A recent survey has found that only a small minority of audit executives report generative AI use in their own departments, but that proportion is set to rise significantly in the future.
According to a recent report from research firm
Of those who either are already using generative AI or plan to in the future, the primary stated use case was "Finding themes or patterns in large volumes of text," which was named by 65% of respondents. The second most frequently cited use case was in detecting anomalies or instances of non-compliance at 52%. Coming in third was drafting audit programs, with 50%. Meanwhile, 47% said they use it to summarize documents and 45% said they use it to draft audit reports. The least common use cases were writing code (18%), sentiment analysis and reviewing/correcting code (both 15%), scheduling meetings (11%) and, finally, determining audit ratings (8%).
"Departments that use the tool for audit writing support can improve auditor productivity by redirecting their time and attention toward high-value thoughtwork and analysis while streamlining the writing process. Audit departments that use the technology to support audit activities involving more confidential information (such as detecting anomalies or instances of noncompliance or drafting audit reports) should first determine how audit will protect information privacy. That includes selecting the safest and most feasible gen AI model for their intended use cases," said the report.
However, almost two-fifths of respondents, 39%, said they do not use generative AI and moreover have no plans to do so in the future. Gartner said those who are hesitating on AI (including those who have not yet adopted generative AI but plan to) are likely waiting for developments in their organization's policy on gen AI use, evaluating which model is most cost-effective and relevant for their audit needs, and establishing a proper governance structure to protect the department's data and privacy.
Gartner also found that, for those who are pursuing an AI path, very few are working to develop their own models (just 8%), and Gartner estimated that this proportion will shrink even more over time, as the resources required to code such models effectively are beyond most companies' capacities. Meanwhile, 18% say they use public online tools while 20% say their models are hosted in on-premises servers while using third-party software. The most common approach, however, was secure cloud-based models from trusted third parties, at 55%.
"Audit departments using less secure models, such as public online tools, can still benefit by using the tool to support nonproprietary audit activities such as streamlining emails or summarizing nonproprietary audit notes. Audit departments with access to more secure third-party models or in-house options have a broader range of gen AI audit use-case options, including audit report writing or summarizing large volumes of audit text that may contain more sensitive information," said the Gartner report.