AAISM Exam Dumps - Isaca AI-Centric Security Management Questions and Answers

According to AAISM risk management guidance, the greatest risk in AI applications handling personal communication data is inadequate parameter controls, which may allow unintended access, manipulation, or leakage of sensitive information. Plug-ins that interact with emails must enforce strict parameter validation and security restrictions to prevent unauthorized or manipulated inputs. While vulnerability scanning, format incompatibility, and API rate limiting are valid concerns, they are secondary. The primary risk is a lack of strong parameter controls that could expose sensitive content.

AAISM guidance highlights data minimization as a critical practice for addressing both security and privacy concerns. By ensuring that only the minimum necessary data is collected and retained, the organization reduces the risk of sensitive information being exposed or misused during training. Data augmentation expands data but does not mitigate privacy risk. Classification organizes data but does not limit exposure. Data discovery helps locate sources but does not directly reduce risks. The control that directly aligns with privacy-by-design principles is data minimization.

AAISM identifies fairness constraints as a direct mechanism to mitigate and control model bias by embedding fairness requirements into optimization objectives during training.

Data augmentation (B) helps but is not a primary anti-bias control. Adversarial training (C) focuses on robustness, not fairness. Minimization (A) reduces data, often making bias worse.

AAISM states that the most effective short-term mitigation for unintentional data leakage into public AI tools is targeted, role-based AI security awareness, focused on:

• what data cannot be entered

• consequences of leakage

• real-world scenarios employees face

An acceptable-use policy (C) is necessary but insufficient alone. Blocking LLMs (D) may reduce access but does not change user behavior and may cause shadow AI usage. Generic phishing training (B) does not address AI misuse risks.

AAISM prescribes Preparation as the foundational phase of AI incident response. The first priority is to form and empower a cross-functional incident response (IR) team with AI/ML expertise (security, data science, product, legal/compliance). Only once the accountable team exists can you define playbooks, communications, containment/eradication steps, recovery processes, and escalation paths. Without a designated team, procedures and channels lack ownership and effectiveness.

According to AAISM governance principles, when AI functionality is added to existing services, the first consideration is contractual and service-level accountability. If AI outputs cannot be predefined, the existing service agreements may no longer reflect performance responsibilities or liability. Revising or updating the agreement ensures governance alignment, accountability, and risk management for AI-driven behavior. Phased approaches and performance explanations are valuable but occur later in project management. Developer accountability for customer inquiries is not a primary governance step. The most immediate consideration is revising service agreements when AI introduces new uncertainties.

AAISM emphasizes supplier assurance through contractual obligations as the foundational control for AI supply chain risk. Contracts should require verifiable evidence of secure development practices (e.g., secure SDLC, model and data provenance documentation, SBOM/MBOM where applicable, vulnerability disclosure, patch SLAs, audit rights, incident notification, and regulatory compliance assertions). This creates enforceable, continuous assurance beyond point-in-time tests.

• A is necessary but reactive and limited to your environment.

• B addresses performance, not supply chain security.

• D is a good isolation/validation practice but does not create vendor accountability across the lifecycle.

AAISM stresses that AI systems and their supporting infrastructure must be explicitly included in disaster recovery and continuity planning, since disruptions to models, feature stores, or pipelines can halt critical business functions.

Explainability (A) and retraining (B) are operational improvements, not continuity mechanisms. Multi-zone redundancy (D) improves availability but does not represent complete BCP integration.

AAISM explains that model cards provide structured documentation about AI models, including:

• intended use cases

• training data characteristics

• ethical considerations

• known limitations

• risk factors

• performance benchmarks

They are not visualization tools (A), do not create synthetic data (C), and do not tune models (D).

AAISM materials emphasize that the most effective preventive safeguard is to ensure input sanitization. Preventive controls stop malicious or malformed inputs from reaching the model in the first place, thereby reducing the likelihood of prompt injection, evasion, or poisoning at inference time. Model output monitoring is a detective control, not preventive. Penetration testing is an assessment technique rather than a safeguard. Differential privacy protects data privacy but does not prevent adversarial input manipulation. Therefore, the most important preventive safeguard in a new AI product is robust input sanitization.