SISA CSPAI Exam - Topic 2 Question 12 Discussion

Actual exam question for SISA's CSPAI exam

Question #: 12
Topic #: 2

[All CSPAI Questions]

What does the OCTAVE model emphasize in GenAI risk assessment?

AOperational Critical Threat, Asset, and Vulnerability Evaluation focused on organizational risks.

BSolely technical vulnerabilities in AI models.

CShort-term tactical responses over strategic planning.

DExclusion of stakeholder input in assessments.

Show Suggested Answer

Suggested Answer: A

by Lauran at Apr 01, 2026, 04:49 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

4 days ago

I’m a bit confused; I thought OCTAVE also considered stakeholder input, so D doesn’t seem correct to me.

upvoted 0 times

...

9 days ago

I remember studying that the focus is on evaluating assets and vulnerabilities, which makes A sound right.

upvoted 0 times

...

14 days ago

I think the OCTAVE model is more about organizational risks, so I’m leaning towards A, but I’m not completely sure.

upvoted 0 times

...