According to scenario 9, was the audit team leader's decision to conduct a visit to ImoAI's premises acceptable?
Scenario 9: ImoAl, headquartered in California. USA, provides Al solutions for various industries such as finance, healthcare, retail, and manufacturing. Its clients include major financial institutions seeking Al powered fraud detection systems, healthcare providers leveraging Al for diagnostics and patient care, retailers optimizing supply chain management with Al forecasting, and manufacturers enhancing production efficiency through Al-driven automation.
ImoAl has recently undergone a certification audit to ensure that its artificial intelligence management system AIMS is in compliance with ISO/IEC 42001. During the audit, a major nonconformity related to data security protocols was identified, requiring urgent resolution.
ImoAl swiftly initiated corrective actions to address the
major nonconformity. The audit follow-up, in agreement with the auditee, was scheduled six weeks after the initial audit. As part of exploring alternatives to audit follow-up, the audit team leader chose to verify the effectiveness of the actions taken by the auditee by scheduling a specific visit to ImoAI's premises.
The follow-up audit involved a thorough evaluation of the effectiveness of these actions. The audit team leader thoroughly examined the corrections, corrective actions, and root cause analysis conducted by ImoAl to assess whether they adequately addressed the nonconformity identified during the initial audit.
In conjunction with the external audit follow-up, ImoAl engaged its internal auditing team to oversee the progress of corrective actions. The AIMS manager of ImoAl updated Ms. Rebecca Hayes, the internal auditor, on the status of corrections and corrective actions prompted by the nonconformity identified during the external audit. Subsequently, Ms. Hayes thoroughly reviewed these measures, analyzing the corrections, root causes, and effectiveness of the implemented actions.
Upon satisfactory validation of the action plans, ImoAl was recommended for certification.

• A.No, the audit team leader should have verified the effectiveness of the auditee's actions remotely
• B.Yes, the verification of corrections can be subject to a specific on-site visit at the auditee
• C.No, the effectiveness of auditee's actions could have been verified during an upcoming surveillance audit

Comment: *

Name: *

Email: *

Verification: *

Question:
During an audit, the auditor employed data analytic technology to identify anomalies and unusualpatterns in the decision-making processes of an AI system used by a financial institution to approve or reject loan applications. Which data analytic technology did the auditor use?

• A.Predictive analytics
• B.Text analytics
• C.Data mining
• D.Visual analytics

Comment: *

Name: *

Email: *

Verification: *

Question:
Which of the following describes a joint audit?

• A.When two or more auditing organizations cooperate to audit a single auditee
• B.When two or more management systems are audited together at a single auditee
• C.When an internal audit and a third-party audit are conducted simultaneously
• D.When audits are conducted back-to-back for efficiency

Comment: *

Name: *

Email: *

Verification: *

Which control in Annex A emphasizes the importance of security measures in AI system operations?

• A.Financial Auditing
• B.Access Control
• C.Performance Metrics
• D.Customer Feedback

Comment: *

Name: *

Email: *

Verification: *

During an audit, the auditor uncovers sensitive data regarding the AI system's algorithms and their decision-making processes. Which principle must the auditor adhere to when handling this information?

• A.Evidence-Based Approach
• B.Integrity
• C.Confidentiality
• D.Fair Presentation

Comment: *

Name: *

Email: *

Verification: *