Enterprise AI governance gaps in emerging economies: Practical insights for IT auditors

Business model and operational transformation are happening at a fast pace in emerging economies, with companies leveraging technologies such as Artificial Intelligence (AI) to make these transformations even faster, but with no established governance and control processes to address the risks associated with it. This paper explores some of the opportunities for organizations to enhance AI governance in settings with inequitable access to digital infrastructure, a constantly changing regulatory landscape, data quality issues, and a shortage of specialists. The study is based on information from the OECD and World Bank reports, the Artificial Intelligence Auditing Framework recently developed by The Institute of Internal Auditors, and the literature from recent academic and practitioner sources. The analysis uncovered seven governance gaps that are likely to recur: strategic accountability, policy and governance control design, data governance, transparency and explainability, third-party governance, skills and audit readiness, and continuous monitoring. To address these challenges, the paper proposes a three-layer model of assurance with AI, linking governance, management, and assurance responsibilities. It also creates a governance lifecycle approach that aligns governance gaps with assurance processes. The results offer valuable insights for IT auditors aiming to facilitate trustworthy, accountable, and sustainable enterprise AI usage.