Exam AAIA Topic 1 Question 190 Discussion

Actual exam question for ISACA's AAIA exam
Question #: 190
Topic #: 1
An organization uses an AI-powered tool to detect and respond to cybersecurity threats in real time. An IS auditor finds that the tool produces excessive false positives, increasing the workload of the security team.
Which of the following techniques should the auditor recommend to BEST evaluate the tool's effectiveness in managing this issue?

Suggested Answer: D Vote an answer

The AAIA™ Study Guide recommends using validation tools to fine-tune and evaluate ML models, particularly when high false positives undermine operational efficiency. ML validation can identify threshold adjustments, retraining needs, or feature misweighting contributing to excessive alerting.
"Model validation enables organizations to quantify performance, reduce false alarms, and recalibrate AI behavior to align with operational needs and threat landscapes." While logs (A) and benchmarks (B) help with diagnosis, they don't improve the model. Penetration testing (C) evaluates detection, not alert noise. D is the most effective solution.
Reference: ISACA Advanced in AI Audit™ (AAIA™) Study Guide, Section: "AI Operations and Performance," Subsection: "Model Tuning and False Positive Mitigation"

by Moira at Apr 28, 2026, 08:31 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어