AI Governance Professional (AIGP) (AIGP) practice questions

A facilities team builds a heating controller whose behaviour is fixed entirely by rules a programmer wrote, such as switching the boiler on whenever a sensor reads below 18 degrees. A governance lead is asked why this controller does not meet the widely used OECD and EU AI Act definition of an AI system. Which characteristic, present in that definition, does the controller lack?

• AIt infers from the inputs it receives how to generate outputs such as predictions or decisions, rather than only executing rules a human wrote.check_circle Correct
• BIt runs continuously rather than only when an operator manually triggers each individual action through the interface.
• CIt connects to the internet so that it can transmit its sensor readings to a remote server for storage.
• DIt stores a historical log of past temperature readings that an engineer can later download and inspect.

Why A is correct: The OECD and EU AI Act definition centres on a system that infers from input how to produce outputs like predictions, content, recommendations or decisions, which a fixed rules-only controller does not do.

Why B is wrong: Running continuously is tempting because people associate AI with always-on services, but autonomous scheduling is not what the definition turns on, and many simple automated devices run continuously without being AI.

Why C is wrong: Network connectivity sounds modern and AI-like, yet the definition says nothing about connectivity, and an offline model is still AI while a connected thermostat is not.

Why D is wrong: Keeping a data log feels relevant because AI uses data, but merely recording readings is passive storage and is not the inference of outputs that the definition requires.

A vendor markets a customer-service chatbot as artificial general intelligence because it answers questions on many topics. A governance reviewer notes that the tool is trained and tuned only for support conversations and fails outside that scope. Which type of AI does this tool actually represent?

• AArtificial general intelligence, because the system can hold a conversation across a wide range of everyday subjects with its users.
• BArtificial narrow intelligence, because it is designed and trained to perform within a single, bounded task domain.check_circle Correct
• CArtificial superintelligence, because the model responds far more quickly than a human support agent can type a reply.
• DSymbolic expert-system AI, because its replies are produced by a hand-curated decision tree of explicit support rules.

Why A is wrong: Conversing across topics looks like generality, but breadth of small talk is not the same as human-level competence across arbitrary tasks, which is what general AI denotes.

Why B is correct: Narrow AI is built for a specific, bounded task and does not generalise beyond it, which exactly describes a chatbot trained only for support and failing outside that scope.

Why C is wrong: Superintelligence is tempting given the speed, yet speed alone is not the criterion, and superintelligence refers to capability surpassing the best humans across virtually all domains.

Why D is wrong: Expert systems are a real AI category, so this is plausible, but a trained conversational model learns from data rather than running a hand-built rule tree, so the label does not fit.

A bank trains a loan-approval model on a decade of its own lending decisions. Independent testing shows the model approves a far lower share of applicants from one ethnic group than from others with comparable finances, mirroring historical patterns in the training data. Which AI risk does this most directly illustrate?

• AA cybersecurity risk, in which an external attacker has poisoned the training data to change the model's lending behaviour.
• BAn intellectual-property risk, because the model may have memorised confidential applicant records that it can later reproduce.
• CA bias and discrimination risk, in which the model reproduces unfair disparities present in the historical training data.check_circle Correct
• DA transparency risk, because applicants are not told that an automated model contributed to the decision on their loan.

Why A is wrong: Data poisoning is a genuine threat, which makes it tempting, but the scenario attributes the skew to historical patterns the bank itself produced, not to an external attacker tampering with the data.

Why B is wrong: Memorisation of training records is a real concern, yet the harm described is unequal approval rates across groups, not the leaking or copying of protected content.

Why C is correct: When a model learns from biased historical decisions it reproduces those disparities, here disadvantaging one group despite comparable finances, which is the defining pattern of AI bias and discrimination risk.

Why D is wrong: Failing to disclose automated decision-making is a transparency concern that often co-occurs, but the measured harm here is the unequal outcome itself, which is discrimination rather than non-disclosure.