Free AIGP Practice Test Questions 2026

Summary
This question tests the specific transparency obligations under the GDPR related to automated decision-making, including profiling. The GDPR establishes a right for individuals to be informed when a decision is made solely by automated means, and it grants them the right to understand the rationale behind that decision. This is a distinct and critical part of the broader transparency principle, focusing on explainability in automated contexts.

Correct Option

A. The existence of automated decision-making and meaningful information on its logic and consequences.

Core Transparency for Automation:
This is a direct requirement from Article 22 and Recital 71 of the GDPR. When automated decision-making is used, data subjects must be informed that it is occurring.

Meaningful Information about Logic:
Crucially, they must be provided with "meaningful information about the logic involved." This does not mean revealing the full algorithm, but rather a clear, understandable explanation of the key factors and criteria the system uses to reach its decision, as well as the significance and envisaged consequences of that decision for the individual.

Incorrect Option

B. The personal data used during processing, including inferences drawn by the Al system about the data.
While data subjects have a right of access to their personal data under Article 15, this option describes a broader access right, not the specific transparency information required at the point of collection for automated decision-making. The focus of the transparency principle in this context is on the logic and consequences, not a comprehensive list of all data and inferences.

C. The data protection impact assessments carried out on the Al system and legal bases for processing.
While the legal basis for processing must be provided under the general transparency principle (Article 13), providing the full DPIA is not a requirement. The DPIA is an internal accountability document for the controller to demonstrate compliance, not information that must be directly provided to every data subject.

D. The contact details of the data protection officer and the data protection national authority.
This is a general transparency requirement under Article 13(1)(b) that applies to all data processing, not a specific requirement related to the context of automated decision-making outlined in Article 22.

Reference
General Data Protection Regulation (GDPR), Article 22 (Automated individual decision-making, including profiling) and Recital 71. These provisions explicitly state that data subjects have the right to "obtain an explanation of the decision reached" and to "challenge the decision." This forms the legal basis for the requirement to provide meaningful information about the logic, significance, and consequences.

Summary
The OECD AI Principles are a foundational, international standard for responsible AI. They are not a legally binding regulation but a framework for self-regulation and policy-making. Their core approach is to provide high-level, values-based principles that are intended to be adaptable across different sectors and technologies. The framework's primary method for preventing harm is to create a balanced ecosystem that fosters both innovation and trust, rather than imposing specific technical or sectoral requirements.

Correct Option

D. Balancing Al innovation with ethical considerations.

Core Philosophy of the OECD Framework:
The very title of the OECD Council Recommendation on AI is "OECD Legal Instruments Recommendations of the Council on Artificial Intelligence," and its first principle is "Inclusive growth, sustainable development and well-being." This highlights its dual goal.

Holistic and Adaptive Approach:
The framework is designed to be agile and avoid stifling innovation. It proposes that by integrating ethical values (like fairness, transparency, and accountability) into the entire AI system lifecycle, organizations and governments can proactively prevent societal harms without resorting to rigid, one-size-fits-all rules. This balance is the essence of its self-regulatory model.

Incorrect Option

A. Establishing explainability criteria to responsibly source and use data to train Al systems.
While the OECD principles include values like transparency and explainability, and responsible data management, it does not establish specific criteria. It sets high-level expectations, leaving the implementation of specific technical criteria to individual organizations and jurisdictions.

B. Defining requirements specific to each industry sector and high-risk Al domain.
This is a description of a risk-based, regulatory approach, such as the one taken by the EU AI Act. The OECD framework is intentionally non-sector-specific and provides universal principles. It does not define detailed requirements for high-risk domains.

C. Focusing on Al technical design and post-deployment monitoring.
While technical design and monitoring are important practices within the framework, they are components, not the overarching method. The OECD's approach is much broader, encompassing policy, national governance, international cooperation, and the entire socio-technical ecosystem, not just the technical lifecycle.

Reference
OECD Council Recommendation on Artificial Intelligence (OECD/LEGAL/0449). The five complementary value-based principles for the responsible stewardship of trustworthy AI are: Inclusive growth, sustainability, and well-being; Human-centered values and fairness; Transparency and explainability; Robustness, security, and safety; and Accountability. The accompanying recommendations for national policies and international cooperation focus on fostering a digital ecosystem for trust and innovation, which directly aligns with balancing innovation with ethical considerations.

Summary
The EU AI Act uses a risk-based approach, with the most severe category being "unacceptable risk." Applications in this category are considered a clear threat to safety, livelihoods, and fundamental rights and are therefore prohibited. The Act explicitly bans certain practices, and one of the most prominent examples is the use of AI by public authorities for social scoring, which undermines human dignity and democratic values.

