AIGP Questions and Answers

Post-deployment AI maintenance typically includes ensuring that all model components are subject to a control framework, dedicating experts to continually monitor the model output, and evaluating the need for audits under certain standards. However, defining thresholds to conduct new impact assessments is usually part of the initial deployment and ongoing governance processes rather than a maintenance activity. Maintenance focuses more on the operational aspects of the AI system rather than setting new thresholds for impact assessments.

The correct answer is B because ISO/IEC 42005 emphasizes integrating AI risk management into existing enterprise risk management frameworks rather than creating siloed or duplicative processes. Effective AI governance requires embedding AI-specific risks into established governance structures such as risk registers, controls, and monitoring systems. This ensures consistency, scalability, and alignment with organizational risk practices. Options C and D introduce parallel or fragmented processes, which contradict the principle of integrated governance and may create inefficiencies or gaps. Option A focuses only on data collection and does not address governance integration. The AI Governance in Practice Report highlights that organizations should incorporate AI risks into broader enterprise risk management and maintain unified risk registers to ensure visibility, accountability, and coordinated mitigation across the organization.

Under the EU regulations, particularly the GDPR, banks using AI for decision-making must inform users about the use of AI and provide mechanisms for users to contest decisions. This is part of ensuring transparency and accountability in automated processing. Explicit consent under the privacy directive (A) and disclosing under the Digital Services Act (B) are not specifically required in this context. An adequacy decision is related to data transfers outside the EU (C).

Private LLMs offer advantages likecustomizability,reduced hallucination,confidentiality, andalignment with enterprise-specific tasks, but theydo not inherently reduce the time or effortneeded fordata validation or verification— which remains an essential step regardless of model privacy.

From the AI risk and quality sections:

“Ensuring the quality of the data… is highly contextual and must be validated regardless of the model’s deployment environment.” (p. 17)

B, C, Dare legitimate benefits of private LLMs.

Ais incorrect — validation still requires time and resources.

The most significant risk from combining the healthcare network’s existing data with the clinical research partner data is privacy risk. Combining data sets, especially in healthcare, often involves handling sensitive information that could lead to privacy breaches if not managed properly. De-identified data can still pose re-identification risks when combined with other data sets. Ensuring privacy involves implementing robust data protection measures, maintaining compliance with privacy regulations such as HIPAA, and conducting thorough privacy impact assessments. Reference: AIGP Body of Knowledge on Data Privacy and Security.

The most comprehensive way to identify a full range of risks — legal, ethical, operational, and societal — for a new AI model is through aformal impact assessment, such as aData Protection Impact Assessment (DPIA)orAlgorithmic Impact Assessment.

From theAI Governance in Practice Report 2025:

“Risk-based approaches are often distilled into organizational risk management efforts, which put impact assessments at the heart of deciding whether harm can be reduced.” (p. 29)

“DPIAs… help organizations identify, analyze and minimize data-related risks and demonstrate accountability.” (p. 30)

A. Environmental scanis too general.

B. Red teamingis useful for adversarial risk but not broad.

C. Integration testingfocuses on technical/system compatibility, not overall risk.

Retraining an LLM (Large Language Model) is primarily done to improve or maintain its performance as data changes over time, to fine-tune it for specific use cases, and to incorporate new data interpretations to enhance accuracy and relevance. However, ensuring interpretability of the model ' s predictions is not typically a reason for retraining. Interpretability relates to how easily the outputs of the model can be understood and explained, which is generally addressed through different techniques or methods rather than through the retraining process itself. References to this can be found in the IAPP AIGP Body of Knowledge discussing model retraining and interpretability as separate concepts.

The best human oversight mechanism for the police department to implement is for a police officer to consider the AI recommendation as part of the criminal investigation. This ensures that the AI system ' s output is used as a tool to aid human decision-making rather than replace it. The police officer should integrate the AI ' s insights with other evidence and contextual information to make informed decisions, maintaining a balance between technological aid and human judgment. Reference: AIGP Body of Knowledge on AI Integration and Human Oversight.

Machine learning (ML) is a subset of artificial intelligence (AI) where systems use data to learn and improve over time without being explicitly programmed. Option B accurately describes machine learning by stating that systems can automatically improve from experience through predictive patterns. This aligns with the fundamental concept of ML where algorithms analyze data, recognize patterns, and make decisions with minimal human intervention. Reference: AIGP BODY OF KNOWLEDGE, which covers the basics of AI and machine learning concepts.

