Audit Committee Brief . AI Governance . May 2026

Certifying your data and AI programs before the board asks.

Most enterprise AI programs cannot produce, on demand, a list of every model in production, who owns each one, what data it touches, and which release decision it shipped under. This brief explains how to fix that for an Audit Committee in one quarter, and why the first economic sponsor for that work is usually the owner accountable for evidence, not the executive accountable for delivery.

Chander DhallBuilder . Leader . Speaker

Published May 2026 Reading time . 14 min Audit Committee Brief

95%

of enterprise GenAI pilots produce zero measurable P&L impact.

MIT Project NANDA, 2025

EUR 35M

Maximum fine, or 7% of global turnover, for prohibited AI uses under the EU AI Act.

EU AI Act, Art. 99

2 advisers

Charged by the SEC in March 2024 over allegedly misleading AI claims.

SEC, March 2024

Persistent

Director concern about board readiness for AI oversight, in NACD surveys.

NACD surveys, 2023-2024

Executive Summary . What changes in one quarter

The Audit Committee inherits an AI risk surface it did not design. Models ship under feature releases. Vendors describe readiness in marketing language. Policies are written in legal but cannot be executed by engineering.
Four artifacts decide whether an AI program is auditable: a signed model and data register, release-of-funds gates, a decision and exception log, and a board-ready brief.
The certification motion is 90 calendar days. Phase 1 exposes the gaps. Phase 2 remediates them. Phase 3 hands the committee a brief and an evidence pack designed for external review.
The first economic sponsor is usually the owner accountable for evidence, not the executive accountable for delivery. Audit owns the standard. Delivery operationalizes it.
The right moment to start is a quarter before the question lands. The wrong moment is the morning a regulator, plaintiff, or external auditor arrives.

01Why Audit owns evidence 02The pressure in numbers 03The certification model 04Common audit gap map 05Certified vs uncertified 06The 90-day motion 07What the committee receives 08When to engage 09Sources

Section 01

Audit owns the evidence standard. Delivery operationalizes it.

Engineering and the CIO function are measured on velocity, cost, and feature parity. Their incentives push toward shipping AI capability and away from slowing it down. That is not a character flaw. That is the role.

An Audit Chair, a Risk Committee, a General Counsel, and a Chief Compliance Officer are measured on defensibility. Their job is to be unsurprised. The first economic sponsor for a certification effort is usually the owner accountable for evidence, risk acceptance, and external review. The CIO becomes an ally once the gate is documented. The conversation changes from "you are slowing me down" to "you are giving me a release decision I can sign."

Audit Chair

Wants a clean opinion

Needs control owners, evidence retention, and a tested gate before the next external audit, ISO 42001 review, or SOX/ICFR cycle where AI touches financial reporting.

Buy this when: an examination is on the calendar.

Risk Committee

Wants a defensible record

Needs documented decisions, model inventory, exception logs, and incident playbooks tied to the company's stated risk appetite.

Buy this when: a director has asked "who owns this."

General Counsel

Wants reduced exposure

Needs clear approval records, vendor diligence files, and disclosures aligned with SEC and EU AI Act language.

Buy this when: a vendor contract is moving.

Chief Audit Executive

Wants reusable evidence

Needs a register, gates, and an exception log that internal audit can sample on its own schedule, not when a vendor permits it.

Buy this when: internal audit has AI on the plan.

Section 02

The pressure on Audit and Risk Committees is already here.

Each number below has already landed in an Audit Committee inbox somewhere. None of them is a vendor talking point. They are the floor of the conversation, not the ceiling.

95% of GenAI pilots produce zero measurable P&L impact.^[1] Capital is flowing on reputational pressure rather than operational conviction. The Audit Chair is one quarter of board questions away from explaining why.
EUR 35 million, or 7% of global turnover, whichever is higher.^[2] The EU AI Act, Article 99, specifies the maximum administrative fine for prohibited AI uses. High-risk uses carry their own penalty tier. The penalty schedule applies regardless of where the model was developed if the output reaches the EU.
SEC AI-washing enforcement.^[3] In March 2024 the SEC charged two investment advisers for allegedly misleading statements about their use of AI. The agency has signaled continued scrutiny. Disclosures must match what the firm actually does.
Self-reported board AI knowledge gap.^[4] NACD director surveys report persistent director concern about board readiness for AI oversight. The Audit Committee is usually the first to act because the question always lands on the audit side first.

Three of these four signals can be cited verbatim in a board pre-read. The fourth, the NACD self-assessment, explains why the others go unanswered. Boards know they are exposed and are openly asking for help.

Section 03

Four artifacts decide whether an AI program is auditable.

