AAIA Exam Glossary - 38 Terms

Search the terminology pack for Advanced in AI Audit. Use these definitions with the study guide and practice questions.

Download App Study Guide Free Practice Exam

A

A/B testing: An experimental method that compares two versions of a model or system to measure performance differences.
Active monitoring: Ongoing observation of model behavior, risk indicators, and control effectiveness during operation.
Algorithm training: The process of adjusting model parameters so an algorithm learns patterns from data.
API query: A request sent to an application programming interface to retrieve data or invoke model behavior.
Automated processing: Decision-making or data handling performed by systems with minimal or no human involvement.
Automated reporting: The use of systems to generate audit or operational reports with minimal manual intervention.

B

Black box model: A model whose internal decision logic is difficult for humans to interpret or explain.

C

Canary deployment: A release strategy that routes a small portion of production traffic to a new model or system before broader rollout.

D

Data drift: A change in the statistical distribution of input data over time compared with the training data.
Data exfiltration: The unauthorized transfer or extraction of data from an organization’s controlled environment.
Data governance: The framework of policies, controls, and accountability for managing data quality, security, usage, and compliance.
Data leakage: A model development issue where information unavailable at prediction time improperly enters training or evaluation data.
Data lineage: Documentation that traces data origins, transformations, movement, and handling across its lifecycle.
Data use limitation: A governance principle restricting data usage to specific approved purposes and contexts.
Deep learning: A subset of machine learning using multi-layer neural networks to learn complex patterns from data.

F

Feature: An input variable or attribute used by a model to make predictions.

G

GDPR Article 22: A provision of the GDPR granting individuals rights related to decisions based solely on automated processing with significant effects.
Generative AI: AI systems that create new content such as text, images, code, or audio based on learned patterns.

H

Hyperparameter: A configuration value set before training that influences model learning behavior and performance.

I

ITAF: ISACA’s IT Assurance Framework providing standards, guidelines, and tools for IT audit and assurance engagements.

L

Label: The known target output associated with a training example in supervised learning.
Labeled dataset: A collection of training data where each record includes both input features and the expected target label.
Lifecycle stage: The current phase of a model or system, such as development, validation, deployment, monitoring, or retirement.
Live traffic: Actual production user requests or transactions processed by a deployed system.

M

Membership inference attack: An attack that attempts to determine whether a specific individual’s data was included in a model’s training set.
Metadata: Descriptive information about data or models, such as source, version, owner, or creation date.
MLOps: Practices and tools for managing the development, deployment, monitoring, and governance of machine learning models.
Model architecture: The structural design of a machine learning model, including layers, connections, and components.
Model interpretability: The extent to which humans can understand how a model produces its outputs or decisions.
Model registry: A centralized repository that stores model versions, metadata, lineage, and lifecycle status.

O

Output perturbation: A privacy-preserving technique that adds noise or modification to outputs to reduce information leakage.

R

Rate limiting: A control that restricts how frequently requests can be made to a service or API.
Risk tier classification: The categorization of AI use cases based on their level of risk and required controls.

S

Supervised learning: A machine learning approach in which models are trained using labeled examples that pair inputs with correct outputs.

T

Top-p sampling: A text generation method that limits token selection to the smallest set whose cumulative probability exceeds a threshold.
Training lineage: The traceable record of data, code, parameters, and processes used to build a model.

U

Unauthorized data disclosure: Exposure of sensitive information to parties, systems, or channels not approved to receive it.
Unstructured data: Data that does not follow a predefined schema, such as free text, emails, images, or audio.

About These Definitions

These definitions are loaded from the shared release pack. Use them with the study guide and practice questions to connect vocabulary to exam scenarios.

Download App Read the full study guide Take the free practice exam