Organisations’ adoption of Artificial Intelligence (AI) is increasing, as they seek to capture the opportunity associated with deploying AI. High priority focus areas include increased productivity, superior decision-making capabilities and new revenue streams.
With the improvement of AI systems functionality and reduction in their cost, it is expected that the rate of AI adoption will continue to increase, however, with opportunity comes risk. There is the potential for AI systems to facilitate decisions which lead to sub-optimal outcomes or make unethical decisions which are not aligned with an organisation’s values.
It is important to consider the existing regulatory requirements for handling personal data, and the regulatory environment for AI is developing rapidly. Public awareness of AI and the associated reputational risk are driving organisations to develop a deeper understanding of where and how they are deploying AI.
Organisations should consider their compliance position alongside their desire to unlock more value from data across the organisation.
The widely anticipated finalisation of the European Commission’s Artificial Intelligence Act (AI Act) is expected to be passed into law late 2023 or early 2024.
The adoption rate of emerging technologies, such as AI, and their use cases are different for each company. Internal audit teams need to determine an appropriate response in the context of the organisation's risk appetite and rate of adoption.
See Image 1, in which we provide a blueprint of key building blocks to be considered by internal audit teams in their review of the use of AI in the organisation.
Image 1: Enterprise strategic and operational building blocks for AI adoption
Internal Audit should prepare their teams to engage and assess emerging risks where AI adoption becomes more pervasive. We have summarised some of the key actions internal audit teams should consider:
Internal Audit should work closely with the business to understand the extent of AI use and assess whether risk management processes are fit for purpose.
In conclusion, the increasing adoption of AI brings with it new opportunities for organisations to improve productivity, decision-making and create new revenue streams. However, it also brings new risks, including the potential for sub-optimal and unethical decisions that are not aligned with an organisation's values. As the public becomes more aware of the ethical risks associated with AI, organizations are taking steps to understand their use of AI systems and ensure they are used responsibly.
Internal Audit is well positioned to ensure organisations have the confidence to pursue the opportunities AI present.
This article has expanded on excerpts from the Digital Risk – Artificial Intelligence hot topic as noted in the Deloitte UK’s annual report on Information Technology Hot topics for Internal Audit for 2023.