Statement 4: Enable AI auditing

Agencies must: 

  • Criterion 9: Provide end-to-end auditability.

    End-to-end AI auditability refers to the ability to trace and inspect the decisions and processes involved in the AI system lifecycle. This enables internal and external scrutiny. Publishing audit results enables public accountability, transparency, and trust.

    This may include:

    • establishing documentation across the AI system lifecycle as agreed with the accountable official. This should demonstrate conformance with the AI technical standard, and compliance with relevant legislation and regulations.
    • establishing traceability of decisions and changes from requirements through to operational impacts
    • ensuring accessibility, availability, and explainability of technical and non-technical information to assist audits

    • ensuring audit logging of the AI tools and systems are configured appropriately

      This may include:

      • enabling or disabling the capture of system inputs and outputs
      • detect and record modifications to the system’s operation or performance
      • record who made the modification, under what authority, and the rationale for the modification
      • record system version and any other critical system information.
    • reviewing of audit logs
    • ensuring independence and avoiding conflict of interest when undertaking AI audits.

  • Criterion 10: Perform ongoing data-specific checks across the AI lifecycle.

    This should address:

    • data quality for AI training, capabilities, and limitations
    • how data was evaluated for bias
    • controls to detect and manage data poisoning
    • legislative compliance.

  • Criterion 11: Perform ongoing model-specific checks across the AI lifecycle.

    This should address:

    • track and maintain experiments with new models and algorithms to ensure reproducibility, achieving similar model performance with the same dataset
    • output flaws such as factually incorrect, nonsensical, or misleading information, which may be referred to as AI hallucinations
    • bias and potential harms, such as ensuring fair treatment of all demographic groups
    • model explainability
    • controls to detect and manage model poisoning
    • legislative compliance.
       

Statement 5: Provide explainability based on the use case

Next Page

Connect with the digital community

Share, build or learn digital experience and skills with training and events, and collaborate with peers across government.

Join the Digital Profession