The Future of AI Governance: Internal Audit’s Strategic Role

In Partnership with The Institute of Internal Auditors (IIA)

Top AI Governance Strategies for Internal Auditors in 2025: Collaboration with IIA

In Partnership with The Institute of Internal Auditors (IIA)

As artificial intelligence becomes embedded across core business systems, the role of internal audit is expanding from compliance monitoring to AI governance leadership. In partnership with The IIA, DataSnipper proudly sponsored the Global Best Practices article, “The Catalyst for Strong AI Governance,” and contributed expert insights.

Below are the top takeaways from the IIA article and also a podcast episode conversation with Vidya Peters, CEO of DataSnipper and Mike Levy, CEO of Cherry Hill Advisory.

5 AI governance strategies internal auditors should lead

1. Embed internal audit into AI design and deployment

Internal auditors must move upstream—actively participating in the design and rollout of AI systems, particularly high-risk or customer-facing models. Their early involvement ensures that control mechanisms are not reactive but integrated from the start.

2. Build a living inventory of AI systems and models

A comprehensive and continually updated inventory of AI systems, including third-party tools and embedded models, is essential for audit planning, regulatory compliance, and monitoring vendor risk. It also enables auditors to identify high-impact use cases that require deeper assurance.

3. Audit AI governance structures and decision rights

Governance responsibilities are often distributed across legal, IT, risk, compliance, and business units. Internal auditors are uniquely positioned to assess whether roles, escalation paths, and decision rights are clearly defined, documented, and operational.

4. Ensure explainability, evidence, and control integrity

AI systems must produce outputs that are transparent, traceable, and understandable. Internal audit plays a key role in questioning model explainability, data integrity, and whether AI-generated outputs are supported by evidence—not just assumptions. At DataSnipper, this is a core design philosophy behind our audit automation tools.

5. Equip internal audit with AI tools and enable cross functional collaboration

To deliver value in AI oversight, internal auditors must be equipped with advanced tools for anomaly detection, control testing, and documentation analysis. Just as important is fostering collaboration with IT, legal, and security teams to bridge the growing gap between enterprise AI usage and governance frameworks.

Listen to the podcast for more in-depth conversation between Vidya Peters, CEO of DataSnipper and Mike Levy, CEO of Cherry Hill Advisory.

Why AI governance matters now for internal audit

The stakes are high. AI introduces not only unprecedented opportunities but also new ethical, regulatory, and reputational risks. As AI adoption accelerates, internal auditors are being called to step forward—not just to review policies, but to help shape them. By leading AI governance efforts, auditors safeguard both innovation and integrity.

Explore the full conversation

This article offers only a snapshot of the strategic insights shared in our collaboration with The IIA. For a deeper dive into frameworks, tools, and leadership guidance, read the full article.