Typically, actors involved in the AI development life cycle include data architects (who design the data frameworks), socio-cultural and technical experts (who ensure the AI system is socio-culturally aware and technically sound), and legal and privacy governance experts (who handle the legal and privacy aspects). Government regulators, while important, are not directly engaged in the development process but rather oversee and regulate the industry. Reference: AIGP BODY OF KNOWLEDGE and AI development frameworks.

During the first month of monitoring the model for bias, it is most important to continue disparity testing. Disparity testing involves regularly evaluating the model ' s decisions to identify and address any biases, ensuring that the model operates fairly across different demographic groups.

Business A is integrating a generative AI model licensed from a third party (Business B) and is primarily concerned with the risk of toxic or obscene outputs being delivered to users. In this scenario,testing and validationof the AI model for such content risks is the most direct and effective governance strategy.

According to theAI Governance in Practice Report 2025, organizations thatdeployAI must engage inperformance monitoring protocolsand ensure systems perform adequately for theirintended purposes, including filtering harmful content:

“Operational governance… development of: →Performance monitoring protocols to ensure systems perform adequately for their intended purposes.” (p. 12)

“Product governance... includes: →System impact assessments to identify and address risk prior to product development or deployment.” (p. 11)

Furthermore, under theEU AI Act, which sets the global standard many organizations aim to align with, there is a clear obligation to test and monitor systems for potential harmful behavior:

“The act imposes regulatory obligations… such as establishing appropriate accountability structures,assessing system impact, providing technical documentation,establishing risk management protocols and monitoring performance...” (p. 7)

Option B directly reflects this best practice ofpre-deployment testing and validationto ensure that the model aligns with Business A’s minimum content safety requirements.

Let’s now evaluate the incorrect options:

A. Fine-tuning on verified user-generated textmay improve model alignment but does not guarantee that the model will generalize correctly, especially if Business A lacks access to model internals (common in third-party licensing scenarios). Fine-tuning also introduces its own risks and may be contractually restricted.

C. A user reporting featureisreactive, not preventive. While helpful for long-term monitoring and mitigation, it does not prevent the initial harm of toxic outputs, which isBusiness A ' s primary concern.

D. Requesting documentation from Business Bis useful for transparency and risk management, but it does not replaceindependent verificationthat the model meets Business A’s content safety standards.

Thus,testing the model ' s behavior for unacceptable outputs before deploymentis the most aligned approach with AI governance best practices and obligations.

The correct answer isB – Proprietary methods. While transparency is important, organizations arenot obligated to disclose proprietary algorithms, methods, or trade secretsin public disclosures.

From the AIGP Body of Knowledge – Transparency & Disclosures:

“AI system users should disclose the purpose, capabilities, limitations, and applicable legal context—but not sensitive IP.”

AI Governance in Practice Report 2025 (Transparency Section) states:

“Disclosure requirements balance public understanding with the need to protect proprietary business interests. Proprietary training methods are not expected to be disclosed.”

Thus, while it’s best practice to disclose theintended purpose, legal compliance, and system limitations,internal proprietary techniquesare usually excluded.

===========

Minimizing human involvement to the extent practicable is not a best practice during the testing of an ML model. Human oversight is crucial during testing to ensure that the model performs correctly and ethically, and to interpret any anomalies or issues that arise. Best practices include using representative test data, anonymizing data to the extent practicable, and performing testing specific to the intended uses of the model. Reference: AIGP Body of Knowledge on AI Model Testing and Human Oversight.

Under theEU AI Act, serious incidents involvinghigh-risk AI systemsmust be reported. The deployer is required topromptly inform the provider and relevant authoritiesabout the issue.

From theAI Governance in Practice Report 2025:

“Serious incidents involving high-risk systems… must be reported to the provider and relevant market surveillance authority.” (p. 35)

“Timely reporting is required when AI systems result in or may result in violations of fundamental rights.” (p. 35)

When notifying an accused perpetrator, the police officer should provide information about how the individual was identified by the AI system. This transparency is crucial for maintaining trust and ensuring that the accused understands the basis of the charges against them. Information about the accuracy, how to oppose the charges, and the composition of the training data, while potentially relevant, do not directly address the immediate need for the accused to understand the specific process that led to their identification. Reference: AIGP Body of Knowledge on AI Transparency and Explainability.

