AAISM · Question #75
When using AI as part of incident response, which of the following BEST ensures the automation aligns with regulatory and governance obligations?
The correct answer is D. Implement a tiered automation strategy where severity ratings inform the need for human oversight. Most regulatory frameworks (e.g., GDPR, NIST, ISO 27001) require human accountability for significant decisions, especially in high-impact security incidents. A tiered automation strategy allows low-severity, well-understood incidents to be handled autonomously, while escalating
Question
When using AI as part of incident response, which of the following BEST ensures the automation aligns with regulatory and governance obligations?
Options
- AUse deep learning models to autonomously classify all incidents
- BTrain the AI incident response platform to mirror legacy response workflows and log containment
- CApply anomaly detection models to filter incoming threats and automate containment
- DImplement a tiered automation strategy where severity ratings inform the need for human oversight
How the community answered
(21 responses)- A24% (5)
- B5% (1)
- C10% (2)
- D62% (13)
Explanation
Most regulatory frameworks (e.g., GDPR, NIST, ISO 27001) require human accountability for significant decisions, especially in high-impact security incidents. A tiered automation strategy allows low-severity, well-understood incidents to be handled autonomously, while escalating high-severity or ambiguous incidents to human reviewers - satisfying the human oversight requirements embedded in governance frameworks. Option A (fully autonomous classification by deep learning) eliminates human oversight entirely. Option B (mirroring legacy workflows) may not align with current regulations. Option C (anomaly detection for containment) is a useful control but doesn't address the governance/oversight dimension.
Topics
Community Discussion
No community discussion yet for this question.