New COSO guide aims to help organizations align risk management with AI initiatives
- Published: Friday, 17 September 2021 07:38
Recognizing the accelerating need to identify and manage the risks of artificial intelligence effectively, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with Deloitte, has issued guidance to help organizations align risk management with AI initiatives.
‘Realize the Full Potential of Artificial Intelligence’ leverages the principles from COSO’s 'Enterprise Risk Management (ERM) – Integrating with Strategy and Performance Framework' and focuses on the need for organizations to design and implement governance, risk management, and oversight strategies and structures to realize the potential of humans collaborating with AI.
“AI-related risks need to be top of mind and a key priority for organizations to adopt and scale AI applications and to fully realize the potential of AI,” said Paul Sobel, COSO Chairman. “Applying ERM principles to AI initiatives can help organizations improve governance of AI, manage risks, and drive performance to maximize achievement of strategic goals.”
“Although AI seems like a panacea for business transformation, similar to any strategy or business objective, there are risks associated with adopting and deploying AI that could result in serious damage to an organization’s reputation and brand, trust, and even regulatory fines and lawsuits,” said Brian Cassidy, US Audit & Assurance Artificial Intelligence/Algorithms Leader and Partner, Deloitte & Touche LLP.
Risk management for artificial intelligence initiatives
By understanding AI-related risks, the organization may be better equipped to deliver return on investment and meet stakeholder expectations. Furthermore, by implementing ERM, organizations can refine and adapt their innovation initiatives to support their strategies in a rapidly changing business environment.
AI solutions need to be trusted, tried, and true, according to the guidance.
- Trusted – because ERM is transparent by nature and it helps keep an organization abreast of its risks and opportunities.
- Tried – in that models are continually tested and vetted to verify they are operating as intended. And
- True – governance, risk management, testing, and monitoring regimes help models to operate in ways that reflect the organization’s values and protect its reputation.
“The call to action is for organizations to use the COSO ERM Framework, informed by AI-specific considerations, to help establish and promote trust in AI,” added Cassidy.
Read the guidance (PDF).