AI inventory audit
Audits whether all AI systems and use cases are inventoried, risk-rated, and owned.
AI governance maturity assessment
Evaluates AI strategy, policies, board oversight, roles, and accountability.
AI model development lifecycle audit
Tests design, development, validation, deployment, and change-management controls.
Model risk management audit
Reviews validation, monitoring, limitations, challenger models, and independent review.
Bias and fairness testing
Tests AI outcomes for disparate impact, proxy variables, and unfair bias.
Model drift monitoring audit
Checks whether performance, input drift, and concept drift are monitored and escalated.
Prompt and output logging audit
Reviews logging, retention, and traceability of GenAI prompts, context, and outputs.
Human-in-the-loop control testing
Tests whether required human review occurs before high-impact decisions.
AI incident response audit
Tests AI incident detection, escalation, kill switch, rollback, and remediation.
Third-party AI vendor assurance
Reviews AI vendor data use, subcontractors, security, model updates, and audit rights.
AI data lineage audit
Traces training, fine-tuning, retrieval, and inference data sources.
AI security red-team review
Tests prompt injection, data leakage, model extraction, and jailbreak resistance.
GenAI hallucination control testing
Tests controls that detect and reduce unsupported or inaccurate generated content.
AI explainability assessment
Evaluates whether model explanations are meaningful for users, auditors, and regulators.
AI access-control audit
Checks who can use AI tools, upload data, access outputs, and change models.
AI regulatory readiness assessment
Maps AI controls to NIST, ISO, EU AI Act, sector guidance, and internal policy.
AI-enabled product assurance report
Provides independent assurance over AI product governance and operating controls.
SOC-style AI control reporting
Extends SOC reporting concepts to AI governance, risk, security, and monitoring.
Responsible AI policy compliance audit
Tests business-unit compliance with responsible AI policy and standards.
AI portfolio risk heatmap
Aggregates AI use cases by data sensitivity, autonomy, decision impact, and vendor risk.
AI training data rights review
Checks rights to use data for training, fine-tuning, retrieval, and evaluation.
AI output quality benchmarking
Measures AI output accuracy, consistency, toxicity, refusals, and task success.
Agentic AI workflow control review
Tests tool permissions, handoffs, approvals, and recovery controls for AI agents.
AI audit trail reconstruction
Reconstructs AI decisions from logs, prompts, data, model version, and human overrides.