A financial services firm has implemented an AI model for algorithmic trading. During an audit, it is discovered that the model's decision logic is stored as a configuration file in a code repository with open write access for all developers. Which of the following is the MOST critical risk this practice introduces?
An auditor is evaluating the fairness of a loan approval AI system. The testing reveals that the model has a disproportionately higher false negative rate for applicants from a specific demographic group, even though protected attributes were excluded from the training data. What is the MOST likely cause of this bias?
An organization is using a third-party, cloud-based AI service for sentiment analysis of customer feedback. Which of the following audit procedures is MOST crucial for assessing data privacy risks? (Select TWO)
During an audit of an AI system's incident response plan, an auditor notes that the plan is identical to the organization's traditional IT incident response plan. What is the MOST significant gap in this approach?
When planning an audit of a newly deployed generative AI chatbot for customer service, what should be the auditor's PRIMARY focus?
True or False: In the context of AI auditing, statistical sampling is always preferable to judgmental sampling because it eliminates all forms of bias.
A manufacturing company uses an AI model to predict machinery failure. The model is highly accurate but is a complex 'black box' ensemble of deep learning networks, making its predictions difficult to interpret. This lack of explainability poses the GREATEST challenge to which of the following operational processes?
An e-commerce company is developing an AI-powered dynamic pricing engine. The AI governance committee is establishing key risk indicators (KRIs) for the system. Which of the following would be the MOST effective KRI for monitoring potential non-compliance with anti-price discrimination regulations?
A hospital is implementing an AI system to triage emergency room patients based on initial symptom data. According to the EU AI Act, this system would likely be classified as 'high-risk'. What is the PRIMARY implication of this classification for the audit scope?
An auditor is reviewing the MLOps pipeline for a critical AI model. The process is depicted below. The auditor's primary concern is ensuring model integrity and reproducibility. Which stage in this pipeline is MOST critical for achieving this objective? ```mermaid flowchart LR A[Data Ingestion] --> B{Feature Engineering} B --> C[Model Training] C --> D(Model Evaluation) D --> E{Model Registry} E --> F[Deployment] ```