The certification model is intentionally narrow. It does not require a new platform, a new framework, or a new committee. It requires four artifacts the Audit Committee can read in a sitting and external reviewers can sample on their own schedule. Each is aligned to NIST AI RMF^[5] and ISO/IEC 42001^[6] by design.

A note on language: in this brief, "certification" means a documented evidence-readiness process and an Audit Committee-facing evidence pack. It is not accredited ISO/IEC 42001 certification, legal advice, or an independent assurance opinion.

1. Model and data register.

Every AI use case, model, dataset, vendor, owner, decision impact, and exit criterion in one signed register. The register names a human owner, not a team. The register lists the decision the model influences in plain English. The register names the date the model can be retired and what would have to be true to retire it earlier. The register is reviewed quarterly and the Audit Committee receives a one-page diff. Aligned to the NIST AI RMF GOVERN function and ISO/IEC 42001 planning and operational-control requirements.

2. Release-of-funds gates.

Funding, deployment, and exception approval are tied to documented readiness thresholds, not opinions. A release does not move because a vendor demo went well. It moves because a defined set of evidence is in the file. Evidence categories include security review, data lineage, fairness testing where applicable, human review points, rollback plan, monitoring plan, and named owner for each. Aligned to the NIST AI RMF MANAGE function.

3. Decision and exception log.

Every approval, override, retrain, and incident is captured as a record a regulator can read in plain English. Each exception has an owner, a scope, and an expiration date. The log is the single source of truth when the question lands. A program with no exception log effectively says "we approved everything by default" when read by an external reviewer.

4. Board-ready brief.

A short document, on the order of 10 to 12 pages, that the Audit Chair can hand to a regulator, plaintiff, or external auditor without translation. The brief is not a tour of the model. It is the four artifacts above, with names, dates, owners, and a short narrative of how they fit together. If the Audit Chair cannot read it cold and follow it, the brief is not finished.

Section 04

An uncertified AI program leaks evidence at five places.

When the four artifacts are absent, the gaps cluster in predictable places. The categories below are aligned to NIST AI RMF^[5], ISO/IEC 42001^[6], and ISACA's Auditing Artificial Intelligence guidance^[7]. They are the categories an internal auditor will sample first and the ones an external reviewer will ask about by name.

Gap	What is missing	What an auditor will say	Reference
Inventory	Models, datasets, vendors, and decisions with no named human owner.	"Who do I cite in the workpaper?"	NIST AI RMF GOVERN function; ISO/IEC 42001 planning requirements
Release	Deployments approved on a Slack thread or vendor demo, with no readiness gate.	"What was the approval evidence?"	NIST AI RMF MANAGE function
Exceptions	Open-ended waivers that never expire.	"This is a permanent risk acceptance with no rollup."	ISO/IEC 42001 operational-control requirements
Procurement	Vendor contracts moving without an AI-specific diligence pack.	"What did you actually evaluate?"	ISACA AI audit guidance
Reporting	No short document an Audit Chair can read cold and follow.	"Where is the brief I can hand to the reviewer?"	Board reporting and internal control documentation

Gaps compound. A single uncertified model produces a paper trail. Forty produce noise no committee can defend. The engagement is designed to close the five gaps where possible, bound the remainder, or convert them into owned remediation plans within 90 days.

Section 05

What changes when the program is certified.

The right column below is what the engagement leaves behind. Each row is something an Audit Committee, Risk Committee, or external reviewer can ask about by name and receive a documented answer for without reconstructing the decision trail from scratch.

Dimension	Uncertified program	Certified program	Audit posture
Model inventory	Unknown count, scattered owners.	Signed register with owners, exits, and approvals.	Defensible.
Vendor diligence	Procurement template with an AI sticker.	AI-specific evidence pack and exit clause.	Reviewable.
Release decision	Verbal sign-off in a Slack channel.	Documented gate tied to readiness thresholds.	Auditable.
Exception handling	Open-ended waivers, no expiry.	Time-bound, owned, and rolled up to the committee.	Bounded.
Incident response	Blame, then silence.	External lesson release and internal controls package.	Credible.
Board reporting	Vendor slides, dashboards no one signs.	10 to 12 page brief signed by the program owner.	Plain English.

Section 06

From exposure to evidence pack, in three phases.

The certification motion is 90 calendar days. The clock starts at the kickoff with the Audit Committee or its delegate. A senior cross-functional team enters the program, exposes what is missing, remediates the gaps, and leaves the committee with a record designed for external review.

Days 1-15: Expose

Inventory models, datasets, vendors, decisions, owners, and contracts already in flight. Identify the gates that do not yet exist. Produce a written gap map the Audit Committee can read in 20 minutes.

