Using AI for audit techniques
Relevance
- GS 3: Science and Technology- Developments and their Applications and Effects in Everyday Life.
- Tags: #AI #CAG #UPSC #Audit #TheHinduEditorial #CurrentAffairs.
Why in the News?
The Comptroller and Auditor General of India (CAG), Girish Chandra Murmu, has raised concerns about the growing reliance on Artificial Intelligence (AI) in auditing processes, emphasizing the need for ethical considerations and transparency.
CAG’s Warning on AI in Auditing
Girish Chandra Murmu, CAG of India, also chair of G20 SAIs(Supreme Audit Institutions of the G20), cautions against over-reliance on AI in audits, citing potential inaccuracies.
- Emphasizes ethics as crucial for responsible AI, especially in auditing.
- Transparency, objectivity, fairness, and bias avoidance are key challenges in utilizing AI for audits.
Ethical Foundation for Trustworthy AI
Ethics and inclusivity are essential for responsible AI.
- The CAG audit can only become more credible, trustworthy, and widespread with ethical AI.
- Data sets must be comprehensive, timely, accurate, readily accessible, and relevant.
- If the data areas’ integrity is not guaranteed, our audit results will be unreliable.
- The possibility of inherent AI bias must be carefully considered by the AI auditor if data are obtained from unreliable sources, such as social media, where data fabrication and manipulation are frequent.
India Needs AI Regulation
EU AI Act as a Benchmark
- In June, the European Parliament set a global precedent by approving the EU AI Act.
- This groundbreaking legislation places generative AI tools like ChatGPT under stricter regulations.
- Developers are now required to undergo system reviews and approvals before commercial release.
- The Act also bans real-time biometric surveillance in public settings and “social scoring”
Challenges in Data Accuracy and Copyright
- AI-generated content poses challenges in ensuring data accuracy and respecting intellectual property rights, potentially leading to copyright infringements.
- Addressing these legal implications regarding content ownership is a complex task.
Addressing Bias and Ethical Concerns
- AI bias, rooted in human bias present in machine learning datasets, remains a significant risk.
- Elon Musk’s vision of ‘Truth GPT,’ a “maximum truth-seeking AI,” aims to tackle these issues.
- Achieving a harmonious balance between technological progress and ethical considerations presents significant challenges.
The Need for Multifaceted Regulation
- UK Prime Minister Rishi Sunak’s aspiration to make the UK a hub for AI safety regulation underscores the importance of comprehensive AI oversight.
- It’s time for India to follow the EU’s lead and enact appropriate legislation to regulate AI systems effectively.
Challenges in Auditing AI Systems
AI Regulation and Data Standardization
Auditing AI systems presents the Comptroller and Auditor General (CAG) with numerous challenges.
- First and foremost, there’s a pressing need for AI regulation and data standardization.
- The government collects data from various sources and stores it on divergent platforms, making audits complex and risky.
- Unauthorized data sources cannot be relied upon, and integrating and cross-referencing data becomes arduous.
- Synchronizing data platforms across government entities through IT policies is essential.
Digitalization Efforts
- To address these challenges, the One Indian Audit and Accounts Department One System initiative is set to launch a web-enabled IT application in April 2023.
- This platform will support multiple languages, offline functionality, and a mobile app, facilitating the complete digitalization of the audit process.
- However, certain exceptions, like defense audits due to security concerns, must be considered.
International Audit Framework
- The SAI G20 conference emphasized the need for a common international audit framework for AI.
- Presently, auditors must adapt existing IT frameworks and regulations since there are limited precedents for AI use.
- Effective communication with stakeholders is crucial, and the auditor must assess existing AI definitions and taxonomies for legal compliance.
AI Design and Architecture
- Given the vast diversity among AI systems and solutions, auditors must select an appropriate AI design and architecture.
- Defining the audit’s objectives, scope, approach, criteria, and methodology in the context of AI is essential.
Capacity Building and Collaboration
- Auditors must undergo capacity building to understand the AI technology landscape, including frameworks, tools, and software.
- Since explicit AI auditing guidance is lacking, the focus should be on ethics, transparent data sources, legal compliance, and IT controls and governance.
- Collaboration with data experts, including data scientists, engineers, architects, programmers, and AI specialists, may be necessary for AI audit assignments.
Risks and Controls
- AI audits must also consider domain-specific risks such as big data, machine learning, and cybersecurity.
- These should be documented in a risk and control matrix.
- Additionally, outsourcing AI to third parties, particularly through cloud computing, introduces infrastructure control risks that need attention.
Compliance Issues in AI Auditing
- Multiple AI Auditing Frameworks: Global organizations have established various AI auditing frameworks, including COBIT, US Government Accountability Office, COSO ERM, and the U.K.’s Information Commissioner’s Office (ICO) framework.
- Data Protection Impact Assessments (DPIAs): Organizations utilizing AI systems processing personal data must conduct DPIAs as a legal requirement. This is crucial for identifying and mitigating potential risks associated with personal data processing.
- Security Assurance: AI auditors play a vital role in ensuring that personal data is processed securely, maintaining appropriate levels of security throughout the AI system’s lifecycle.
- Limited AI Auditing Frameworks: Due to the scarcity of comprehensive AI auditing frameworks, auditors focus on evaluating existing risk mitigation, control mechanisms, and governance structures for effectiveness.
The increasing reliance on Artificial Intelligence (AI) in auditing presents both opportunities and challenges. The Comptroller and Auditor General of India (CAG) rightly emphasize the need for responsible and ethical AI practices to ensure accurate audit findings. The development of AI regulations, data standardization, and international audit frameworks is imperative. Auditors must adapt to the evolving AI landscape, prioritize ethics, address legal concerns, and collaborate with AI specialists.
Comptroller and Auditor General (CAG) of India ·CAG is a constitutional authority established under Article 148 of the Indian Constitution. · Function: CAG’s primary function is to audit and report on the government’s financial transactions, ensuring transparency, accountability, and compliance with laws and regulations. · Audit Independence: CAG operates independently and submits reports to the President and Governors, who then present them in Parliament and State Legislatures. · Types of Audits: CAG conducts financial audits, compliance audits, and performance audits of government entities at various levels. · CAG plays a crucial role in upholding fiscal discipline and promoting good governance in India. |
Source: The Hindu
Mains Question
What are the challenges faced by the Comptroller and Auditor General of India (CAG) in auditing AI systems, and how can they be addressed through regulation and standardization?