AAISM highlights threat modeling and supply chain integrity checks as key controls for managing AI- specific risks, including hidden backdoors in third-party models, libraries, or fine-tuning artifacts. The official guidance states that organizations should "identify adversarial insertion points, verify component integrity, and continuously test for malicious behaviors introduced via external components." This is precisely what option B describes. Simply using open-source (A) does not guarantee security; code can still contain malicious modifications. Disabling runtime logs (C) would reduce visibility, making backdoor detection harder. Choosing unsupervised learning (D) is a modeling approach and has no inherent relation to backdoor risk reduction. The explicit combination of AI-focused threat modeling and integrity verification of external components is the recommended best practice to mitigate this class of attack.
References: AI Security Management™ (AAISM) Study Guide - AI Supply Chain Risk Management; Threat Modeling and Component Integrity.

To prevent prompt/interface injection, AAISM prioritizes preventive technical controls at the boundary: input validation/sanitization, structured templates/system prompts, allow/deny lists, and context isolation. These measures constrain user-supplied content and block adversarial instructions from being interpreted as system directives. Monitoring (A) and audits (D) are detective/assurance activities; manual output review (B) is compensating but less scalable and does not prevent injection.
References: AI Security Management™ (AAISM) Body of Knowledge - Secure Prompting & Input Controls; Interface Injection Mitigations; Context and Instruction Isolation Patterns.

In AI Security Management, bias evaluation is primarily a data problem before it is a model or performance problem. The official AI Security Management content explains that impact assessments must specifically analyze training data representativeness against the demographics and characteristics of all relevant users and stakeholders. If the data used to train an AI system underrepresents or omits particular groups, the resulting model will systematically disadvantage them, regardless of how fast or "accurate" it is on average. While comparing outputs to historical data (option B) can help, historical data itself may be biased. Performance- related options (C and D) relate to efficiency and scalability, not fairness. Therefore, systematically assessing whether the training data covers all relevant end-user groups is the most direct and effective way to evaluate and mitigate bias.
References: AI Security Management™ (AAISM) Study Guide - AI Risk Identification and Impact Assessment; Data Governance and Bias Section.

The AAISM governance framework specifies that the foundation of continuous monitoring is real-time tracking of key risk indicators. This ensures immediate detection of deviations, model drift, and operational anomalies. Automated alerts, dashboards, and reporting templates all support monitoring, but they rely on the presence of accurate, real-time KRI measurement as their source. Without live monitoring, the other controls are reactive rather than proactive. The most important course of action in establishing effective continuous monitoring is therefore real-time KRI tracking.
References:
AAISM Study Guide - AI Governance and Program Management (Continuous Monitoring and Assurance) ISACA AI Risk Guidance - Monitoring Key Risk Indicators

AAISM identifies training-data diversity and provenance assurance as primary treatments against data poisoning. Sourcing data from multiple, independently governed providers, combined with ingestion validation and anomaly screening, reduces the chance that a single compromised source can skew model behavior and improves cross-source consistency checks. Transparency, break-glass, and awareness are valuable but do not directly reduce poisoning exposure at the training boundary.
References: AI Security Management (AAISM) Body of Knowledge - Data Governance & Integrity for AI; Adversarial ML: Poisoning Threats and Mitigations; Supplier and Source Diversification Controls.