Internal auditors are expressing growing concerns about the potential misuse of artificial intelligence by cyber criminals to carry out more sophisticated and dangerous crimes. According to a recent study conducted by the Chartered Institute of Internal Auditors, 78% of chief internal auditors fear that AI will have a negative impact on cyber security and data security, while 58% believe it will escalate the occurrence of fraud.
The survey, which gathered insights from 985 chief internal auditors across Europe, highlighted the top five risks associated with AI. These include cyber security and data security at 78%, fraud, bribery, and criminal exploitation at 58%, digital disruption, new technology, and AI at 55%, human capital, diversity, talent management, and retention at 48%, and communications, reputation, and stakeholder relationships at 41%.
In light of these concerns, the research suggests that organizations should leverage the skills and expertise of their internal auditors to ensure effective management of AI-related risks. Independent internal assurances should be sought to verify the efficiency of controls used to mitigate these risks. In cases where controls are deemed inadequate, internal audit can provide recommendations for corrective actions to bolster business resilience and performance.
Anne Kiem, the chief executive of the Chartered Institute of Internal Auditors, emphasized the importance of remaining vigilant in the face of evolving AI technology. She stated that the awareness shown by Chief Internal Auditors regarding the threats posed by AI should provide reassurance to organizations that prioritize risk control and mitigation. Internal auditors play a crucial role in safeguarding against potential risks and enhancing overall operational performance.
The study conducted by the Chartered IIA was part of its annual “Risk in Focus” report and was carried out between March and April 2024. The research involved a quantitative survey of chief internal auditors from 20 European countries, including Albania, Armenia, Austria, Belgium, Bulgaria, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, The Netherlands, Norway, Poland, Portugal, Spain, Sweden, Switzerland, and the UK.
The complete findings of the “Risk in Focus 2025” report, which delves into the business risks associated with AI, are set to be released in September 2024. As organizations navigate the complexities of AI integration, the insights provided by internal auditors are poised to play a critical role in safeguarding against potential threats and vulnerabilities.
For further reading on the implications of AI in cyber crime prevention, refer to the Editor’s Comment on cirmagazine.com. Artificial intelligence continues to shape various aspects of our lives, and understanding its impact on risk management and security remains paramount in today’s digital landscape.