IAPP Artificial Intelligence Governance Professional (AIGP) — Question 140

Which of the following compliance related controls within an organization is most easily adapted to identify AI risks?

Answer options

• A. Privacy training.
• B. Penetration testing.
• C. Transfer risk assessments.
• D. Privacy impact assessments.

Correct answer: D

Explanation

Privacy impact assessments are specifically designed to evaluate the implications of privacy on projects, making them highly adaptable for identifying AI risks. In contrast, privacy training focuses on employee awareness, penetration testing targets security vulnerabilities, and transfer risk assessments deal with the risks associated with outsourcing, none of which directly address AI-related concerns.