Correct Answer: D
The correct answer is D - Privacy impact assessments (PIAs). These are directly adaptable for identifying risks in AI systems, particularly around data usage, bias, and individual impacts.
From the AIGP ILT Guide - Risk Management Module:
"PIAs and DPIAs are existing tools used in privacy compliance that can be extended to evaluate the risks of AI, including fairness, explainability, and legality." AI Governance in Practice Report 2024 further explains:
"Organizations can adapt privacy impact assessments to evaluate the ethical, legal, and technical risks posed by AI systems. They provide a structured and recognized method." PIAs are preferable over general security practices (like pen testing) which do not address algorithmic bias or legal compliance directly.