Using AI for audit techniques

Using AI for audit techniques


Recently, The Comptroller and Auditor General of India (CAG), Girish Chandra Murmu, has warned about the potential pitfalls of relying too heavily on Artificial Intelligence (AI).


GS-03 (Science and Technology)

Mains Question:

  • Discuss the challenges and ethical considerations in adopting Artificial Intelligence for auditing purposes in India. (250 words)

Dimensions of the Article:

  • Responsible and Ethical AI
  • Need for AI Regulation
  • Challenges before the CAG
  • Compliance Issues

Responsible and Ethical AI:

  • Responsible AI is grounded in ethics and inclusivity. Only when AI adheres to ethical principles can it contribute to the credibility, trustworthiness, and scalability of CAG audits.
  • Ensuring that data sets are complete, timely, accurate, available, and relevant is paramount. Neglecting the integrity of data fields can result in flawed audit findings. Special vigilance is required when dealing with AI data obtained from unauthorized sources like social media, where data manipulation and fabrication are common.

Need for AI Regulation:

  • In a significant development, the European Parliament recently ratified the EU AI Act, a pioneering piece of legislation worldwide. This act places generative AI tools, including ChatGPT, under heightened scrutiny and regulation.
  • Developers must submit their AI systems for thorough review and approval before commercial release. Additionally, the EU Parliament has banned real-time biometric surveillance in public settings and “social scoring” systems.
  • The accuracy of vast internet data repositories poses a major challenge. AI-generated content can inadvertently infringe upon copyright, potentially violating intellectual property rights.
  • Addressing the legal aspects of content ownership in this context is a daunting task. AI bias, stemming from human biases in machine learning data sets, remains a significant concern. Visionaries like Elon Musk are actively working on solutions, with the concept of a “maximum truth-seeking AI” called ‘Truth GPT.’ This pursuit aims to harmonize technological progress with ethical considerations, presenting substantial challenges.
  • U.K. Prime Minister Rishi Sunak has expressed a desire to position the U.K. as the epicenter of AI safety regulation. It is increasingly evident that India should draw inspiration from the EU’s proactive approach and enact legislation concerning the use of AI systems.

Challenges before the CAG:

  • The CAG confronts numerous hurdles in auditing AI systems, primarily pertaining to AI regulation and data standardization. As data for various government entities originate from disparate sources and are stored on diverse platforms, auditors face substantial risks and complexities. Audits cannot solely rely on unauthenticated big data sources; thus, data integration and cross-referencing become unwieldy.
  • Efforts are underway to digitalize the audit process, exemplified by the ‘One Indian Audit and Accounts Department One System’ initiative. However, security concerns postpone its implementation for defense audits. The SAI G20 conference has underscored the necessity for a unified international audit framework concerning AI.
  • Presently, auditors can only adapt existing IT frameworks and regulations since there are limited precedents for AI usage. Effective communication with stakeholders is imperative. Definitions and taxonomies of AI must align with legal standards. Given the diversity of AI systems and solutions, auditors must select appropriate design and architecture while defining the audit’s objectives, scope, approach, criteria, and methodology.
  • Capacity building is essential, enabling auditors to grasp various facets of the AI technology landscape, including frameworks, tools, and software. In the absence of explicit AI auditing guidelines, auditors must prioritize ethics, rely on authentic data sources for transparency, address legal concerns, and scrutinize IT controls and governance deficiencies.
  • AI audit assignments may necessitate consultation with data experts, programmers, and AI specialists.

Compliance Issues:

  • Global organizations have crafted several AI auditing frameworks, encompassing the COBIT framework for AI audits, the U.S. Government Accountability Office framework, and the COSO ERM Framework.
  • The U.K.’s Information Commissioner’s Office has released preliminary guidance on AI auditing frameworks.
  • Due to the paucity of comprehensive AI auditing frameworks, auditors currently focus on evaluating the effectiveness of existing risk management, control, and governance structures to gauge their efficiency.


Embracing responsible AI practices, adapting to evolving global standards, and fostering transparency will be pivotal in achieving successful and unbiased audits.