Days 16-60: Remediate

Stand up the register, release gates, vendor diligence pack, exception log, and incident ritual. Convert the relevant policies into executable rules. Train staff on the new cadence so it survives the consultants leaving.

Days 61-90: Certify

Hand the Audit Committee a signed brief, evidence pack, and operating cadence. Walk the committee through it on a single call. Leave the organization with a repeatable internal cadence and reduced external dependency.

Section 07

Eight artifacts. One audit-grade record.

Each item below is concrete, owned, and dated. None is a slide deck about a slide deck. Naming conventions and templates are aligned to NIST AI RMF and ISO/IEC 42001 so internal audit can sample any of them on its own schedule.

Signed model and data register. Every AI use case, model, dataset, vendor, owner, decision impact, and exit criterion in one document. Reviewed quarterly.
Release-of-funds gate definitions. Documented thresholds for funding, deployment, and exception approval. Each gate has named evidence categories and an owner.
Vendor diligence evidence pack. AI-specific procurement questions, expected evidence, exit clauses, and a scoring rubric. Used before the next contract signature.
Decision and exception log. Every approval, override, retrain, and incident captured as a plain English record. Each exception has an expiration date.
Policy-as-code rule set. Written governance translated into executable rules, dashboards, and exception workflows that engineering can run inside delivery.
Incident response ritual and runbook. A short, repeatable response sequence that separates facts from blame and produces an external lesson release plus an internal controls package.
Staff training artifacts and attestation. Role-specific training for engineering, legal, procurement, audit, and executive owners. Attestation captured in the register.
Audit Committee brief. A 10 to 12 page document the Audit Chair can hand to a regulator, plaintiff, or external auditor without translation.

Section 08

Certify before the next examination, not after the next incident.

The right moment to start is a quarter before the question lands. The wrong moment is the morning the regulator, plaintiff, or external auditor arrives. If any of the four signals below are visible in the company today, the engagement reduces evidence-retrieval friction before the committee is asked to approve or defend an AI release.

Signals worth acting on

An external audit, ICFR, SOX, SOC 2, ISO 42001, or sector-specific exam will land in the next two quarters.
A material AI platform, agent, or data deal is moving without an AI-specific evidence pack.
A director has asked, in a meeting, who owns the model. The minute is in the record. The answer is not.
An AI-touched incident or near miss happened in the last 90 days and produced a Slack thread instead of a record.

What the certification leaves behind

Audit Chair receives a brief designed to hold up on first read and survive external review.
Risk Committee receives a register, log, and ritual that map directly to the company's risk appetite statement.
General Counsel receives a vendor diligence pack and disclosure language aligned with SEC and EU AI Act expectations.
Chief Audit Executive receives evidence the team can sample on its own schedule, without vendor cooperation.

The question is not whether the program will be examined. The question is whether the examination will arrive before the signed record is ready.

Section 09

Sources.

Every figure used in the hero strip and Section 02 is sourced. Hyperlinks resolve to the canonical source. The slide deck reproduces a condensed version of this list on its own Sources slide.

1. MIT Project NANDA, "The GenAI Divide: State of AI in Business 2025," preliminary findings.

The 95% finding for GenAI pilots producing zero measurable P&L impact. Direct PDF: State of AI in Business 2025. Project home: nanda.media.mit.edu.

2. European Union AI Act, Regulation (EU) 2024/1689, Article 99.

Maximum administrative fines for prohibited AI uses, high-risk AI noncompliance, and supply of incorrect information. eur-lex.europa.eu

3. U.S. Securities and Exchange Commission, Press Release 2024-36, March 18 2024.

"SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence." sec.gov/newsroom/press-releases/2024-36

4. National Association of Corporate Directors, survey release plus NACD board-oversight resources on technology and AI.

Persistent director concern about board readiness for AI oversight. Survey release: prnewswire.com. Additional NACD AI oversight materials: nacdonline.org.

5. NIST AI Risk Management Framework, AI RMF 1.0 plus Generative AI Profile (NIST AI 600-1).

Reference baseline for the certification artifacts and the gate language in Section 03. nist.gov/itl/ai-risk-management-framework

6. ISO/IEC 42001:2023.

AI management system standard. Inventory and exception requirements aligned to the certification model in Section 03. iso.org/standard/81230.html

7. ISACA, "Auditing Artificial Intelligence" white paper.

Audit baselines used to align the gap categories in Section 04. isaca.org/resources/white-papers/auditing-artificial-intelligence.

Nobody on the committee wants to slow innovation. Nobody wants approval to outpace evidence. Certifying the program is the path between those two sentences.

Certifying Your Data and AI Programs: A Brief for Audit Committees