Correct Option

C. A government-run social scoring tool.

Unacceptable Risk, Not High-Risk:
It is crucial to note that a government-run social scoring tool is classified under Prohibited AI Practices (Title II, Article 5) of the EU AI Act, which is an even stricter category than "high-risk." The question asks for a "high-risk application," but among the options given, this is the only one that falls into a regulated risk category. The others are largely minimal risk.

Fundamental Rights Violation:
The Act explicitly bans "the evaluation or classification of the trustworthiness of natural persons based on their social behaviour or known or predicted personal or personality characteristics, with the social score leading to either or both of the following: (a) detrimental or unfavourable treatment... (b) detrimental or unfavourable treatment... in social contexts which are unrelated to the contexts in which the data was originally generated or collected." This is a precise description of a social scoring system.

Incorrect Option

A. A resume scanning tool that ranks applicants.
This is a correct example of a high-risk AI system under the EU AI Act. Annex III specifically lists "Employment, workers management and access to self-employment," and includes AI systems used for "recruitment or selection of natural persons, in particular for advertising vacancies, screening or filtering applications, [and] evaluating candidates" as high-risk. However, since the question presents only one correct choice and social scoring is a more definitive and severe example of a regulated (in this case, banned) application, Option C is the best answer.

B. An Al-enabled inventory management tool.
This would generally be considered a limited or minimal risk application. It is an operational tool for managing stock and supply chains. It does not pose a significant threat to fundamental rights or safety in a way that would classify it as high-risk under the EU AI Act.

D. A customer service chatbot tool.
Most customer service chatbots are classified as limited or minimal risk. They are required to comply with transparency obligations (i.e., informing users they are interacting with an AI), but they do not fall into the high-risk category unless they are used in a context that could significantly impact a person's rights (e.g., a chatbot used by a bank to decide on loan applications).

Reference
Regulation (EU) 2024/1689 (Artificial Intelligence Act).

Article 5(1)(c) explicitly prohibits "the evaluation or classification of the trustworthiness of natural persons based on their social behaviour... (social scoring)." Annex III, Section 4 explicitly lists AI systems used for "recruitment or selection of natural persons" as high-risk, which would include a resume scanning tool.

Summary
The White House Blueprint for an AI Bill of Rights is a U.S. framework outlining five principles to guide the design, use, and deployment of automated systems to protect the American public. These principles are: Safe and Effective Systems; Algorithmic Discrimination Protections; Data Privacy; Notice and Explanation; and Human Alternatives, Consideration, and Fallback. The Blueprint sets out high-level principles and expectations but does not create detailed, technical standards for implementation.

Correct Option

B. High-risk mitigation standards.

Principles vs. Standards:
The Blueprint is a principles-based framework, not a technical regulation. It identifies overarching goals like preventing discrimination and ensuring safety.

Lacks Specific Technical Mandates:
While it calls for "algorithmic discrimination protections," it does not define specific, measurable "high-risk mitigation standards" that systems must meet. The onus is on agencies and organizations to figure out how to implement the principles. This distinguishes it from a regulation like the EU AI Act, which does define specific standards and conformity assessments for high-risk AI systems.

Incorrect Option

A. Human alternatives, consideration and fallback.
This is one of the five core principles of the Blueprint. It explicitly states that you should be able to opt out of automated systems where appropriate and have access to a human alternative who can consider and quickly remedy problems.

C. Safe and effective systems.
This is the first principle outlined in the Blueprint. It calls for systems to be developed in consultation with diverse communities and to undergo pre-deployment testing, risk identification, and continuous monitoring to ensure they are safe and effective.

D. Data privacy.
This is a dedicated principle in the Blueprint. It calls for built-in protections to ensure data privacy and for users to have agency over how their data is used. You should be protected from abusive data practices and have control over your data.

Reference
The White House Office of Science and Technology Policy, "Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People" (October 2022). This is the official source document. It explicitly lists the five principles, which include Safe and Effective Systems, Algorithmic Discrimination Protections, Data Privacy, Notice and Explanation, and Human Alternatives, Consideration, and Fallback. The document does not contain detailed, technical "high-risk mitigation standards."

Summary
This question tests the distinction between core optimization algorithms used to train a neural network (i.e., find the optimal weights) and other types of machine learning models or techniques. Optimization techniques are iterative processes that adjust the weights of connections between neurons to minimize a loss function. The key is to identify the one option that, while related to ML, serves a different primary purpose and is not a weight optimization algorithm for a standard deep learning network.

Correct Option

C. Autoregression, which analyzes and makes predictions about time-series data.

A Predictive Model, Not an Optimizer:
Autoregression (AR) is a statistical model used for forecasting time-series data. It predicts future values based on a linear combination of past values.