Once a company moves from being adeployerto also acting as aprovider or developer, it assumesnew obligationsunder regulations like the EU AI Act. One of the core requirements for providers is to produce and maintaintechnical documentation, including descriptions of the model, associated risks, and mitigation strategies.

From theAI Governance in Practice Report 2025:

“Providers of high-risk AI systems must draw up technical documentation demonstrating the system’s conformity with the requirements... including potential risks and safeguards applied.” (p. 34)

“This documentation must be available before placing the system on the market.” (p. 35)

The correct answer isA. TheARIA programby NIST is explicitly designed tosupport stakeholders in understanding and managing the risks and impactsof AI systems.

From the AIGP ILT Guide – U.S. Risk Frameworks Module:

“NIST’s ARIA program develops and pilots assessment tools for AI risks and impacts, aimed at improving organizational capacity for responsible AI use.”

Also cited in the AI Governance in Practice Report 2025 (Frameworks Section):

“ARIA supports and aligns with the AI Risk Management Framework by helping organizations assess AI harms, safety concerns, and societal implications.”

ARIA isnota red-teaming or sandbox program—it’s anassessment and governance resource.

===========

The correct answer is A because of the fundamental bias-variance tradeoff in machine learning. When model complexity is reduced, the model becomes simpler and less flexible, which decreases variance because it is less sensitive to fluctuations in the training data. However, this simplification comes at the cost of increased bias, meaning the model may oversimplify relationships and fail to capture underlying patterns accurately. This tradeoff is a core concept in AI fundamentals and directly impacts model per formance, reliability, and governance decisions. From an AI governance perspective, understanding this balance is critical when evaluating model risk, as high bias can lead to systematic errors and fairness issues, while high variance can result in instability and unpredictability in outputs. Proper model tuning aims to balance both for optimal and responsible performance.

The OECD ' s Ethical AI Governance Framework aims to ensure that AI development and deployment are carried out ethically while fostering innovation. The framework includes principles like transparency, accountability, and human rights protections to prevent societal harm. It does not focus solely on technical design or post-deployment monitoring (C), nor does it establish industry-specific requirements (B). While explainability is important, the primary goal is to balance innovation with ethical considerations (D).

Differential privacy is a technique used to ensure that the inclusion or exclusion of a single data point does not significantly affect the outcome of any analysis, providing a way to mathematically prove that no specific piece of training data has more than a negligible effect on the model or its output. This is achieved by introducing randomness into the data or the algorithms processing the data. In the context of training large language models (LLMs), differential privacy helps in protecting individual data points while still enabling the model to learn effectively. By adding noise to the training process, differential privacy provides strong guarantees about the privacy of the training data.

The correct answer isC. Thechoice of architecture(e.g., neural networks vs. decision trees) is typically part of thedesign and developmentphase, not the initial planning.

From the AIGP Body of Knowledge – AI Lifecycle Module:

“Planning involves scoping, context definition, stakeholder identification, governance planning, and assumptions—not yet model selection.”

Confirmed in the ILT Participant Guide:

“Design decisions such as architecture or algorithm type come after planning—usually during development based on technical feasibility and data availability.”

Reviewing the terms of use is essential when gathering data from a clinical research partner. This step ensures that the healthcare network complies with all legal and contractual obligations related to data usage. It addresses data ownership, usage limitations, consent requirements, and privacy obligations, which are critical to maintaining ethical standards and avoiding legal repercussions. This review helps ensure that the data is used in a manner consistent with the agreements made and the regulatory environment, which is fundamental for lawful and ethical AI development. Reference: AIGP Body of Knowledge on Legal and Regulatory Considerations.

Small language models (SLMs)arelightweight, requireless compute, and arebetter suited to low-resource or edge environments, making them ideal for agility and efficiency.

From general AI best practices:

“SLMs can be deployed in environments with limited computing power, ensuring lower cost and faster integration in constrained contexts.” (aligned with industry-wide AI deployment strategies)

The correct answer isD. Forming adedicated governance committeeensures continuous oversight, role clarity, and accountability throughout the AI lifecycle.

From the AIGP ILT Guide – Governance Structures:

“Organizations using AI in high-impact scenarios should establish a governance body responsible for oversight of risk, compliance, and ethical alignment.”

Also reflected in AI Governance in Practice Report 2025:

“Committees support cross-functional decision-making, provide guidance for updates, and maintain accountability. This is especially critical for high-stakes applications like marketing to diverse audiences.”

Options A, B, and C are valid supplementary actions, butDoffers a long-term and systematic governance mechanism.

