ISACA Certified Artificial Intelligence Auditor (CAIA) — Question 53

An IS auditor is evaluating an organization’s incident management program to ensure it is sufficiently prepared to manage AI-related incidents. Which of the following is MOST important for the auditor to validate?

Answer options

• A. The program includes processes to respond to AI model drift and data integrity attacks.
• B. The program prioritizes incidents based on alignment with industry leading practices.
• C. The program uses past AI-related incidents and resolutions to categorize current incidents.
• D. The program mandates retraining AI systems after incidents are investigated.

Correct answer: A

Explanation

The correct answer is A because it is crucial for the program to have specific processes to address unique challenges posed by AI, such as model drift and data integrity issues. Options B, C, and D are important as well, but they do not address the immediate and specific AI-related risks that need tailored responses.