IAPP AIGP Exam Practice Test Instant Access

Question 1

You are a privacy program manager at a large e-commerce company that uses an Al tool to deliver personalized product recommendations based on visitors' personal information that has been collected from the company website, the chatbot and public data the company has scraped from social media.

A user submits a data access request under an applicable U.S. state privacy law, specifically seeking a copy of their personal data, including information used to create their profile for product recommendations.

What is the most challenging aspect of managing this request?

ASome of the visitor's data is synthetic data that the company does not have to provide to the data subject.

BThe data subject's data is structured data that can be searched, compiled and reviewed only by an automated tool.

CThe data subject is not entitled to receive a copy of their data because some of it was scraped from public sources.

DSome of the data subject's data is unstructured data and you cannot untangle it from the other data, including information about other individuals.

Answer : D

The most challenging aspect of managing a data access request in this scenario is dealing with unstructured data that cannot be easily disentangled from other data, including information about other individuals. Unstructured data, such as free-text inputs or social media posts, often lacks a clear structure and may be intermingled with data from multiple individuals, making it difficult to isolate the specific data related to the requester. This complexity poses significant challenges in complying with data access requests under privacy laws. Reference: AIGP Body of Knowledge on Data Subject Rights and Data Management.

Question 2

When monitoring the functional performance of a model that has been deployed into production, all of the following are concerns EXCEPT?

AFeature drift.

BSystem cost.

CModel drift.

DData loss.

Answer : B

When monitoring the functional performance of a model deployed into production, concerns typically include feature drift, model drift, and data loss. Feature drift refers to changes in the input features that can affect the model's predictions. Model drift is when the model's performance degrades over time due to changes in the data or environment. Data loss can impact the accuracy and reliability of the model. However, system cost, while important for budgeting and financial planning, is not a direct concern when monitoring the functional performance of a deployed model. Reference: AIGP Body of Knowledge on Model Monitoring and Maintenance.

Question 3

To maintain fairness in a deployed system, it is most important to?

AProtect against loss of personal data in the model.

BMonitor for data drift that may affect performance and accuracy.

CDetect anomalies outside established metrics that require new training data.

DOptimize computational resources and data to ensure efficiency and scalability.

Answer : B

To maintain fairness in a deployed system, it is crucial to monitor for data drift that may affect performance and accuracy. Data drift occurs when the statistical properties of the input data change over time, which can lead to a decline in model performance. Continuous monitoring and updating of the model with new data ensure that it remains fair and accurate, adapting to any changes in the data distribution. Reference: AIGP Body of Knowledge on Post-Deployment Monitoring and Model Maintenance.

Question 4

Training data is best defined as a subset of data that is used to?

AEnable a model to detect and learn patterns.

BFine-tune a model to improve accuracy and prevent overfitting.

CDetect the initial sources of biases to mitigate prior to deployment.

DResemble the structure and statistical properties of production data.

Answer : A

Training data is used to enable a model to detect and learn patterns. During the training phase, the model learns from the labeled data, identifying patterns and relationships that it will later use to make predictions on new, unseen data. This process is fundamental in building an AI model's capability to perform tasks accurately. Reference: AIGP Body of Knowledge on Model Training and Pattern Recognition.

Question 5

CASE STUDY

Please use the following answer the next question:

A mid-size US healthcare network has decided to develop an Al solution to detect a type of cancer that is most likely arise in adults. Specifically, the healthcare network intends to create a recognition algorithm that will perform an initial review of all imaging and then route records a radiologist for secondary review pursuant Agreed-upon criteria (e.g., a confidence score below a threshold).

To date, the healthcare network has taken the following steps: defined its Al ethical principles: conducted discovery to identify the intended uses and success criteria for the system: established an Al governance committee; assembled a broad, crossfunctional team with clear roles and responsibilities; and created policies and procedures to document standards, workflows, timelines and risk thresholds during the project.

The healthcare network intends to retain a cloud provider to host the solution and a consulting firm to help develop the algorithm using the healthcare network's existing data and de-identified data that is licensed from a large US clinical research partner.

The most significant risk from combining the healthcare network's existing data with the clinical research partner data is?

APrivacy risk.

BSecurity risk.

COperational risk.

DReputational risk.

Answer : A

The most significant risk from combining the healthcare network's existing data with the clinical research partner data is privacy risk. Combining data sets, especially in healthcare, often involves handling sensitive information that could lead to privacy breaches if not managed properly. De-identified data can still pose re-identification risks when combined with other data sets. Ensuring privacy involves implementing robust data protection measures, maintaining compliance with privacy regulations such as HIPAA, and conducting thorough privacy impact assessments. Reference: AIGP Body of Knowledge on Data Privacy and Security.

Question 6

All of the following may be permissible uses of an Al system under the EU Al Act EXCEPT?

ATo detect an individual's intent for law enforcement purposes.

BTo promote equitable distribution of welfare benefits.

CTo implement social scoring.

DTo manage border control.

Answer : C

The EU AI Act explicitly prohibits the use of AI systems for social scoring by public authorities, as it can lead to discrimination and unfair treatment of individuals based on their social behavior or perceived trustworthiness. While AI can be used to promote equitable distribution of welfare benefits, manage border control, and even detect an individual's intent for law enforcement purposes (within strict regulatory and ethical boundaries), implementing social scoring systems is not permissible under the Act due to the significant risks to fundamental rights and freedoms.

Question 7

Which of the following disclosures is NOT required for an EU organization that developed and deployed a high-risk Al system?

AThe human oversight measures employed.

BHow an individual may contest a decision.

CThe location(s) where data is stored.

DThe fact that an Al system is being used.

Answer : C

Under the EU AI Act, organizations that develop and deploy high-risk AI systems are required to provide several key disclosures to ensure transparency and accountability. These include the human oversight measures employed, how individuals can contest decisions made by the AI system, and informing individuals that an AI system is being used. However, there is no specific requirement to disclose the exact locations where data is stored. The focus of the Act is on the transparency of the AI system's operation and its impact on individuals, rather than on the technical details of data storage locations.

IAPP AIGP Artificial Intelligence Governance Professional Exam Practice Test