Question 21
Domain 4 — AI Governance, Risk, Ethics, and TrustworthinessA financial institution evaluates AI risk management strategies. According to the NIST AI Risk Management Framework, which function involves allocating resources to address identified and measured AI risks? (Select one!)
Correct answer: A
Explanation
The NIST AI Risk Management Framework’s "Manage" function is where organizations "prioritize and act on AI risks" by implementing risk treatments and response actions. Allocating resources to address identified and measured risks is part of this risk treatment and response process, so the MANAGE function fits.
Why each option is right or wrong
A. MANAGE function implements risk treatments and response
Under the NIST AI Risk Management Framework (AI RMF 1.0), the GOVERN, MAP, MEASURE, and MANAGE functions are the core structure, and MANAGE is the function that addresses risk treatment and response after risks have been identified and assessed. The framework’s MANAGE function explicitly covers prioritizing risks and allocating the people, budget, and controls needed to respond to them, rather than merely cataloging or measuring them.
B. MAP function identifies risks in context
C. GOVERN function establishes accountability structures
D. MEASURE function assesses and tracks risks