Risk impact estimation occurs in the design phase of the AI life cycle. This step involves evaluatingpotential risks associated with the AI system and estimating their impacts to ensure that appropriate mitigation strategies are in place. It helps in identifying and addressing potential issues early in the design process, ensuring the development of a robust and reliable AI system. Reference: AIGP Body of Knowledge on AI Design and Risk Management.

Deploying a challenger AI model alongside a champion model is a strategy used to compare the performance of different models in a real-world environment. This approach helps in providing a framework to consider alternatives to the champion model, automating real-time monitoring of the champion model, and performing testing on the champion model. However, retraining the champion model is not a reason to deploy a challenger model. Retraining is a separate process that involves updating the champion model with new data or techniques, which is not related to the use of a challenger model.

The correct answer is B because continuous monitoring is a core component of AI governance that ensures systems remain effective, reliable, and aligned with their intended objectives over time. AI systems can degrade due to data drift, model drift, or changing real-world conditions, making ongoing performance tracking essential. Monitoring allows organizations to detect anomalies, biases, or performance issues and take corrective actions such as retraining or recalibration. Governance frameworks emphasize post-deployment oversight to ensure systems continue to operate safely and within acceptable risk thresholds. Option A incorrectly suggests fully autonomous evolution without oversight, which contradicts governance principles. Options C and D address specific operational concerns but do not capture the primary purpose of continuous monitoring, which is maintaining performance, accountability, and alignment with defined goals.

The correct answer is A because developing a social media presence typically does not require AI and can be effectively achieved through traditional digital marketing strategies, content planning, and manual engagement. AI governance principles emphasize that organizations should first determine whether AI is necessary or proportionate to the problem being solved. Using AI where simpler, deterministic, or human-driven solutions suffice can introduce unnecessary complexity, cost, and risk. In contrast, options B, C, and D involve tasks such as campaign optimization, personalization, and automation, which benefit significantly from AI capabilities like pattern recognition, predictive analytics, and natural language processing. Responsible AI governance encourages a “fit-for-purpose” approach, ensuring AI is only deployed when it provides clear added value over non-AI alternatives.

Bias in AI can be reduced during the planning and design phases through stakeholder involvement, human oversight, and careful data collection. While feature selection is critical in the development phase, it does not specifically occur during planning and design. Ensuring diverse stakeholder involvement and human oversight helps identify and mitigate potential biases early, and data collection ensures a representative dataset. Reference: AIGP Body of Knowledge on AI Development Lifecycle and Bias Mitigation.

Under the EU AI Act, high-risk AI systems like Crime Buster 9619 would require a detailed conformity assessment before being deployed in the EU market. This assessment ensures that the AI system complies with all relevant regulations and standards, addressing potential risks related to privacy, security, and discrimination. The company would not need to register the tool with the EU database (A), seek approval from an EU authority (B), or face a ban (D) as long as it meets the necessary conformity requirements​​​​.

The EU AI Act outlines specific penalties and enforcement mechanisms to ensure compliance with its regulations. Among these, fines for violations of banned AI applications can be as high as €35 million or 7% of the global annual turnover of the offending organization, whichever is higher. Proportional caps on fines are applied to SMEs and startups to ensure fairness. General Purpose AI rules are to apply after a 6-month period as a specific provision to ensure that stakeholders have adequate time to comply. However, there is no provision for an " AI Pact " acting as a transitional bridge until the regulations are fully enacted, making option C the correct answer.

The correct answer isD. Personalized content and advertisements, as long as properly disclosed and non-deceptive, arenot generally a consumer protection issueunder current legal regimes.

From the AI Governance in Practice Report 2025 (Consumer Protection Section):

“Standard practices like targeted advertising and recommendations are widely accepted provided they comply with transparency and consent requirements.”

Meanwhile, credit decision-making and misleading AI performance claims (Answers A and B) havealready led to regulatory enforcement.

The AIGP ILT Guide highlights:

“Deceptive claims, biased financial decisions, and unauthorized data use may violate consumer protection and privacy laws. Advertising personalization is routine but must be disclosed appropriately.”

The correct answer isE – Superintelligence.

While the other options (Autonomy, Automation, Adaptability, Speed and Scale) are commonly cited as real-world characteristics that affect governance today,superintelligenceremainsa theoretical concept.

From the AIGP ILT Guide and AI Governance in Practice Report 2025:

“Core AI characteristics—such as automation, adaptability, speed, and autonomy—require active governance due to their impact on decision-making, legal liability, and risk.”

