A digital bank utilizes an AI system to generate credit scores. Which of the following would BEST mitigate the risk of sudden and unexplained changes in a borrower's credit score?
AUsing only data from the last six months to one year to avoid outdated information affecting the credit score
BEnsuring the system is periodically reviewed and calibrated by human experts to maintain stability in predictions
CObtaining and validating the credit scores from third-party agencies to cross-check AI-generated results
DAllowing the AI to operate fully autonomously to prevent processing delays
Which of the following is MOST important for an IS auditor to review during an AI system audit in order to determine compliance with intellectual property and data rights?
AData performance metrics
BUse of open-source intellectual property
CModel runtime efficiency logs
DData usage agreements
Which of the following is the PRIMARY objective of AI governance?
AImplementing compliance and ethics controls for AI initiatives
BPromoting a positive return on investment (ROI) from AI projects
CDefining clear roles and responsibilities for AI development, use, and oversight
DEnsuring controls over AI are designed well and operate effectively
A healthcare organization uses patient data to train an AI model for early disease detection. Which of the following practices provides the BEST assurance that personal data is secure and its integrity is maintained?
AImplementing strict data access controls and conducting security tests
BEncrypting stored data to reduce exposure and log access
CUpdating the AI model with new data and tracking changes
DAnonymizing patient data and performing regular quality checks
An organization deploys an AI recruitment platform to screen job applicants. The IS auditor identifies that the platform’s decisions may be influenced by model bias. Which of the following risk mitigation strategies is BEST for the auditor to recommend?
AImplement a process to periodically test the AI system for biases and adjust parameters as needed.
BSuspend the use of the AI system until the training data can be verified for fairness and compliance.
CRequire manual reviews of all AI-generated recruitment decisions before hiring is finalized.
DRetrain the AI model using an external data set certified for inclusivity and fairness.
Question 6
AI Governance and Risk
0
Question 7
AI Governance and Risk
Question 8
AI Operations
Question 9
AI Governance and Risk
Question 10
AI Governance and Risk
Question 11
AI Governance and Risk
Question 12
AI Governance and Risk
Question 13
AI Governance and Risk
Question 14
AI Governance and Risk
Question 15
AI Governance and Risk
Question 16
AI Governance and Risk
Question 17
AI Auditing Tools and Techniques
Question 18
AI Auditing Tools and Techniques
Question 19
AI Auditing Tools and Techniques
Question 20
AI Governance and Risk
Question 21
AI Governance and Risk
Question 22
AI Governance and Risk
Question 23
AI Operations
Question 24
AI Operations
Question 25
AI Operations
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Which of the following is MOST important to consider when deciding whether to implement an AI solution?
AThe space required for AI hardware
BThe cost of AI implementation
CThe speed of AI implementation
DThe ethical implications of AI
Which of the following is the PRIMARY purpose of an AI acceptable use policy?
AEstablishing guidance on the ethical use of AI
BExplaining the distinction between different types of AI
COutlining AI usage monitoring procedures
DEducating employees on where to find and how to use AI tools
Which of the following key performance indicators (KPIs) are MOST important when evaluating whether an AI model meets business objectives?
ACost of resources required for AI model training
BAI model accuracy in predicting actual outcomes
CFrequency of AI model retraining
DNumber of users interacting with the AI model
The BEST way to prevent sensitive information disclosure by large language model (LLM) chatbots is through:
Amanual monitoring.
Bdata sanitization.
Cdata masking.
Daccess controls.
An organization is using information gathered from customer accounts to train its AI chatbot. Which of the following is the GREATEST risk associated with this practice?
ATransparency
BAI model hallucinations
CAI bias
DDisclosure of personal information
An IS auditor is evaluating an organization’s incident management program to ensure it is sufficiently prepared to manage AI-related incidents. Which of the following is MOST important for the auditor to validate?
AThe program includes processes to respond to AI model drift and data integrity attacks.
BThe program prioritizes incidents based on alignment with industry leading practices.
CThe program uses past AI-related incidents and resolutions to categorize current incidents.
DThe program mandates retraining AI systems after incidents are investigated.
Which of the following is MOST important for an IS auditor to consider when identifying AI risk in a know your customer (KYC) application within a banking organization?
ABusiness disruption and financial impact
BIntellectual property leakage and invalidation
CBenchmarking against peer organizations
DIncident response plan
From a data appropriateness and bias perspective, which of the following should be of GREATEST concern when reviewing an AI model used in a credit scoring system?
