According to AuditBoard’s 2025 Focus on the Future report, 32% of internal audit leaders interviewed said they believe AI will significantly transform internal audit processes.
Why then, are so few internal auditors using AI?
According to the report, while 61% of internal audit leaders admit they lack AI expertise, they paradoxically ranked AI as their lowest concern amongst 14 key risk areas.
And whilst 55% of organisations are actively implementing some form of AI, only 2-4% of internal audit departments report making substantial progress in that area.
According to the report, less than 1 in 10 audit departments use AI in annual planning and only 20% use it in fieldwork.
Despite mounting evidence of the critical importance of AI, internal auditors appear reluctant to fully embrace it.
The report claims 74% of internal audit professionals identified AI as crucial to the profession’s future.
And yet, of the 375 audit leaders interviewed in order to compile the report, 35% expected to miss the deadline for conforming with the updated IIA Standards.
What is holding Internal Audit back?
Cost could be one reason. A bespoke AI system is expensive, although worth the investment for the second potential reason: reputation.
The world of AI is riddled with horror stories although, on closer inspection, many of the failings appear to have resulted from poor up-front specification or poor-quality data used in the fundamental ‘learning’ process. Although AI can certainly improve operational efficiency and support internal audit, the limitations inherent in machine-learning, and the consequences that can result from biased algorithms, can mean that without proper human supervision and control they might deliver an incomplete solution that opens an organisation to significant risk, including reputational risk.
On the subject of limitations, many AI algorithms are not designed to decode unstructured, highly complex data (such as legal contracts or financial agreements across multiple jurisdictions) so their effectiveness in detecting sophisticated and innovative fraud is likely to be limited at present. AI is restricted to the parameters defined while developing the software so it cannot take into account the wider business context or the implications of areas outside the pre-determined parameters.
Then there is the environmental argument: AI is data hungry, which means it is energy hungry. Add to that the vast amounts of water used in server cooling and it’s doubtful AI will win any environmental awards in the immediate future.
Could it be that Internal Audit is already facing an overwhelming array of waning diminishing resources, ever-changing regulations and new technologies?
Or are internal auditors simply cautious?
Whatever the reasons, AI is a train that Internal Audit cannot afford to miss. Progress around addressing environmental issues, data quality and programming are moving apace, as more and more businesses are benefiting from its often step-change impact.
If Internal Audit isn’t careful, it could find itself behind on the very curve it needs to assess.
Technology
Read more about TechnologyRead moreThe world of AI is riddled with horror stories although, on closer inspection, many of the failings appear to have resulted from poor up-front specification or poor-quality data used in the fundamental ‘learning’ process.