However,superintelligenceis speculative and not a current feature of AI systems under governance frameworks like theEU AI Act or NIST RMF.

Thus, it ' snot a current characteristicrequiring governance in real-world enterprise settings.

The common types of machine learning include supervised learning, unsupervised learning, reinforcement learning, and deep learning. Cognitive learning is not a type of machine learning; rather, it is a term often associated with the broader field of cognitive science and psychology. Reference: AIGP BODY OF KNOWLEDGE and standard AI/ML literature.

When the accuracy of a model deteriorates, the best first step is to conduct champion/challenger testing. This involves deploying a new model (challenger) alongside the current model (champion) to compare their performance. This method helps identify if the new model can perform better under current conditions without immediately discarding the existing model. It provides a controlled environment to test improvements and understand the reasons behind the deterioration. This approach is preferable to directly replacing the model, performing audits, or running red-teaming exercises, which may be subsequent steps based on the findings from the champion/challenger testing.

To maintain fairness in a deployed system, it is crucial to monitor for data drift that may affect performance and accuracy. Data drift occurs when the statistical properties of the input data change over time, which can lead to a decline in model performance. Continuous monitoring and updating of the model with new data ensure that it remains fair and accurate, adapting to any changes in the data distribution. Reference: AIGP Body of Knowledge on Post-Deployment Monitoring and Model Maintenance.

The November 2023 White House Executive Order provides guidance that governmental agencies should limit access to specific uses of generative AI. This means that generative AI tools should be used in a controlled manner, where their applications are restricted to well-defined, approved use cases that ensure the security, privacy, and ethical considerations are adequately addressed. This approach allows for the benefits of generative AI to be harnessed while mitigating potential risks and abuses.

The correct answer is D because it directly reflects core data and model quality principles such as accuracy, performance consistency, and real-world effectiveness across different user groups. AI governance frameworks emphasize that quality must be evaluated based on whether outputs are accurate, complete, and fit for purpose in real-world conditions. Measuring accuracy by user group also supports fairness and bias detection, which are essential components of trustworthy AI. Option D captures outcome-based performance and aligns with continuous monitoring expectations across the AI lifecycle. In contrast, options A and C focus more on operational or technical metrics, while B reflects user sentiment rather than objective quality. According to AI governance principles, high-quality AI systems require ongoing evaluation of outputs against real-world results to ensure reliability, validity, and safe deployment.

The White House Executive Order of November 2023 designates the National Institute of Standards and Technology (NIST) as the responsible body for creating guidelines to conduct red-teaming tests of AI systems. NIST is tasked with developing and providing standards and frameworks to ensure the security, reliability, and ethical deployment of AI systems, including conducting rigorous red-teaming exercises to identify vulnerabilities and assess risks in AI systems.

The IEEE 7000-2021 Standard focuses on a value-based engineering methodology for addressing ethical concerns during system design. This standard guides engineers and organizations in integrating ethical considerations into the design and development processes of AI systems, ensuring that these technologies are developed responsibly and align with human values. Reference: AIGP Study Material, section on risk management frameworks and standards.

The correct answer isB. According to responsible AI practices,pre-deployment testingto ensurethe model behaves as expected and aligns with organizational requirements is critical.

From the AIGP ILT Guide:

“Testing for unacceptable outcomes such as toxicity, discrimination, or hallucinations should be included in the AI governance life cycle, particularly during development and prior to deployment.”

Also emphasized in the AI Governance in Practice Report 2025:

“Organizations must verify legal and regulatory compliance, monitor performance, and mitigate risksprior to deployment.”

Testing the model tomeet safety and appropriateness standardsis more proactive and preventive than relying solely on user reporting or requesting documentation.

===========

The correct answer isD. Transparency obligations under data protection laws, such as GDPR and most AI governance frameworks, require thatusers whose data is being processedbe directly informed.

From the AIGP ILT Guide (Privacy Module):

“The user privacy notice must be updated to explain the nature of automated processing, the logic involved, and the significance and consequences for the data subject.”

Also, per AI Governance in Practice Report 2025 (Part III):

“Transparency obligations apply throughout the lifecycle of AI… Individuals must be informed about automated decision-making and profiling that may impact them.”

Unlike internal policies or general privacy notices,the user privacy noticeprovides direct transparency to theindividual data subjectsaffected by AI processing.

