Most audit committees have started adding AI to their risk registers. This is progress of a kind, but it tends to reflect what audit committees already know how to worry about: data protection, vendor risk, regulatory compliance. The risks that actually distinguish AI from other enterprise technology are mostly absent from these conversations.

This is not primarily a capability problem. Audit committees have access to advisers and can develop new expertise when they decide it matters. It is a structural problem. The information audit committees receive about AI comes from the people most invested in AI's continued deployment, framed in terms those people find comfortable. The questions that would create real accountability rarely get asked, because no one in the room has an incentive to surface them.

The Questions That Do Not Get Asked

A well-governed audit committee will ask: Is our AI compliant with relevant regulations? Are we managing our AI vendors appropriately? Do we have an AI policy? These are reasonable questions. They are also, in almost every case, the wrong ones to lead with.

The questions that matter more are harder to answer and more uncomfortable to raise. What is the error rate of this model on the decisions that most affect our customers or counterparties? Can we reconstruct any AI decision made in the past twelve months if a regulator or court requests it? Who reviewed the training data for systemic bias before we deployed, and what did they find? If this model's outputs were wrong in a particular direction for three months, how would we know?

These questions are not unanswerable. If the team cannot answer them, that is itself significant information about the state of the organisation's AI governance.

If the team cannot answer basic questions about decision quality and audit readiness, that is itself significant information about the state of the organisation's AI governance.

What Defensible Means for Probabilistic Systems

For a rule-based system, defensibility is straightforward. You show the rule, the input, and the output. The chain is deterministic and transparent.

For a probabilistic model, defensibility requires something different. It requires knowing: what data the model was trained on and whether that data was appropriate for this use case; what the model's error rate is on decisions like the one being examined; which version of the model was deployed at the time; and what information was available to the model that a human in the same position would or would not have had access to.

None of this is a purely technical question. All of it is a governance question. The audit committee's role is not to understand the mathematics. It is to ensure that the organisation has the processes to answer these questions, and that someone has standing to raise a concern when the answers are inadequate.

The Structural Gap

The deeper problem is that audit committees typically receive information about AI from functions that have a stake in the narrative. The technology team wants to demonstrate capability. The product team wants to demonstrate value. The legal and compliance teams want to demonstrate that the risks are managed.

The function that should provide independent assurance, whether that is internal audit or an independent governance function, often lacks the technical knowledge to assess AI-specific risk with precision. This creates a gap at exactly the point where boards and audit committees need reliable information.

Closing this gap requires two things: technical capability within the assurance function, and an explicit mandate to ask questions that may be inconvenient. Neither is difficult to achieve. Both require a deliberate decision to prioritise them.

A Starting Point

Any audit committee can begin with four questions at its next AI-related agenda item. First: show us the audit trail for a sample of AI decisions made in the past quarter. Second: what is the documented error rate, and who reviewed and accepted it? Third: who has authority to halt a deployment if the error rate exceeds the accepted threshold? Fourth: when did governance last review the training data for this model?

If the answers are clear, documented, and consistent, the governance is probably functioning. If the answers are vague, incomplete, or deferred for follow-up, the committee has found the gap. The question then is whether it has the mandate to require it to be closed.