Different Purpose and Mechanism:
While it has "parameters" that need to be estimated, it is not an optimization technique used to determine the weights between the layers of an artificial neural network. It is a model in its own right, typically optimized using methods like least squares, not the iterative weight-update algorithms used in deep learning.

Incorrect Option

A. Gradient descent, which initially sets weights arbitrary values, and then at each step changes them.
This is the foundational optimization algorithm for deep learning. It iteratively adjusts the weights in the direction that reduces the error (the gradient), making it a primary method for determining the strength of connections between neurons.

B. Momentum, which improves the convergence speed and stability of neural network training.
Momentum is a common enhancement to the standard gradient descent algorithm. It accelerates convergence and helps avoid local minima by adding a fraction of the previous update to the current one, directly influencing how the weights are optimized.

D. Backpropagation, which starts from the last layer working backwards.
Backpropagation is the essential algorithm for calculating the gradients of the loss function with respect to each weight in the network. While it is not the optimizer itself (like gradient descent), it is the mechanism that provides the necessary information to the optimizer on how to change the weights. It is intrinsically linked to the weight optimization process.

Reference
The distinction between these concepts is foundational knowledge in deep learning. Standard textbooks and courses (e.g., by Ian Goodfellow, Yoshua Bengio, and Aaron Courville) clearly categorize gradient descent, momentum, and backpropagation as components of the neural network training process, while defining autoregression as a separate class of model for time-series analysis.

Summary
The EU AI Act employs a risk-based regulatory pyramid. For the vast majority of AI systems, no pre-market registration is required. However, for systems classified as "high-risk" in Annex III of the Act, providers are subject to a strict conformity assessment procedure before they can place the system on the market or put it into service. This process includes registration in a dedicated EU database, which is managed by the European Commission and national authorities.

Correct Option

D. Al systems that are high-risk.

Mandatory Pre-Market Conformity:
The core regulatory obligation for high-risk AI systems under the EU AI Act is the requirement to undergo a conformity assessment (Article 43).

Registration in the EU Database:
Once conformity is demonstrated, the provider must register the high-risk AI system in a publicly accessible EU database (Article 49, Article 60) before it can be placed on the market or put into service. This registration is a key transparency and enforcement mechanism for high-risk systems.

Incorrect Option

A. Al systems that are harmful based on a legal risk-utility calculation.
The EU AI Act does not use a general "risk-utility" test for registration. It operates based on predefined categories of risk. Systems deemed "unacceptable risk" are outright banned (Article 5), not registered. The registration requirement is specifically and exclusively tied to the "high-risk" classification.

B. Al systems that are "strong" general intelligence.
The Act does not use the term "strong AI." It has a specific regulatory regime for General-Purpose AI (GPAI) models (Title VIII). While GPAI models have their own obligations (like transparency and risk management), the requirement for pre-market registration in the EU database is a specific obligation for high-risk AI systems, not for all GPAI models.

C. Al systems trained on sensitive personal data.
The use of sensitive data is governed by the GDPR. While many high-risk AI systems may process sensitive data, the registration requirement under the AI Act is triggered by the system's intended purpose and its classification in Annex III, not solely by the type of data it uses. A system could use sensitive data but not be high-risk (e.g., a wellness app), and a high-risk system might not use sensitive data (e.g., certain critical infrastructure management systems).

Reference
Regulation (EU) 2024/1689 (Artificial Intelligence Act).

Article 43 mandates that "High-risk AI systems shall be subject to a conformity assessment... with a view to placing it on the market or putting it into service."

Article 49 requires that "High-risk AI systems... shall be registered by their providers in the EU database... prior to being placed on the market or put into service."

Annex III provides the exhaustive list of high-risk AI systems.

Summary
This question tests the precise definition of key AI trustworthiness concepts. The ability to provide a rationale for a specific output refers to the technical characteristic of a system that allows humans to understand the reasons behind an individual decision or prediction. This is a property of the AI model itself and the tools used to interpret it, focusing on the "how" and "why" of a singular result.

Correct Option

C. Explainable.

Post-hoc Rationale for Specific Outputs:
Explainability (or interpretability) refers to the ability to understand and explain the reasoning behind a specific decision made by an AI model. It provides a localized, post-hoc rationale, answering questions like "Why was this loan application denied?" or "What factors contributed to this medical diagnosis?"

Focus on Individual Decisions:
The keyword in the question is "a specific output." Explainability is the concept that directly deals with providing a justification for individual cases, often using techniques like feature importance scores or local surrogate models.

