GOVERN focuses on organizational structures and policies rather than specific technical controls.

- Option C (Documenting training dataset characteristics) is incorrect because this is a technical documentation activity related to the MAP function, which deals with understanding and documenting AI system characteristics. GOVERN is concerned with organizational-level policies and structures.

References

1. NIST AI 100-1, "Artificial Intelligence Risk Management Framework (AI RMF 1.0)," National Institute of Standards and Technology, January 2023, Section 3.1 GOVERN Function, pp. 18-21. Available at: https://doi.org/10.6028/NIST.AI.100-1

2. NIST Special Publication 1270, "Towards a Standard for Identifying and Managing Bias in Artificial Intelligence," March 2022, Section 4.1 on Organizational Governance, pp. 23-25. Available at: https://doi.org/10.6028/NIST.SP.1270

3. ISO/IEC 23053:2022, "Framework for Artificial Intelligence (AI) Systems Using Machine Learning (ML)," Section 7.2 on Governance Requirements, pp. 15-17.

4. IEEE Standard 7000-2021, "IEEE Standard Model Process for Addressing Ethical Concerns during System Design," Section 5.2 on Organizational Readiness, pp. 28-30.

5. Barocas, S., Hardt, M., & Narayanan, A. (2019). "Fairness and Machine Learning: Limitations and Opportunities," Chapter 7 on Institutional Frameworks, pp. 145-148. Available at: https://fairmlbook.org/

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE