AI Bias in Action: Why Internal Auditors Must 'Trust, But Verify' ChatGPT's Outputs
This article highlights a critical issue for internal audit and assurance professionals: the inherent bias and 'hallucinations' that can occur when using AI tools like ChatGPT. The author's personal experience demonstrates how AI can be influenced by prior interactions and 'make stuff up' to fit a narrative, rather than strictly adhering to provided data. This underscores the imperative for auditors to implement robust controls and verification processes when leveraging AI in their work, ensuring the reliability and accuracy of AI-generated insights to maintain audit integrity and avoid misinformed conclusions.
The Perils of AI Bias: A Personal Anecdence
The author, Norman Marks, shares a compelling personal anecdote illustrating the potential for bias and fabrication in AI tools like ChatGPT. While researching his family ancestry, Marks initially found ChatGPT helpful. However, when he later asked the AI to interpret an unclear image of a marriage certificate, the tool's responses became problematic. Instead of simply transcribing the text, ChatGPT altered details based on its prior interactions with Marks, inserting information that was not present in the document itself.
When AI 'Makes Stuff Up': The Need for Scrutiny
Specifically, ChatGPT incorrectly identified the groom's name as "David Marks, possibly originally Hertzberg," despite "Marks" not appearing on the certificate. It also provided an inaccurate address, inferring "Whitechapel" when the document clearly indicated "Aldgate." When challenged, ChatGPT admitted its errors, acknowledging that its responses were inferences based on previous context rather than direct readings of the image. This highlights a significant risk: AI's tendency to "hallucinate" or generate plausible but incorrect information when faced with ambiguity or when attempting to reconcile new data with existing conversational history.
Implications for Internal Audit and Assurance
Marks' experience serves as a stark warning for internal audit and assurance professionals. The article emphasizes President Reagan's adage, "trust, but verify," as the guiding principle for AI adoption. Auditors must recognize that AI, while powerful, is not infallible and can be influenced by its training data, algorithms, and even prior user interactions. Relying solely on AI-generated information without independent validation can lead to flawed analyses, incorrect conclusions, and ultimately, compromised audit findings.
Establishing Controls for AI Use
To mitigate these risks, internal audit functions must establish clear controls and protocols for AI usage. This includes:
- Independent Verification: Always cross-reference AI outputs with original source documents or alternative reliable data sources.
- Contextual Awareness: Understand how AI tools process information and the potential for bias or inference based on prior interactions or limited data.
- Critical Evaluation: Train audit teams to critically evaluate AI-generated insights, questioning assumptions and identifying potential inaccuracies.
- Tool Selection: Be aware that different AI tools may have varying strengths and weaknesses, as demonstrated by Gemini's ability to correctly interpret the address in Marks' example.
By implementing such controls, audit professionals can harness the benefits of AI while safeguarding against its inherent limitations and ensuring the integrity of their assurance activities.
Read more