A company deploying Einstein Bots for customer service wants to ensure compliance with GDPR's right to explanation. Which TWO measures should they implement?
Audit trails enable review and explanation of automated decisions.
Why this answer
Option A is correct because GDPR's right to explanation requires organizations to provide meaningful information about the logic involved in automated decision-making. An audit trail that logs which AI decisions were made and why directly satisfies this by recording the decision path, input features, and model version used, enabling retrospective explanation. Option C is correct because score factors (e.g., feature importance weights in Einstein Bot's predictive models) allow the bot to show why a specific action was recommended, fulfilling the transparency requirement under Article 22 of GDPR.
Exam trap
Cisco often tests the misconception that GDPR requires storing all data for audit purposes or avoiding AI entirely, when in fact it mandates data minimization and explainability of automated decisions, not prohibition of AI.