ISACA Certified AI Security Manager — Question 31

Which of the following is the BEST approach for minimizing risk when integrating acceptable use policies for AI foundation models into business operations?

Answer options

• A. Rely on the developer's enforcement mechanisms.
• B. Implement responsible development training and awareness.
• C. Establish AI model life cycle policy and procedures.
• D. Limit model usage to predefined scenarios specified by the developer.

Correct answer: C

Explanation

The correct answer, C, emphasizes the importance of establishing a comprehensive framework for managing the AI model throughout its life cycle, which is crucial for minimizing risks. Options A and D rely too heavily on the developer's controls, which may not fully address business-specific risks. Option B is beneficial but does not provide the structured approach necessary for managing AI model risks effectively.