Below are guest posts and opinions from Polyhedra’s CMO Samuel Pectton.
Reliability remains mirage in the ever-growing realm of AI models, affecting mainstream AI adoption in key sectors such as healthcare and finance. Auditing AI models is essential to restore reliability within the AI ​​industry and helps regulators, developers and users increase accountability and compliance.
However, auditing AI models may be unreliable as auditors must independently review the pre-processing (training), processing (inference), and post-processing (model deployment) stages. A “trust” and validation” approach helps improve the reliability of the audit process and rebuild the trust of AI.
Traditional AI model auditing systems are not reliable
AI model audits help to provide evidence-based reports to AI systems work, their potential impacts, and industry stakeholders.
For example, companies use audit reports to obtain AI models based on due diligence, ratings, and comparative benefits between different vendor models. These reports allow developers to take necessary precautions at every stage and ensure that their models are compliant with existing regulatory frameworks.
However, auditing AI models is prone to reliability issues due to their inherent procedural capabilities and HR challenges.
According to the European Data Protection Commission (EDPB) AI Audit Checklist, audits from “implementing controllers of the principles of supervisory ability” and “inspections/inspections conducted by supervisory authorities” differ and can cause confusion among enforcement agencies.
The EDPB checklist covers implementation mechanisms, data validation, and impact on subjects through algorithm auditing. However, the report also acknowledges that the audit is based on existing systems and does not doubt that “the system should exist in the first place.”
In addition to these structural issues, the auditor team needs modern domain knowledge in data science and machine learning. It also requires complete training, testing, and production sampling data spanning multiple systems, creating complex workflows and interdependencies.
A knowledge gap or error between team members can lead to cascade effects and can disable the entire auditing process. As AI models become more complex, auditors are responsible for independently validating and verifying reports before aggregating conformance and repair checks.
Advances in the AI ​​industry are rapidly outperforming the capabilities of auditors and their ability to conduct forensic analyses and evaluate AI models. This will disable auditing methods, skill sets, and regulatory enforcement, deepening the credibility crisis of AI model audits.
The auditor’s main task is to increase transparency by assessing the risk, governance and underlying processes of the AI ​​model. User trust is eroded when auditors lack the knowledge and tools to assess AI and implementation within an organizational environment.
The Deloitte Report provides an overview of three lines of AI defense. In the first row, the owner and management of the model are the primary responsibility of managing the risk. This is followed by a second line, in which the policy worker provides the monitoring needed to mitigate risk.
A third line of defense is most important, and the auditor measures the first and second lines to assess operational effectiveness. The auditor will then submit the report to the board to match data on best practices and compliance with AI model.
To increase the reliability of AI model audits, people and underlying technologies need to confirm their philosophy “adopt trust” during the audit procedure.
Check out the “trust” approach to AI model auditing
“Trust,” but confirmation is a Russian proverb that was popularized by US President Ronald Reagan during the US and the Soviet Union’s Nuclear Weapon Treaty. Reagan’s “broad verification procedures that allow both parties to monitor compliance” attitude is beneficial in restoring the reliability of AI model audits.
In a “trust” system, auditing AI models requires continuous evaluation and verification before trusting the audit results. In fact, this means there is no such thing as auditing AI models, preparing reports, assuming it is correct.
Therefore, despite the stringent verification procedures and verification mechanisms of all key components, AI model auditing is by no means safe. In the research paper, Pennsylvania engineer Phil Laplante and NIST Computer Security member Rick Coon call this “trust,” but use AI architecture.
The need for constant evaluation and continuous AI assurance by leveraging “trust-on-continuous” infrastructure is important for AI model audits. For example, AI models often require re-audit and post-event re-evaluation, as the mission or context of a system can change over its lifespan.
The “trust validation” method during auditing helps determine the deterioration of the model’s performance through new fault detection techniques. Audit teams can deploy testing and mitigation strategies with continuous monitoring, allowing auditors to implement robust algorithms and improved monitoring facilities.
According to Laplante and Kuhn, “Continuous monitoring of AI systems is an important part of the post-deployment assurance process model.” Such monitoring is possible through automated AI audits where routine self-diagnosis testing is built into AI systems.
Because internal diagnostics can have trust issues, trusted elevators with a mix of human and mechanical systems can monitor AI. These systems provide more powerful AI audits by facilitating postmortem and black box record analysis for retrospective context-based outcome verification.
The main role of an auditor is to ensure that the AI ​​model does not cross the boundaries of trust thresholds. A “trust” approach allows audit team members to explicitly verify reliability at each step. This resolves the lack of reliability in AI model audits by restoring trust in AI systems through rigorous scrutiny and transparent decision-making.
