Internal auditors play a critical role in ensuring ethical, compliant AI adoption by promoting strong governance, clear accountability, and lifecycle monitoring. Nick Ajmera, internal audit leader at an electrical utility, outlines board-level oversight, cross-functional committees, and unified policies aligned to frameworks like ISO/IEC 42001 and NIST. He highlights key risks’bias, drift, privacy, and explainability’and recommends KPIs, vendor controls, and monitoring tools to sustain effective AI governance.
Learning Objectives
• Identify key governance structures, roles, and policies required to support ethical and compliant AI adoption within internal audit and financial services organizations.
• Recognize significant AI-related risks
• including bias, drift, privacy, and explainability
• and their implications for audit, risk, and compliance functions.
• Distinguish how frameworks such as NIST AI RMF, COSO ERM, and ISO/IEC 42001 support the assessment, prioritization, and oversight of AI risks across the AI lifecycle.
• Select appropriate controls, KPIs, and monitoring practices to evaluate AI governance effectiveness, including third-party and post-implementation oversight.
