What Audit Partners Are Seeing On AI And What It Means For Audit Committees

Public companies are moving forward with urgency to deploy AI systems, even as frameworks are still in development. Here’s what that means for audit committees.
Chart of audit committee challenges
CAQ

In a fast-paced financial reporting landscape, it can be difficult to determine current priorities and future-looking strategies. Insights from audit partners at leading firms can help audit committees identify challenges and understand trends among public companies, especially in emerging areas such as artificial intelligence.

Audit partners have a unique perspective on the U.S. business environment given their broad vantage point and engagements with various industries. The CAQ’s semi-annual Audit Partner Pulse Survey captures insights from audit partners on routine topics including U.S. economic health and timely issues such as investments in AI and governance structures.

The spring 2026 edition reveals consistent findings from fall 2025: Public companies are moving forward with urgency to deploy AI systems, even as frameworks are still in development. Here’s what that means for audit committees:

1. AI governance is the top challenge for audit committees today.

According to audit partners, AI governance tops the list of areas that present the biggest challenges for audit committees (57 percent), ahead of cybersecurity (51 percent) and finance transformation (36 percent). Cybersecurity has been a boardroom priority for years: In the 2025 Audit Committee Practices Report, a collaboration between the CAQ and Deloitte’s Center for Board Effectiveness, 50 percent of audit committees identified it as a top priority and 62 percent reported they have primary oversight responsibility. Fast forward to 2026, audit partners see AI governance outpacing cybersecurity as a source of committee-level challenge, indicating the urgency of governance-related issues. We’re looking forward to the next iteration of Audit Committee Practices Report in the next few months to compare data against the auditor’s experience.

Responses around governance maturity tell the same story. When respondents were asked to characterize the maturity of AI governance at their largest client, only 6 percent of audit partners described it as advanced, meaning formal frameworks, policies and oversight structures are fully in place. Another 46 percent described governance as an early stage—essentially reactive—and 40 percent said structures have been developed but remain incomplete or inconsistently applied. As boards are in the early stages of developing AI governance systems, audit committees can ensure the right guardrails are in place by asking management questions about accountability, data privacy, and other safeguards.

I outlined other AI governance considerations for audit committees as companies develop their own systems and processes.

2. Audit committees are proactively asking about AI use.

When asked which topics the audit committee had proactively raised over the past 12 months, two-thirds of audit partners pointed to the use of AI in company operations or financial reporting. That’s the most frequently cited topic by a wide margin, ahead of cybersecurity risks and controls (47 percent) and internal controls over financial reporting (33 percent).

This underscores an expansion of audit committee responsibilities beyond traditional financial reporting into emerging and complex risk areas. As topics including cybersecurity and sustainability became a growing focus for public companies, audit committees were increasingly called upon to provide oversight. A similar pattern is unfolding with AI as audit committees work to integrate oversight of AI-related risks and opportunities into their existing agendas.

Proactively raising questions about AI with the external audit firm is an important step in ensuring AI-assisted findings are reliable and trusted. Takeaways from a recent CAQ webinar can help audit committees enhance their oversight of AI.

3. The AI-related internal control challenges are real, not abstract.

It’s easy for AI risk conversations to remain at a high level, focused on broad themes such as ethics, bias or reputational exposure. What the survey surfaces is something more immediate: specific, operational control gaps that audit partners are observing right now in their client work.

When asked to identify the most significant challenges to AI-related internal control at their largest client, audit partners most frequently cited:

  • Insufficient in-house AI expertise and control capability (33 percent);
  • Data quality issues feeding into AI systems (27 percent);
  • Lack of AI governance frameworks and oversight structures (27 percent); and
  • Insufficient documentation of AI models, assumptions, and decision logic (26 percent).

I encourage audit committees to use this list in conversations with management. Ask directly whether these specific gaps exist at your organization, what controls are in place around the data feeding your AI systems, and whether your internal audit function has the expertise to assess it. The answers will tell you a lot about where your oversight priorities should be.

The audit committee’s role at this moment is to clarify, not just monitor.

The Spring 2026 Audit Partner Pulse Survey makes clear that AI is no longer a future-state conversation. AI is increasingly being embedded in operations, financial reporting, and the areas of judgment at the heart of audit committee oversight. The committees that engage now, before the gaps become problems, will be in a much stronger position as their organizations embed AI more deeply.

Read the full Spring 2026 Audit Partner Pulse Survey.

MORE LIKE THIS

Get the Corporate Board Member Newsletter

Timely analysis and practical perspective on the governance, risk and oversight issues shaping today’s board agendas.

UPCOMING EVENTS

AI Leadership Forum | East

Compensation Committee Peer Exchange

Boardroom Summit

Agentic AI Immersion | Chicago

Directors Forum