Free Practice Questions for IAPP AIGP Exam

The correct answer is B because ISO/IEC 42005 emphasizes integrating AI risk management into existing enterprise risk management frameworks rather than creating siloed or duplicative processes. Effective AI governance requires embedding AI-specific risks into established governance structures such as risk registers, controls, and monitoring systems. This ensures consistency, scalability, and alignment with organizational risk practices. Options C and D introduce parallel or fragmented processes, which contradict the principle of integrated governance and may create inefficiencies or gaps. Option A focuses only on data collection and does not address governance integration. The AI Governance in Practice Report highlights that organizations should incorporate AI risks into broader enterprise risk management and maintain unified risk registers to ensure visibility, accountability, and coordinated mitigation across the organization.

The correct answer is D because AI impact assessments primarily focus on risks to individuals, society, and legal compliance, such as privacy, fairness, and potential harm. Core elements typically include evaluating the impact on privacy rights, identifying data sources and their lawfulness, and assessing potential bias or discriminatory outcomes. These factors are directly tied to regulatory expectations and ethical AI governance principles. While environmental considerations like energy consumption are increasingly discussed in broader AI sustainability conversations, they are not standard or required components of most AI impact assessments, especially for narrow use cases. AI governance frameworks prioritize human-centric risks, ensuring systems are lawful, fair, and safe, rather than focusing on operational metrics like energy usage in typical assessment processes.

The correct answer isA. Only GPAI modelswith systemic riskmustpublish a detailed summary of training datato meet transparency and accountability standards under the EU AI Act.

From the AI Governance in Practice Report 2025 (EU AI Act Section):

“For GPAI systems with systemic risk, providers must publish sufficiently detailed summaries of the content used to train the model.”

Also, the AIGP ILT Guide confirms:

“The obligation to disclose summaries of training data applies only to systemic-risk GPAI models, not all general-purpose models or high-risk systems.”

This unique requirement is part of the Act’s effort to increasetransparency and auditabilityfor powerful foundational models.

===========

AI ' s resource-intensive computing demands pose significant environmental risks. High-performance computing required for training and deploying AI models often leads to substantial energy consumption, which can result in increased carbon emissions and other environmental impacts. This is particularly relevant given the growing concern over climate change and the environmental footprint of technology. Organizations need to consider these environmental risks when developing AI systems, potentially exploring more energy-efficient methods and renewable energy sources to mitigate the environmental impact.

When anew versionof a third-party model is released, the deployer must ensure it still meets safety, performance, and compliance requirements — which calls for aformal audit.

From theAI Governance in Practice Report 2025:

“Any updates or changes to AI systems should trigger a re-evaluation to ensure continued compliance and performance.” (p. 12)

“Post-market monitoring includes reassessing the impact of updated models or retraining.” (p. 35)

The OECD ' s Ethical AI Governance Framework aims to ensure that AI development and deployment are carried out ethically while fostering innovation. The framework includes principles like transparency, accountability, and human rights protections to prevent societal harm. It does not focus solely on technical design or post-deployment monitoring (C), nor does it establish industry-specific requirements (B). While explainability is important, the primary goal is to balance innovation with ethical considerations (D).

The correct answer is D because it directly reflects core data and model quality principles such as accuracy, performance consistency, and real-world effectiveness across different user groups. AI governance frameworks emphasize that quality must be evaluated based on whether outputs are accurate, complete, and fit for purpose in real-world conditions. Measuring accuracy by user group also supports fairness and bias detection, which are essential components of trustworthy AI. Option D captures outcome-based performance and aligns with continuous monitoring expectations across the AI lifecycle. In contrast, options A and C focus more on operational or technical metrics, while B reflects user sentiment rather than objective quality. According to AI governance principles, high-quality AI systems require ongoing evaluation of outputs against real-world results to ensure reliability, validity, and safe deployment.

Before offering an AI solution in the EU market, a Canadian company must take several steps to comply with the EU AI Act. These steps include establishing a risk and quality management system (B), engaging a third-party auditor to perform a bias audit (C), and drawing up technical documentation and instructions for use (D). However, there is no requirement to register the AI solution in a public EU database (A). This registration step is not specified as part of the compliance requirements under the EU AI Act for such solutions​​​​.

Training data is used to enable a model to detect and learn patterns. During the training phase, the model learns from the labeled data, identifying patterns and relationships that it will later use to make predictions on new, unseen data. This process is fundamental in building an AI model ' s capability to perform tasks accurately. Reference: AIGP Body of Knowledge on Model Training and Pattern Recognition.

Establishing a global AI governance infrastructure involves several key elements, including providing training to foster a culture that promotes ethical behavior, creating policies and procedures to manage third-party risk, and understanding differences in norms across countries. While publicly disclosing ethical principles can enhance transparency and trust, it is not a core element necessary for the establishment of a governance infrastructure. The focus is more on internal processes and structures rather than public disclosure. Reference: AIGP Body of Knowledge on AI Governance and Infrastructure.