AAISM materials emphasize that in operational AI systems, key risk indicators (KRIs) must reflect risks to performance and reliability rather than technical design factors alone. In the case of threat detection, the most relevant KRI is the frequency of system overrides by human analysts, as this indicates a lack of trust, frequent false positives, or poor detection accuracy. Training epochs, model depth, and training time are technical metrics but do not directly measure operational risk. Analyst overrides represent a practical measure of system effectiveness and risk.
References:
AAISM Study Guide - AI Risk Management (Operational KRIs for AI Systems) ISACA AI Security Management - Monitoring AI Effectiveness

Under AAISM governance, management and control owners are accountable for remediation. For AI systems, the accountable role is the Model Owner (or equivalent business/service owner), who coordinates with architects, engineers, and operations to implement corrective actions and report closure. Internal auditors provide independent assurance and do not implement fixes; end users are not remediation owners.
References: AI Security Management (AAISM) Body of Knowledge - Roles & Accountability (Model Owner, Control Owner, Assurance); Audit Findings Management and Remediation Governance.

AAISM emphasizes preventive technical controls for LLM threats such as prompt injection, including input validation/sanitization, instruction isolation, allow/deny lists, context segmentation, and output filtering.
These reduce the model's exposure to adversarial instructions embedded in user prompts or retrieved context.
Monitoring (A) is detective, not preventive; increasing parameters (B) does not inherently improve security against injection; human-in-the-loop (D) is valuable for high-risk decisions but does not directly neutralize injection vectors at the control boundary the way input validation and content filtering do.
References: AI Security Management (AAISM) Body of Knowledge - Technical Controls for LLM Security; Input/Output Filtering and Context Isolation; Secure Inference and Prompt Injection Mitigations.

Within AAISM's privacy governance, consent is a lawful basis that authorizes processing of personal data for defined purposes. Its principal significance is granting the organization the authority to process user data in AI workflows in line with stated purposes and limits. While fairness (A) and security controls (C) are essential, they are distinct obligations; data subject rights such as rectification/erasure (B) exist regardless of consent and are not "enabled" by it. Therefore, the greatest significance of consent is that it legally permits processing under declared purposes and constraints.
References: AI Security Management (AAISM) Body of Knowledge - Privacy & Data Protection in AI; Lawful Basis and Purpose Limitation. AAISM Study Guide - Consent, Transparency, and Data Subject Rights; Privacy-by-Design Controls in AI Pipelines.

Hidden triggers are adversarial backdoors planted in AI models, activated only by specific inputs. The AAISM materials specify that the best mitigation is to use adversarial training, which deliberately exposes the model to potential trigger inputs during training so it can learn to neutralize or resist them. Retraining with diverse data reduces bias but does not address hidden triggers. Differential privacy is focused on privacy preservation, not adversarial resilience. Monitoring outputs can help with detection but is reactive rather than preventative. The proactive solution highlighted in the study guide is adversarial training.
References:
AAISM Exam Content Outline - AI Risk Management (Backdoors and Hidden Triggers) AI Security Management Study Guide - Adversarial Training as a Mitigation Control