As AI grows more pervasive in business, there’s a greater need for organizations to identify, manage, and respond to AI-related risks to maximize benefits for all stakeholders. The project, commissioned by COSO and coauthored by Deloitte & Touche LLP, focuses on the need for organizations to design and implement governance, risk management, and oversight strategies and structures to realize the potential of humans collaborating with AI.

The report describes how the COSO Enterprise Risk Management—Integrated Framework, coupled with Deloitte’s Trustworthy AI Framework, can provide a comprehensive approach that aligns risk management with strategy and can reduce performance variability and improve the likelihood of success for AI initiatives.

“AI-related risks need to be top of mind and a key priority for organizations to adopt and scale AI applications and to fully realize the potential of AI,” said COSO Chairman Paul Sobel. “Applying ERM [enterprise risk management] principles to AI initiatives can help organizations improve governance of AI, manage risks, and drive performance to maximize achievement of strategic goals.”

The report states that by understanding AI-related risks, organizations may be better equipped to deliver return on investment and meet stakeholder expectations. Further, by implementing ERM, organizations can refine and adapt their innovation initiatives to support their strategies in a rapidly changing business environment.

The report is available at

About the Authors