AThe model incorporates the applicant’s loan history to assess spending habits.
BThe model considers the applicant’s income level as a key factor in the credit decision.
CThe model uses postal codes as a primary factor in determining creditworthiness.
DThe model utilizes historical credit data to predict future credit behavior.
Which of the following controls MOST effectively helps to ensure an AI model is resilient against external threats?
AMonitoring of AI access logs
BAI model configuration testing
CAI data set anonymization
DMonitoring of AI model developers
An organization is adopting AI for its procurement and inventory teams, raising concern from stakeholders that they will lose their jobs due to AI. Which of the following is the BEST way for the IS auditor to assess whether the potential negative impacts were minimized?
AReview human-centered design practices to determine how they were considered.
BReview how the project management team collected feedback in engagement activities.
CReview the current state assessment of how AI may impact the organization.
DReview the AI roadmap for short-term and long-term milestones.
Which of the following will provide the BEST evidence to support the alignment of an AI model with an organization’s business objectives?
AAI change management requests
BAI model vulnerability assessment
CAI acceptable use policy
DAI model inventory
A car manufacturer uses an AI model to predict maintenance needs for its vehicles. Which of the following techniques can an IS auditor apply to MOST effectively verify the AI model's decisions to stakeholders?
AUsing local interpretable model-agnostic explanation (LIME) to analyze how specific features contribute to predictions
BUsing neural network visualization to show how the AI model processes data through its layers
CUsing K-means algorithms to group vehicles based on mileage or engine temperature for maintenance patterns
DUtilizing support vector machines (SVM) to classify vehicles based on maintenance urgency
An organization uses an AI-powered tool to detect and respond to cybersecurity threats in real time. An IS auditor finds that the tool produces excessive false positives, increasing the workload of the security team. Which of the following techniques should the auditor recommend to BEST evaluate the tool’s effectiveness in managing this issue?
AConduct penetration testing to assess the system’s ability to detect genuine threats.
BDeploy a machine learning (ML) validation tool to increase the model’s accuracy and performance.
CImplement a benchmarking tool to compare the system’s alerting capability with industry standards.
DUse a log analysis tool to examine the types and frequency of alerts generated.
The GREATEST benefit of using AI auditing techniques over traditional methods is that AI auditing techniques can:
Aeliminate the need for human intervention.
Bsignificantly reduce data bias.
Censure full compliance with regulations.
Didentify complex data patterns.
A retail organization uses an AI model to analyze customers’ purchase history in order to offer personalized discounts. Which of the following practices represents the MOST ethical use of customer data?
ARetaining and analyzing all available customer data to ensure unbiased recommendations
BProviding the public with access to review and audit the data set of collected customer information
CSharing customer purchase data with third-party vendors to improve advertising and communication
DUtilizing customer purchase data only after obtaining explicit consent and allowing customers to opt out
An organization shares an AI model with external partners. One partner reports that sensitive data has been inadvertently exposed through the model's outputs. Which of the following is the IS auditor's BEST recommendation?
ARetrain the model immediately and implement privacy-preserving techniques.
BDisable the shared model and notify partners of the potential breach.
CLimit the model's outputs to anonymized results while investigating further.
DAudit the data pipelines of all partners to identify the source of the leak.
In order to ensure effective alignment with organizational priorities, which of the following is MOST important for an IS auditor to address when developing an audit plan for an AI-based tool?
ACost-benefit strategy for AI adoption
BAI users’ understanding of ethical standards
CThe AI tool’s security alignment with governance policies
DManagement practices for AI oversight
Which of the following is the MOST important task when gathering data during the AI system development process?
AIsolating the system
BStratifying the data
CTraining the system
DCleaning the data
The PRIMARY objective of machine learning (ML) in data processing is to:
Aanalyze data sets to identify visual patterns and trends.
Benhance the explainability of AI model outputs.
Cdraw statistical inferences for creating artificial human intelligence.
Dperform actions that would typically require human intelligence.
A retail organization uses an AI model to forecast inventory based on customer purchasing trends and updates the model quarterly. The model recently failed to recognize a surge in demand during a popular shopping season. Which of the following issues does this situation BEST demonstrate?
AData drift impacting system forecasting
BOverfitting issues due to a small training data set
CLack of outlier checks in data affecting forecast accuracy
DLimited data set diversity impacting model training
