AAISM · Question #43
Security and assurance requirements for AI systems should FIRST be embedded in the:
The correct answer is A. Model design phase. AAISM directs organizations to embed security, safety, and compliance controls at design time ("secure-by-design" and "shift-left"), ensuring requirements for robustness, privacy, and governance are defined as non-functional constraints on architecture, data sourcing, model choic
Question
Security and assurance requirements for AI systems should FIRST be embedded in the:
Options
- AModel design phase
- BModel training phase
- CModel testing phase
- DModel deployment phase
How the community answered
(24 responses)- A88% (21)
- B4% (1)
- D8% (2)
Explanation
AAISM directs organizations to embed security, safety, and compliance controls at design time ("secure-by-design" and "shift-left"), ensuring requirements for robustness, privacy, and governance are defined as non-functional constraints on architecture, data sourcing, model choices, and evaluation criteria before any model is trained. Deferring these requirements to training, testing, or deployment increases residual risk and rework, and weakens traceability of control coverage.
Topics
Community Discussion
No community discussion yet for this question.