Working with counterparts in legal, compliance, and risk will help, Gartner leader says.
Chief audit executives are facing increasing pressure from boards of directors this year to assure risk management, a leader at global research and consulting firm Gartner said in a recent interview. This comes as organizations are managing a slew of emerging legal and regulatory uncertainties, geopolitical and economic hurdles, and the use of AI as both a potential threat and a valuable business asset.
Audit committees need more risk insight from audit leaders in this environment, according to an article in Communications Today, a telecom news website and magazine in India. This will help
them support the board’s oversight responsibilities.
“2025 brings more high-profile risks and opportunities that are driving growing board focus on management, so CAEs need to be sure they are effective in helping the audit committee discharge its risk oversight responsibilities,” the Gartner leader said in the article. “CAES typically get less than 30 minutes with the AC during formal presentations. They must quickly focus on the information the AC needs most: currently, that relates to emerging high-impact risks such as AI and any systemic governance issues.”
Gartner experts recommend internal audit teams work with their counterparts in legal, compliance, and risk to:
- Get organized for AI accountability and define enterprise practices.
- Discover and inventory all AI used in the organization.
- Revisit and implement AI data classification, protection, and access management.
- Implement technical controls to support and enforce policies.
- Conduct ongoing governance, monitoring, validation, testing, and compliance throughout the whole process.
“AI has burst onto the business scene with the arrival of numerous public generative AI tools,” the Gartner official said. “What is perhaps the most difficult for internal audit, other than the rapid
adoption of the technology, is that AI risks manifest in complex and varied ways. Therefore, audit leaders are facing heightened pressure to ensure audit coverage of the new technology.”