AI systems introduce unique security threat vectors that differ fundamentally from conventional IT security scenarios. Risk scenarios must address AI-specific attacks—model poisoning, adversarial inputs, output manipulation—that conventional security frameworks do not cover.
Why A is Correct: The ISACA AAIR AI security risk scenario guidance focuses on attacks that specifically exploit AI system properties—particularly techniques that maliciously alter AI outputs. These AI-specific attack vectors (adversarial examples, model inversion, prompt injection, output manipulation) represent the most important focus for AI security risk scenario development because they target capabilities unique to AI systems and cannot be addressed by repurposing conventional IT security scenarios.
Why B is Wrong: Business unit readiness documentation is a change management and organizational capability assessment activity. It supports AI adoption planning but does not constitute AI security risk scenario development.
Why C is Wrong: Access policy development is an important security control activity but represents control design rather than risk scenario development. Access policies respond to identified risks; they are not themselves risk scenarios.
Why D is Wrong: Quantum encryption is an emerging cryptographic technology addressing future threats to classical encryption. While relevant for long-term data protection planning, it represents a specialized and forward-looking concern rather than the most important focus for current AI security risk scenarios.
