Artificial Intelligence (AI) is revolutionizing industries, yet its rapid evolution presents unprecedented challenges in governance, ethics, and security. Auditing Artificial Intelligence is an essential guide for IT auditors, information security experts, and risk management professionals seeking to understand, evaluate, and mitigate AI-related risks.
This book provides a structured framework for auditing AI systems, covering critical areas such as governance, compliance, algorithm transparency, ethical accountability, and system performance. With 24 insightful chapters, it explores topics including:
· AI Governance & Ethics Establishing frameworks to ensure fairness, accountability, and transparency in AI deployments.
· Risk Management & Compliance Addressing the legal and regulatory landscape, including GDPR, the EU AI Act, and ISO standards.
· Bias & Trustworthiness Evaluating AI decision-making to detect bias and ensure equitable outcomes.
· Security & Continuous Monitoring Safeguarding AI systems from adversarial attacks and ensuring operational consistency.
· Model Performance & Explainability Assessing AI outputs, refining accuracy, and ensuring alignment with business objectives.
Designed for professionals tasked with assessing AI systems, this book combines practical methodologies, industry standards, and real-world audit questions to help organizations build responsible and resilient AI practices and assess associated risks. Whether you are assessing AI governance, monitoring AI-driven risks, or ensuring compliance with emerging regulations, this handbook provides the guidance you need to navigate and assess the complexities of AI systems with confidence.
Stay ahead in your role and responsibility for assessing the rapidly evolving deployment and use of AI across the organization equip yourself with the knowledge and tools to ensure its responsible, safe, approved, secure, and ethical use.
Auditing Artificial Intelligence is an essential guide for IT auditors, information security experts, and risk management professionals seeking to understand, evaluate, and mitigate AI-related risks.
Part 1 AUDITING ARTIFICIAL INTELLIGENCE
Chapter 1 Artificial Intelligence: The Basics
Chapter 2 AI Algorithms
Chapter 3: Key Metrics for Generative AI
Chapter 4 AI KPIs
Part 2 AI GOVERNANCE AND OVERSIGHT
Chapter 5 AI Governance and Oversight
Chapter 6 Auditing AI Accountability
Chapter 7 Auditing The Trustworthiness of AI
Chapter 8 AI Systems Decision-Making: Auditing Fairness
Chapter 9 Auditing The Reliability of GEN-AI Tools
Chapter 10 Auditing the Ethics of AI
Chapter 11 Auditing the Process of Prompt Engineering
Part 3 AI RISK MANAGEMENT
Chapter 12 AI Risk Management
Chapter 13 Auditing AI Bias and Deception Risk
Chapter 14 Risk Assessment: Auditing AI Software vs Traditional Software
Part 4 AI REGULATORY AND COMPLIANCE
Chapter 15 Auditing The Status Of AI Compliance
Part 5 AUDITING AI SYSTEMS
Chapter 16 Auditing AI System Documentation and Reporting
Chapter 17 Reinforcement Learning Models and Reward Reports
Chapter 18 Code Analysis
Chapter 19 Change Management and AI Systems
Chapter 20 Safety and Security of AI Systems and Software
Chapter 21 Software Certification of AI Systems
Chapter 22 Auditing AI System Performance
Chapter 23 Auditing AI Systems: Continuous Monitoring
Chapter 24 Data Collection and Operational Consistency
Dr. Albert (Al) Marcella, Ph.D., CISA, CISM, President of Business Automation Consultants (BAC) LLC, is an internationally recognized public speaker, researcher, IT consultant, and workshop and seminar leader with 46 years of experience in IT audit, risk management, IT security, and assessing internal controls, having authored numerous articles and 30 books on various IT, audit, and security related subjects. Dr. Marcellas clients include organizations in financial services, IT, banking, petrol-chemical, transportation, services industry, public utilities, telecommunications, and departments of government and nonprofits.
Research conducted by Dr. Marcella on unmanned aircraft systems, cyber extortion, workplace violence, personal privacy, electronic stored information, privacy risk, cyber forensics, disaster and incident management planning, the Internet of Things, ethics, and astrophotography has been published in the ISACA Journal, Disaster Recovery Journal, Journal of Forensic & Investigative Accounting, EDPACS, ISSA Journal, Continuity Insights, Internal Auditor Magazine and the Astronomical Leagues Reflector Magazine.
Dr. Marcella, along with co-authors Madeline Parisi and Brian Moores four-book series From Streetsmart to Webwise®: A Cyber Safety Training Program Built for Teachers and Designed for Children, released in 2025 by Taylor & Francis Publishing, provides K-8 educators, parents, and educators globally, who nurture, guide, support, and ignite a passion for knowledge and learning in children of every educational background, with guidance and tools need to make student cyber-safety awareness practical, fun, and impactful.
Dr. Marcella holds a B.S. degree in Management, a B.S. degree in Information Technology Management, an MBA with a concentration in Finance, and a Ph.D. in Management/Information Technology Management. Dr. Marcella is a Certified Information Systems Auditor (CISA), a Certified Information Security Manager (CISM), and holds an ISACA Cybersecurity Certificate.
Dr. Marcella is the 2016 recipient of the Information Systems Security Associations Security Professional of the Year award and recipient of the Institute of Internal Auditors Leon R. Radde Educator of the Year 2000 award and has been recognized by the Institute of Internal Auditors as a Distinguished Adjunct Faculty Member. Dr. Marcella has taught IT audit seminar courses for the Institute of Internal Auditors (IIA) and the Information Systems Audit and Control Association (ISACA).
