Glossary term
Glossary term
Governance and Compliance
The confidence stakeholders have that AI is governed and operated appropriately based on objective evidence. Assurance can come from internal controls, independent reviews, certifications, audits, or external attestations. A mature assurance approach uses multiple layers including continuous monitoring, internal audit, independent validation, third-party assessments, and regulatory engagement.
Big Four firms Deloitte, PwC, EY, and KPMG offer AI assurance services aligned to ISO 42001, NIST AI RMF, and the EU AI Act.
The IAASB published an exposure draft of ISAE 5000 General Requirements for Sustainability Assurance in 2024, with parallel efforts emerging for AI assurance.
Singapore's IMDA AI Verify Foundation provides an open-source testing framework supporting AI assurance for enterprises in 12 countries.