News & Blogs

MCPs: An Auditor's Friend or Foe in the Age of AI?

Global · · linkedin.com

Model Context Protocols (MCPs) are emerging as a new form of API, enabling AI assistants to interact with various systems. This article explores the dual nature of MCPs for internal auditors, highlighting their potential to enhance audit efficiency while also introducing new control surfaces and risks that demand immediate attention and proactive auditing.


Understanding Model Context Protocols (MCPs)

Model Context Protocols (MCPs) are essentially structured interfaces that allow AI assistants to communicate with diverse organizational systems, such as databases, CRMs, and ticketing tools. They define the parameters for AI requests, responses, and authorization, functioning much like traditional APIs but tailored for AI consumption. This framing is crucial for internal audit professionals, as it implies that while the technology is new, many of the underlying control concerns—authentication, authorization, logging, data minimization, and change management—are familiar territory. The challenge lies in the rapid adoption and often unmanaged deployment of these protocols across organizations.

The Auditor's Ally: How MCPs Can Enhance Audit Functions

MCPs offer significant opportunities to streamline and improve internal audit processes. By enabling conversational evidence gathering, auditors can directly query systems for data, drastically reducing the time spent on population extracts and manual data collection. This can shorten walkthroughs, sample selection, and exception testing. Furthermore, MCPs can lower the barrier to entry for data analytics, allowing auditors to run sophisticated queries with built-in guardrails without needing specialized data science expertise. The potential for AI to draft workpaper narratives and timestamp evidence extractions also promises a richer, more automated audit trail, freeing up auditors to focus on analysis rather than administrative tasks.

The Auditor's Adversary: Unaddressed Risks and Control Gaps

Despite their benefits, MCPs introduce several critical control challenges that internal audit must address. Key concerns include the lack of a comprehensive inventory of MCP connections, making it difficult to track who has deployed them and against which systems. Permission management is another significant risk, as MCP servers often operate under service identities with broad entitlements, potentially granting unauthorized access to a wider user base through AI clients. Data egress is a major concern when external AI hosts interact with internal MCPs, raising questions about data classification and the effectiveness of controls preventing sensitive information leakage. Additionally, traditional SIEMs may not capture MCP traffic, creating blind spots for security monitoring. Finally, the ownership of MCP-related risks often remains ambiguous, leading to persistent control gaps.

A Proactive Approach for Internal Audit

Internal audit must adopt a dual strategy: actively utilizing MCPs within the audit function while simultaneously auditing their implementation across the organization. By piloting MCP-enabled workflows, audit teams can gain firsthand experience and develop a deeper understanding of the technology, enabling them to conduct more effective risk assessments. Concurrently, MCP inventory, ownership, permissions, logging, and data flow should become permanent line items in technology audit plans, similar to API governance. This proactive engagement is essential to ensure that MCPs are treated as in-scope technologies, preventing them from becoming unmanaged control surfaces that pose significant risks to the organization.


Read more
Comments

No comments yet. Be the first.


Sign in to join the discussion.

Sign in or Create account
Subscribe

By email

Get audit & assurance news in your inbox.


By feed reader

We publish RSS, Atom, and JSON feeds sliced by category and region.

View all feeds →

Have a tip? Submit a story or job →

Subscribe by email

Get audit & assurance news in your inbox. Or use a feed reader — view all feeds →