IAPP Updated AIGP Exam Questions and Answers by carla

The correct answer isB. According to responsible AI practices,pre-deployment testingto ensurethe model behaves as expected and aligns with organizational requirements is critical.

From the AIGP ILT Guide:

“Testing for unacceptable outcomes such as toxicity, discrimination, or hallucinations should be included in the AI governance life cycle, particularly during development and prior to deployment.”

Also emphasized in the AI Governance in Practice Report 2025:

“Organizations must verify legal and regulatory compliance, monitor performance, and mitigate risksprior to deployment.”

Testing the model tomeet safety and appropriateness standardsis more proactive and preventive than relying solely on user reporting or requesting documentation.

===========

The most critical reason for documenting AI-related risks is toreduce exposure to legal, regulatory, and reputational liabilities. Clear documentation demonstrates thatrisks were identified, assessed, and addressed, which is essential for accountability and defensibility in the face of audits, litigation, or enforcement actions.

From theAI Governance in Practice Report 2025:

“An effective AI governance model is about collective responsibility… which should encompass oversight mechanisms such as privacy, accountability, compliance.” (p. 13)

“Accountability… is based on the idea that there should be a person or entity that is ultimately responsible for any harm resulting from the use of the data, algorithm and AI system ' s underlying processes.” (p. 28)

While transparency, alignment with standards, and knowledge sharing are all secondary benefits,risk documentation’s primary role is liability mitigation.

The correct answer isB – The tech company. The party thatdevelops and trains the foundational modelis responsible for ensuring thelawful collection of training data.

From the AIGP ILT Guide – Foundational Models & Data Governance:

“Responsibility for the lawfulness of data collection typically lies with the party that trains the model—usually the provider or developer of the foundational model.”

AI Governance in Practice Report 2025 confirms:

“General Purpose AI providers are required to ensure that training data is lawfully acquired, including compliance with intellectual property and privacy requirements.”

The marketing agency is only auserordownstream integrator, not responsible for original data collection.

The primary purpose of conducting ethical red-teaming on an AI system is to simulate model risk scenarios. Ethical red-teaming involves rigorously testing the AI system to identify potential weaknesses, biases, and vulnerabilities by simulating real-world attack or failure scenarios. This helps in proactively addressing issues that could compromise the system ' s reliability, fairness, and security. Reference: AIGP Body of Knowledge on AI Risk Management and Ethical AI Practices.