Most AI incidents at work come down to a few avoidable habits: pasting the wrong data, trusting the wrong output, or quietly using an unapproved tool. This interactive quiz turns those habits into short, scenario-based questions with instant explanations — a ready-made training checkpoint that runs entirely in the browser.
How it works
The quiz presents a series of realistic workplace scenarios about using AI tools. For each, you pick the best answer; the quiz immediately tells you whether you were right and explains why the correct choice protects data and follows policy. At the end you get a score and a topic summary so gaps are obvious. There is no backend — answers never leave your device.
What it teaches
The questions reinforce the essentials: never paste confidential, regulated, or customer data into unapproved tools; practice prompt hygiene by masking sensitive identifiers; recognize and avoid shadow AI by using only approved tools; always verify AI output before acting on it; and know when and how to report a suspected data exposure.
The habits the quiz reinforces
Data classification before pasting. The most common AI privacy incident at work is not a sophisticated attack — it is an employee pasting a customer spreadsheet, an HR record, or confidential contract text into a free AI tool to speed up a task. The quiz trains the instinct to ask “what kind of data is this, and is this tool approved for it?” before pasting anything.
Prompt hygiene. Even with an approved tool, well-structured prompts reduce risk. Masking real names, customer IDs, and sensitive numbers in a prompt before sending them reduces what is transmitted and logged. The quiz covers the practical hygiene habits: substitute names with generic labels, mask account numbers, do not paste credentials or API keys.
Shadow AI recognition. Shadow AI — using AI tools the organization has not reviewed or approved — is growing because AI tools are widely available and employees are trying to do their jobs more efficiently. The quiz helps employees understand that the problem is not using AI but using unapproved AI with data that may have residency, retention, or confidentiality obligations.
Output verification. AI models are helpful and wrong in ways that are hard to detect because the output is fluent and confident. The quiz reinforces the habit of verifying AI output before acting on it: checking facts, confirming numbers, and not sharing AI-generated analysis externally without reviewing it.
Knowing when to report. If a colleague is using an unapproved AI tool with sensitive data, or if a user suspects their data was sent somewhere unexpected, knowing when and how to report it is the last line of defence. The quiz covers this: what counts as a reportable concern and what the reporting path is.
Using the quiz in a training programme
The quiz runs entirely in the browser with no backend, which means it can be embedded in an internal training portal or simply linked as a standalone page without any privacy concerns — no employee data is collected or transmitted.
It works as:
- A standalone knowledge checkpoint within onboarding
- A refresher in annual security-awareness training
- A pre-test and post-test around a written AI access policy
- A self-assessment for employees who want to check their own habits
Pair it with your written AI access policy for the authoritative rules. The quiz builds the habits that policy alone cannot.
Tips and notes
- Use this alongside your written rules — the Zero-Trust AI Access Policy Generator produces the authoritative policy this quiz reinforces.
- Re-run it periodically; AI tools and risks change, and a once-a-year refresher keeps habits current.
- A high score means the concepts landed — it is not a substitute for clear policy and a working reporting channel.
- Nothing is stored — answers and scores are in-browser only.