Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

How frontier AI companies could implement an internal audit function

Francesca Gomez, Adam Buick, Leah Ferentinos, Haelee Kim, Elley Lee

TL;DR

Frontier AI firms face catastrophic systemic risks that external evaluations alone cannot assure. The paper proposes an internal audit design space across four dimensions—scope (model-, system-, governance-level), sourcing (in-house, co-sourced, outsourced), frequency (annual, periodic, ad hoc, continuous), and information access (structural, procedural, operational, technical)—grounded in risk-based internal auditing principles. It analyzes trade-offs and provides concrete configurations, emphasizing secure, tiered, and potentially continuous assurance to strengthen governance and board/regulator confidence under evolving frontier risks. The work also ties into the EU General-Purpose AI Code of Practice Commitment 8, offering a roadmap for integrating internal assurance into frontier AI governance and highlighting areas for further research, such as hybrid sourcing and automated evidence collection.

Abstract

Frontier AI developers operate at the intersection of rapid technical progress, extreme risk exposure, and growing regulatory scrutiny. While a range of external evaluations and safety frameworks have emerged, comparatively little attention has been paid to how internal organizational assurance should be structured to provide sustained, evidence-based oversight of catastrophic and systemic risks. This paper examines how an internal audit function could be designed to provide meaningful assurance for frontier AI developers, and the practical trade-offs that shape its effectiveness. Drawing on professional internal auditing standards, risk-based assurance theory, and emerging frontier-AI governance literature, we analyze four core design dimensions: (i) audit scope across model-level, system-level, and governance-level controls; (ii) sourcing arrangements (in-house, co-sourced, and outsourced); (iii) audit frequency and cadence; and (iv) access to sensitive information required for credible assurance. For each dimension, we define the relevant option space, assess benefits and limitations, and identify key organizational and security trade-offs. Our findings suggest that internal audit, if deliberately designed for the frontier AI context, can play a central role in strengthening safety governance, complementing external evaluations, and providing boards and regulators with higher-confidence, system-wide assurance over catastrophic risk controls.

How frontier AI companies could implement an internal audit function

TL;DR

Frontier AI firms face catastrophic systemic risks that external evaluations alone cannot assure. The paper proposes an internal audit design space across four dimensions—scope (model-, system-, governance-level), sourcing (in-house, co-sourced, outsourced), frequency (annual, periodic, ad hoc, continuous), and information access (structural, procedural, operational, technical)—grounded in risk-based internal auditing principles. It analyzes trade-offs and provides concrete configurations, emphasizing secure, tiered, and potentially continuous assurance to strengthen governance and board/regulator confidence under evolving frontier risks. The work also ties into the EU General-Purpose AI Code of Practice Commitment 8, offering a roadmap for integrating internal assurance into frontier AI governance and highlighting areas for further research, such as hybrid sourcing and automated evidence collection.

Abstract

Frontier AI developers operate at the intersection of rapid technical progress, extreme risk exposure, and growing regulatory scrutiny. While a range of external evaluations and safety frameworks have emerged, comparatively little attention has been paid to how internal organizational assurance should be structured to provide sustained, evidence-based oversight of catastrophic and systemic risks. This paper examines how an internal audit function could be designed to provide meaningful assurance for frontier AI developers, and the practical trade-offs that shape its effectiveness. Drawing on professional internal auditing standards, risk-based assurance theory, and emerging frontier-AI governance literature, we analyze four core design dimensions: (i) audit scope across model-level, system-level, and governance-level controls; (ii) sourcing arrangements (in-house, co-sourced, and outsourced); (iii) audit frequency and cadence; and (iv) access to sensitive information required for credible assurance. For each dimension, we define the relevant option space, assess benefits and limitations, and identify key organizational and security trade-offs. Our findings suggest that internal audit, if deliberately designed for the frontier AI context, can play a central role in strengthening safety governance, complementing external evaluations, and providing boards and regulators with higher-confidence, system-wide assurance over catastrophic risk controls.

Paper Structure

This paper contains 36 sections, 2 figures, 13 tables.

Table of Contents

  1. Introduction
  2. What risks should an internal audit function provide assurance about?
  3. Model-level audits
  4. System-level audits
  5. Governance-level audits.
  6. How should the internal audit function be sourced?
  7. In-house
  8. Co-sourcing
  9. Outsourcing
  10. How frequently should internal audits be conducted?
  11. Annual cycles
  12. Semi-annual or quarterly cycles
  13. Ad hoc reviews
  14. Continuous audit
  15. What information should internal auditors access?
  16. ...and 21 more sections

Figures (2)

  • Figure 1: Risk pathways for external misuse of cyber-offensive capabilities
  • Figure 2: Risk chain for Pathway 1