5 Summary and conclusions

Public sector entities are developing and implementing AI systems in public services, aiming to improve service quality and reduce costs. However, this new technology comes with new challenges. SAIs must be equipped to assess and audit AI systems effectively. Several countries have already started pilot projects or conducted first audits of AI systems within the public sector. This paper aims to help the international audit community by outlining guidance and good practices for auditing AI systems.

Structured into six audit areas focusing on project management and governance, data, system development, evaluation before deployment, deployment and change management, and ongoing management of AI systems in production, the audit catalogue guides auditors through a typical AI development process. The auditing techniques described here were applied in audits by the MoU members to assess the utility and trustworthiness of ML applications, as well as the efficiency and effectiveness of the implementation and operation of such applications.

AI is used in a large variety of sectors, with different risks applying to different applications. The field of AI is still evolving, legislation is continuing to emerge and corresponding regulatory and oversight bodies are being established. This audit catalogue reflects the AI audit standard in the authoring SAIs at the time of writing.66 It may be updated with more audit experience and the results of new research where appropriate.

This paper is accompanied by an AI audit helper tool that enables auditors to choose from a host of questions and create a tailor-made questionnaire that is suitable for their specific audit. The audit helper tool provides recommendations for suitable audit questions as well as suggestions for which interview subjects might be suitable to answer these questions, and what audit evidence should be provided.

  1. Last update: December 2025.↩︎