Incorrect Option

A. Accountable.
Accountability is a broader governance concept. It refers to the obligation of an organization to be responsible for the AI system's outcomes and to have mechanisms in place to address harms. While explainability supports accountability, they are not the same. An organization can be held accountable for a system even if it is not perfectly explainable.

B. Transparent.
Transparency is related but broader. It involves openness about the AI system as a whole—its capabilities, limitations, data sources, and high-level functioning. Transparency might mean disclosing that an AI is used for hiring, while explainability provides the reasons for a specific hiring decision. Transparency is about the "what," explainability is about the "why" for a given instance.

D. Reliable.
Reliability refers to the system's ability to perform consistently and correctly as intended over time and across various inputs. A reliable system produces accurate outputs, but it may not provide any rationale for why those outputs are generated. Reliability is about consistent performance, not the provision of a rationale.

Reference
National Institute of Standards and Technology (NIST) AI RMF 1.0. The framework clearly distinguishes these concepts. It defines "Explainability & Interpretability" as concerning "the ability to understand the AI system's output," aligning perfectly with the question. It separates this from "Transparency" (disclosure of information to enable trust) and "Accountability" (responsibility for the system's outputs).

Summary
The 1956 Dartmouth Summer Research Project is a seminal event in the history of artificial intelligence. While it involved discussions on intelligence, computers, and society, its primary and most significant legacy is that it served as the formal, organized birthplace of AI as a distinct scientific field. The event, proposed by John McCarthy, who also coined the term "artificial intelligence," brought together the founding researchers who defined the discipline's initial goals and research programs.

Correct Option

D. A meeting focused on the founding of the Al field.

The Birth of AI as a Discipline:
This event is universally recognized in computer science history as the founding moment of AI. It was here that the term "artificial intelligence" was first officially adopted to describe the new field of study.

Convening the Pioneers:
The project brought together key pioneers like John McCarthy, Marvin Minsky, Nathaniel Rochester, and Claude Shannon, whose work would define and drive AI research for decades. The proposal for the conference explicitly stated its aim to explore the conjecture that "every aspect of learning or any other feature of intelligence can in principle be so precisely described that a machine can be made to simulate it."

Incorrect Option

A. A meeting focused on the impacts of the launch of the first mass-produced computer.
The conference was forward-looking and theoretical, focused on the potential of machines to exhibit intelligence. It was not a reaction to the launch of a specific commercial computer. The UNIVAC, an early commercial computer, was launched in 1951, and the Dartmouth project's focus was far more abstract than analyzing the societal impact of a specific machine.

B. A research project on the impacts of technology on society.
While the long-term societal impact of intelligent machines was likely discussed, this was not the project's central purpose or its historical significance. Its goal was technical and scientific: to make progress on the core problems of machine intelligence itself.

C. A research project to create a test for machine intelligence.
Alan Turing proposed his famous "Turing Test" in his 1950 paper, several years before the Dartmouth conference. The conference aimed to make concrete progress toward building intelligent machines, not to create a new test for it. The Turing Test was a philosophical concept that influenced the attendees, but it was not the project's objective.

Reference
The historical significance of the 1956 Dartmouth Conference is well-documented in academic histories of computer science and AI. The original proposal, "A Proposal for the Dartmouth Summer Research Project on Artificial Intelligence," is a key primary source. While not a "framework" like NIST or GDPR, its status as the founding event is a foundational piece of knowledge for understanding the AI field's origins, as covered in the contextual history of the IAPP AIGP curriculum.

Explanation: The EU AI Act explicitly prohibits the use of AI systems for social scoring by public authorities, as it can lead to discrimination and unfair treatment of individuals based on their social behavior or perceived trustworthiness. While AI can be used to promote equitable distribution of welfare benefits, manage border control, and even detect an individual's intent for law enforcement purposes (within strict regulatory and ethical boundaries), implementing social scoring systems is not permissible under the Act due to the significant risks to fundamental rights and freedoms.

Explanation: The IEEE Ethical System Design Risk Management Framework (IEEE 7000-21) would be most appropriate for XYZ Corp's governance needs in addition to the NIST AI Risk Management Framework. The IEEE framework specifically addresses ethical concerns during system design, which is crucial for ensuring the responsible use of AI in hiring. It complements the NIST framework by focusing on ethical risk management, aligning well with XYZ Corp's goals of deploying AI responsibly and mitigating associated risks.

Explanation: In the context of AI, particularly generative models, "hallucination" refers to the generation of outputs that are not based on the training data and are factually incorrect or nonexistent. The scenario described involves the generative AI tool providing incorrect and non-existent information about restaurants, which fits the definition of hallucination.
Reference: AIGP BODY OF KNOWLEDGE and various AI literature discussing the limitations and challenges of generative AI models.