===========

The correct answer is A because the most immediate governance step when a significant AI issue is identified is to formally log the incident within the organization’s incident management system. AI governance frameworks emphasize structured incident response processes to ensure issues are properly documented, tracked, escalated, and addressed in a controlled manner. Logging the incident triggers established workflows, including investigation, stakeholder notification, and remediation planning. While notifying stakeholders, auditing the system, or retraining the model are important follow-up actions, they should occur after the issue is formally recorded and managed through governance channels. This ensures accountability, traceability, and consistent handling of risks, particularly in cases involving bias and potential discrimination.

Developing a social media presence for a non-profit is best served by non-AI solutions. This task primarily involves content creation, community engagement, and strategic planning, which are effectively managed by human expertise and traditional marketing tools. AI is more suitable for tasks requiring automation, large-scale data analysis, and personalized recommendations, such as e-commerce personalization, forecasting cost overruns, or automating customer service responses. Reference: AIGP Body of Knowledge on AI Use Cases and Applications.

In the machine learning context, feature engineering is the process of extracting attributes and variables from raw data to make it suitable for training an AI model. This step is crucial as it transforms raw data into meaningful features that can improve the model ' s accuracy and performance. Feature engineering involves selecting, modifying, and creating new features that help the model learn more effectively. Reference: AIGP Body of Knowledge on AI Model Development and Feature Engineering.

The GDPR requires that individuals have the right to not be subject to decisions based solely on automated processing, including profiling, unless specific exceptions apply. One effective control is to establish a human-in-the-loop procedure (D), ensuring human oversight and the ability to contest decisions. This goes beyond just-in-time notices (A), data safeguarding (B), or review rights (C), providing a more robust mechanism to protect individuals ' rights.

The best reason for GVC to offer students the choice to utilize generative AI in limited, defined circumstances is to enable students to learn how to use AI as a supportive educational tool. By integrating AI in a controlled manner, students can learn the practical applications of AI and develop skills to use AI responsibly and effectively in their educational pursuits.

The correct answer isD. While modernization through software may support efficiency, it isnot a foundational or essential componentof designing an integrated strategy.

From the AI Governance in Practice Report 2025:

“Integrated strategies rely on senior management support, ethical reviews, and stakeholder engagement... The use of tools and platforms may come later as an operational enhancement.”

Also confirmed in AIGP Body of Knowledge:

“Key components of a governance framework include leadership buy-in, ethical analysis, and stakeholder input. Tools are supporting elements—not strategic drivers.”

===========

The Singapore Model AI Governance Framework recommends several measures to promote the responsible use of AI, such as determining the level of human involvement in decision-making, adapting governance structures, and establishing communications and collaboration among stakeholders. However, employing human-over-the-loop protocols is not specifically mentioned in this framework. The focus is more on integrating human oversight appropriately within the decision-making process rather than exclusively employing such protocols. Reference: AIGP Body of Knowledge, section on AI governance frameworks.

An AI system that maintains its level of performance within defined acceptable limits despite real-world or adversarial conditions is described as resilient. Resilience in AI refers to the system ' s ability to withstand and recover from unexpected challenges, such as cyber-attacks, hardware failures, or unusual input data. This characteristic ensures that the AI system can continue to function effectively and reliably in various conditions, maintaining performance and integrity. Robustness, on the other hand, focuses on the system ' s strength against errors, while reliability ensures consistent performance over time. Resilience combines these aspects with the capacity to adapt and recover.

The third-party consultant asked each vendor for information about the diversity of their datasets to assist in ensuring the fairness of the AI system. Diverse datasets help prevent biases and ensure that the AI system performs equitably across different demographic groups. This is crucial for a law enforcement application, where fairness and avoiding discriminatory practices are of paramount importance. Ensuring diversity in training data helps in building a more just and unbiased AI system. Reference: AIGP Body of Knowledge on Ethical AI and Fairness.

According to the EU AI Act, providers of high-risk AI systems are required to register with an EU oversight agency before these systems can be placed on the market. This requirement is part of the Act ' s framework to ensure that high-risk AI systems comply with stringent safety, transparency, and accountability standards. High-risk systems are those that pose significant risks to health, safety, or fundamental rights. Registration with oversight agencies helps facilitate ongoing monitoring and enforcement of compliance with the Act ' s provisions. Systems categorized under other criteria, such as those trained on sensitive personal data or exhibiting " strong " general intelligence, also fall under scrutiny but are primarily covered under different regulatory requirements or classifications.