Enterprises rely heavily on internal audit functions to stay on track with business objectives, meet regulatory requirements, and handle risk effectively. Yet the conventional methods of conducting audits face some considerable challenges. Auditors struggle to keep up with ever-shifting regulations and large datasets. It is difficult for them to detect emerging risk factors promptly, largely due to excessive manual work. These challenges make it hard for enterprises to adapt and thrive in today’s fast-paced environment.
Fortunately, cutting-edge tools and fresh approaches are proving revolutionary solutions to these problems. By bringing together the pattern-spotting and number-crunching power of artificial intelligence (AI) with the fast-moving, step-by-step methods of Agile Scrum, exciting new possibilities are available to improve internal audit.
Research Gaps
AI and Agile Scrum have historically been considered separate entities, like two parts of a puzzle assembled on different tables. AI can crunch numbers and spot unusual patterns, and Agile facilitates flexibility and adapts to changes on the fly. So, what would happen if they were combined? Imagine having a tool such as IBM Watson or a Google Cloud anomaly detector working alongside an Agile sprint.
Research often focuses on AI's strengths, such as finding fraud or predicting problems, or Agile’s ability to enhance team collaboration. But what if AI's real-time insights were used to guide sprints? Could AI be used to plan sprints or decide which tasks are most important?
Creating a framework to illustrate how AI and Agile can coalesce seems warranted. Imagine using a tool such as Tableau, with predictive analytical capability, to highlight the riskiest areas to the audit team. Analyzing how AI and Agile interact in different scenarios shows that this combination can make audits faster, more accurate, and more adaptable. This could help enterprises modernize their audits and keep up with the rapid pace of change in the complex business environment.
Although research exists on both Agile and AI in auditing, few studies explore the combination. Here, each approach is examined individually before integrating them into a unified framework.
AI can revolutionize internal audit by significantly improving efficiency and effectiveness. Its advanced machine learning (ML) capabilities are useful for fraud detection, as they identify suspicious patterns and behaviors faster than manual methods. AI is also capable of anomaly detection and can sift through vast datasets to pinpoint irregularities that signal potential risk. Such capabilities allow proactive risk mitigation. Specifically, ML identifies fraud patterns, while other AI tools flag financial and operational anomalies.1
Natural language processing (NLP) streamlines the process by rapidly analyzing large datasets, reducing manual effort and human error. This smart audit approach empowers auditors to focus on strategic analysis rather than tedious tasks, ultimately making audits more insightful, efficient, and valuable.2
As AI agents continue to evolve, they are expected to reshape industries, streamline operations, and drive innovation in ways that were previously unimaginable.Agile Scrum in Audit Processes
Agile, particularly Scrum, offers an alternative approach to internal audit, addressing the limitations of traditional auditing methods. Its iterative sprints, regular meetings, and retrospectives enable continuous review and adaptation to organizational changes.3 Scrum's emphasis on stakeholder collaboration ensures that audits are aligned with organizational objectives, while its incremental progress model allows adjustments as new information emerges.
Clear Scrum roles—product owner, Scrum master, and developers—are crucial for success. The product owner prioritizes audit objectives based on stakeholder needs, the Scrum master facilitates adherence to Agile principles and removes impediments, and the developers (auditors and other professionals) execute tasks effectively. These combined strengths make Agile Scrum a compelling choice for enterprises seeking more flexible, efficient, and relevant internal audits.
AI in Audit Processes
AI offers transformative possibilities for internal audit, promising substantial improvements in efficiency and the development of valuable audit insights. Automated systems powered by ML can handle tedious and repetitive tasks such as data validation and reconciliation. These systems allow auditors to concentrate on more strategic work, such as risk identification and classification, and can enhance stakeholder communication. NLP tools can streamline the creation of comprehensive and standardized audit reports. Real-time monitoring systems driven by AI, such as SAP's Predictive Accounting module, offer immediate insights and flag potential problems as they emerge, facilitating proactive risk management.
Looking beyond simple automation, AI facilitates predictive analysis. By examining historical data trends, these systems can anticipate potential risk factors and areas of noncompliance, allowing enterprises to implement preventive measures. Platforms such as Google Cloud's AI can sift through massive datasets to pinpoint patterns that suggest emerging risk, enabling auditors to address vulnerabilities before they escalate. Finally, AI-enhanced interactive dashboards are often built on platforms such as Tableau or Power BI to provide real-time views of audit operations and key performance indicators. This improves decision making and allows auditors to adapt to evolving organizational needs and changes in regulatory requirements.
The Evolution of AI: From Intelligence to Action
AI agents are emerging as new applications are fundamentally changing how tasks are executed. AI agents may eventually outnumber humans.4 Unlike raw AI, which possesses intelligence but lacks direct application, AI agents transform knowledge into action.
This transformation is particularly relevant for internal audit, where AI agents can automate routine processes, enabling auditors to focus on innovation and risk management.5 AI agents may replace traditional business applications that serve primarily as interfaces for create, read, update, delete (CRUD) database operations. Instead of relying on static software, AI agents can dynamically integrate databases via application programming interfaces (APIs) and middleware to ensure secure and efficient interactions. By leveraging existing tools and frameworks, AI agents can generate software code and execute complex tasks autonomously.6 As AI agents continue to evolve, they are expected to reshape industries, streamline operations, and drive innovation in ways that were previously unimaginable.
