To help internal audit fulfill this role, internal auditors can leverage The IIA’s AI Auditing Framework in providing AI-related advisory, assurance, or blended advisory/assurance services as appropriate to the organization. The Framework is comprised of three overarching components — AI Strategy, Governance, and the Human Factor — and seven elements: Cyber Resilience; AI Competencies; Data Quality; Data Architecture & Infrastructure; Measuring Performance; Ethics; and The Black Box.
Internal audit should consider numerous engagement or control objectives, and activities or procedures, in implementing the Framework and providing advisory, assurance, or blended advisory/assurance internal audit services related to the organization’s AI activities. Relevant objectives and activities or procedures that address the Strategy (Cyber Resilience and AI Competencies elements) and Governance (Data Architecture & Infrastructure, and Data Quality elements) of the Framework were provided in The IIA’s Artificial Intelligence Auditing Framework: Practical Applications Part A. This document provides relevant objectives and activities or procedures that address the Human Factor (Ethics and The Black Box elements) and Governance (Measuring Performance element). The Human Factor.