COSO Releases Guidance on Applying Internal Controls to Generative AI

Summary

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has published new guidance detailing how organizations can establish and maintain effective internal controls over generative AI. The framework maps directly to COSO's existing internal control components, addressing the Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring. Key recommendations include assigning clear owners for each AI capability type with defined author