Use Case: GitHub Copilot in Internal Auditing
Given that the use of AI in internal auditing is still in its early stages, use cases provide a more practical framework than traditional case studies, which rely on historical precedent. Because AI's integration into internal audit functions is still evolving, real-world implementations are limited. Use cases offer structured, scenario-based insights demonstrating how AI, combined with Agile Scrum methodologies, can enhance audit processes. Figure 1 outlines various AI-driven use cases, such as automating
internal audit scripts, risk assessment, compliance
monitoring, and fraud detection. These examples
illustrate how AI tools such as GitHub Copilot can
streamline audit functions by generating scripts,
automating routine checks, and enhancing data-driven decision making.
For instance, rather than referencing past implementations, use cases provide concrete examples of AI's current applicability. AI-generated Python scripts may reconcile financial transactions across departments, reducing manual errors and increasing efficiency. Similarly, AI-driven cybersecurity audits can analyze system logs for anomalies, flagging real-time unauthorized access attempts. These use cases serve as blueprints for implementation, allowing auditors to experiment with AI-driven solutions, validate their effectiveness, and iteratively refine processes—aligning with Agile Scrum's principles of continuous improvement. Internal auditors can bridge the gap between AI's theoretical potential and its real-world applications, paving the way for more efficient and risk-aware audit practices.
AI and Scrum Synergy
The synergy between AI and Agile Scrum augments the strengths of each approach, offering substantial advantages for internal auditing. The combination of AI and Agile Scrum methodology strengthens internal audit practices. AI analytics can detect patterns and anomalies in real time, spotting potential fraud or compliance risk factors that might otherwise go unnoticed. Meanwhile, Agile's flexible framework allows audit teams to pivot and respond to these insights quickly.
During sprint reviews, teams assess AI-identified risk areas and adjust their priorities accordingly. This responsive approach helps auditors focus where it matters most, reducing blind spots in risk oversight.
The integration also transforms reporting capabilities. Modern visualization tools streamline the creation of detailed audit reports, while the Agile framework provides regular opportunities to refine and improve these deliverables through sprint reviews and retrospectives. For instance, sprint reviews often feature interactive dashboards that give stakeholders a clear view of audit findings and progress (figure 2).
This blend of technological capability and methodological flexibility creates a more dynamic audit environment. Enterprises can quickly respond to emerging risk while maintaining strategic oversight of their operations. This results in a more robust approach to risk management that is better suited for today's fast-moving business environment.
Conclusion
The combination of AI and Agile Scrum will revolutionize internal audit, bringing fresh approaches to risk and compliance management. Given that the use of AI in internal auditing is still evolving, real-world implementations are limited. Therefore, use cases can provide a more practical framework than traditional case studies that rely on historical precedent. Use cases offer structured, scenario-based insights into how AI and Agile Scrum can transform internal audit.
Modern AI tools now handle time-consuming audit tasks, from writing scripts to reconciling data and assessing risk. This automation cuts down on human error while improving accuracy. For instance, custom Python scripts can now validate data across departments automatically, while smart risk assessment models flag unusual transactions, letting auditors zero in on what really matters.
When AI is paired with Agile Scrum's flexible approach, audit teams can pivot quickly based on what they find in real time. This is particularly useful during sprint reviews, where teams can shift gears immediately if AI spots something concerning. The reporting side has also undergone significant improvement. Visual analytical tools create clear, interactive dashboards that make complex findings easier to grasp and act on. These reports improve with each sprint review, as teams fine-tune them to meet stakeholder needs. The system also keeps a watchful eye on compliance, catching policy violations such as unauthorized spending or security gaps before they become serious problems.
Of course, there are challenges, including data quality issues, questions about AI transparency, and some resistance to Agile methods. But with solid data practices, explainable AI, and proper training, this new approach to auditing delivers better efficiency, sharper risk awareness, and more substantial compliance. This integrated approach offers a practical path forward for enterprises looking to stay ahead of the curve.
Endnotes
1 Lotlikar, P.; Mohs, J.N.; “Examining the Role of Artificial Intelligence on Modern Auditing Techniques,” Strategic Management Quarterly, vol. 9, iss. 2, 2021,; Zhou, G.; “Research on the Problems of Enterprise Internal Audit Under the Background of Artificial Intelligence,” Journal of Physics: Conference Series, vol. 1861, iss. 1, 2021
2 Couceiro, B.; Pedrosa, I.; et al.; “State of the Art of Artificial Intelligence in Internal Audit Context,” 17th Iberian Conference on Information Systems and Technologies (CISTI), 2020, Zhou; “Research on the Problems”
3 Bell, T.; “Agile: The X Factor of Internal Auditing,” ISACA® Journal, vol. 3, 2024
4 Zuckerberg, M.; “Meta Releases Llama 405B,” Rundown, 23 July 2024
5 Huang, J.; “The Agentic Future: How AI Is Revolutionizing Our World,” PaulLopez.ai, 1 October 2024
6 Nadella, S.; “The Yellow Brick Road to Agentic AI,” SiliconANGLE, 21 December 2024</p
THOMAS J. BELL III | PH.D., CISA, CRISC, COBIT 2019, ITIL V4, LEAN SIX SIGMA BLACK BELT, PMI-SP, PMP, PSM, PSPO
Is a professor of business administration at Texas Wesleyan University (Fort Worth, Texas, USA) and has more than 30 years of experience in IT systems. His expertise includes adaptive, predictive, and hybrid projects and audits. He has held both participative and leadership roles in these fields. Additionally, his writing has appeared in peer-reviewed publications related to project management leadership styles, auditing behaviors, team dynamics, and certification pedagogy.
