Question 11
Domain 1 — AI Governance and Risk ManagementAn organization shares an AI model with external partners. One partner reports that sensitive data has been inadvertently exposed through the model's outputs. Which of the following is the IS auditor's BEST recommendation?
Correct answer: A
Explanation
When a model exposes sensitive data in its outputs, the priority is to remove the leakage at the source by retraining the model and adding privacy-preserving controls. This aligns with the duty to protect confidentiality and reduce the risk of unintended disclosure, especially when the model is shared with external partners.
Why each option is right or wrong
A. Retrain the model immediately and implement privacy-preserving techniques.
Under ISO/IEC 27001:2022 Annex A control 8.12 (data leakage prevention) and 8.11 (data masking), the organization must prevent unauthorized disclosure of sensitive information once a leakage path is identified. Because the exposure is occurring in the model’s outputs to an external partner, the defect is at the source and the most effective corrective action is to retrain the model and add privacy-preserving measures such as differential privacy or output filtering, rather than relying on downstream containment alone.
B. Disable the shared model and notify partners of the potential breach.
C. Limit the model's outputs to anonymized results while investigating further.
D. Audit the data pipelines of all partners to identify the source of the leak.