Achieving Effective Internal Control Over Generative AI: COSO’s New Guidance for CPAs

Generative AI (GenAI) has moved rapidly from experimentation to everyday use across finance, audit, tax, and controllership functions, often faster than governance structures were prepared to manage it. COSO’s publication, “Achieving Effective Internal Control Over Generative AI (GenAI)”, provides CPAs with a practical roadmap for bringing this powerful, but potentially risky, technology under the familiar structure of the COSO Internal Control—Integrated Framework. The publication is available at: bit.ly/4s8E5H2.

Rather than creating a new framework, COSO builds directly on:

1. The five existing components:
   • Control Environment
   • Risk Assessment
   • Control Activities
   • Information and Communication
   • Monitoring Activities
2. The 17 principles practitioners already use.

The message is clear: GenAI does not change what effective internal control requires, but it significantly changes the environment in which those controls operate.

Why GenAI Requires Fresh Thinking

COSO highlights several characteristics that make GenAI unique from a control perspective. GenAI systems are probabilistic, dynamic, highly scalable, and easy for business users to adopt, often outside traditional IT governance channels.

However, the guidance identifies several key GenAI-specific risks CPAs should anticipate:

• Data quality and Provenance
• Hallucinations and Model Drift
• Explainability Challenges
• Security and Privacy Risks (including prompt injection and data leakage)
• Bias and Fairness
• Third-party/vendor risk
• Governance over configuration and use.

These risks span financial reporting, compliance, and operations, and often first appear through “shadow AI” experimentation within business units.

Applying the COSO Components to GenAI

Within the Control Environment, COSO emphasizes tone, governance boundaries, and accountability. Recommended practices include GenAI Acceptable Use Policies, defined ownership for each AI capability, role-appropriate training for users and reviewers, and explicit accountability for misuse or negligent oversight. These measures help ensure that GenAI adoption aligns with ethical standards, regulatory expectations, and professional judgment.

For Risk Assessment, COSO stresses that every GenAI use case must begin with clearly defined objectives, boundaries, and success criteria. Organizations should evaluate whether GenAI is the appropriate solution compared to deterministic automation, then identify GenAI-specific risks such as bias, model drift, hallucinations, prompt injection, fraud schemes, and third-party changes. Fraud risk assessments should also consider emerging threats such as deepfakes, synthetic data, and agent-based automation.

Under Control Activities, COSO advises organizations to treat GenAI outputs as assertions requiring validation rather than facts to accept automatically. Controls may include defined human-in-the-loop review points, updated IT general controls recognizing GenAI models and configurations as governed assets, and documentation of prompts, model versions, configurations, and testing evidence. The guidance also introduces the concept of AI reliance within an internal control over financial reporting (ICFR) context, when management depends on AI outputs as evidence for control effectiveness, requiring evidence standards consistent with existing audit expectations.

Within Information and Communication, COSO stresses the importance of traceability. Processes should capture prompts, inputs, outputs, source references, model versions, configuration settings, and confidence scores, along with performance limitations that help users apply professional judgment. Clear communication of policies, incidents, configuration changes, and system limitations is essential internally, while external communication may be necessary when GenAI materially affects customers, partners, regulators, or investors.

For Monitoring Activities, COSO recommends combining ongoing performance metrics—such as accuracy, exception rates, bias indicators, and latency—with periodic deeper evaluations including model effectiveness audits, adversarial testing, and independent review. When deficiencies arise, whether from configuration errors, prompt design, data quality issues, vendor changes, or hallucinations, they should be logged, analyzed for root cause, and remediated with clear accountability and documentation.

A Practical Roadmap for Implementation

Beyond the principles, COSO outlines a six-step roadmap for embedding GenAI within internal control structures:

1. Establish AI Governance
2. Inventory GenAI use cases, including Shadow AI
3. Assess risks across COSO Components
4. Design and map controls
5. Implement and communicate policies
6. Continuously monitor and adapt.

The guidance illustrates these steps with examples familiar to finance and accounting teams, including invoice extraction, automated accruals, reconciliations, and compliance monitoring.

Ultimately, COSO emphasizes that GenAI can evolve from an emerging risk into a well-governed organizational asset when companies apply established internal control principles with GenAI-specific insight. For CPAs, the guidance provides both a shared language for engaging with technology teams and a practical foundation for designing, evaluating, and auditing controls in GenAI-enabled environments.