Shadow AI exposure
5 AI applications + 3 MCP servers
Outside the approved estate, with no owner, policy evidence, or exception path.
2 week AI Audit
For finance teams that need visibility across existing gateways, scanners, SIEM and observability, MDM, IDP, SaaS/admin systems, every AI tool, agent, and embedded feature.
In two weeks, the Audit turns stack signals, workflows, usage, spend, and evidence gaps into a board-ready read: where AI creates value, where it creates exposure, and what to fund next.
TrustEvals service brief for finance AI teams.
Sample audit findings
The first read makes AI value and AI risk specific.
Representative findings show the shape of the deliverable before the full working-paper pack follows.
Plan-tier overspend
$3.0M
Annualized AI license spend above observed usage needs, driven by seats on higher plans than workflow usage supported.
Agent evidence gaps
4 production agents
Live in workflows with minimal eval coverage, too thin to support an audit opinion without exceptions.
Fluency upside identified
50 hours/week
Recoverable capacity from role-level AI fluency gaps in recurring finance workflows.
AI Audit · 2-week operating read
Capturing value
9
Internal agents in production
62
Embedded AI features in stack
37
Approved tools landing in workflow
Exposed to risk
14
Unapproved AI tools in production
$1.4M
Duplicate license spend, annualized
21 of 37
Tools with no measurable usage
Workforce fluency
6
Functions with power-user patterns
11
Roles blocked by review uncertainty
3 of 5
Workforce fluency stage
What the audit reveals
Where AI is creating value. Where AI is exposing risk.
The Audit separates visible adoption from unmanaged Shadow AI, then ties gateway, scanner, identity, device, SaaS, code, and observability evidence to workflows, spend, risk, and outcomes.
Finance leaders see which AI is approved, which AI is already running outside IT's view, which workflows are producing outcomes, and where risk lacks evidence or an owner.
See how the findings become AI Transformation →Workflow Evidence Map
Show which workflows deserve the next dollar.
The Audit returns a workflow evidence map: what AI workflows exist, who owns human review, what data each workflow touches, what proof exists, and which workflow should move next.
Map field
Workflow
Which AI workflows already run, which tools or agents touch them, and which business decision each workflow influences.
Map field
Owner
The named business owner, human reviewer, risk owner, and escalation path for material outputs.
Map field
Proof
The source records, traces, reviewer decisions, confidence markers, exceptions, and change logs already present or missing.
Map field
Next move
Which workflow to fund, harden, monitor, pause, or hand to AI Fluency because the human owner is the bottleneck.
Existing stack coverage
The Audit works with the stack you already run.
Gateways, scanners, SIEM, observability, MDM, IDP, SaaS/admin systems, code hosting, and SDK traces remain in place.
Source layer
AI gateways and proxies
Traffic through controlled routes: prompts, responses, policies, apps, egress patterns, and evidence freshness.
Source layer
Agent security and MCP scanners
Risky tool calls, MCP servers, agent behavior findings, control failures, and the owner each finding needs.
Source layer
SIEM, observability, and SDK traces
Runtime events, app traces, incidents, eval results, and source-anchored evidence from internal agents.
Source layer
MDM, IDP, SaaS/admin, and code hosting
Device coverage, identity groups, enabled AI features, repos, service owners, and workflow context.
Prerequisites before Day 1
The Audit is two weeks because the start is ready.
Access, exports, stakeholder routing, and materiality inputs are not a hidden delivery phase. They are the entry conditions for a fixed-scope two-week Audit.
Executive sponsor and Day 1 kickoff owner named
MDM / EDR deployment path or endpoint export confirmed
IDP read access or export path confirmed
SaaS admin exports for productivity, CRM, helpdesk, collaboration, and AI tools
Current AI policy, exception process, vendor list, and known AI use cases collected
Existing evals, model-risk, security, privacy, and audit artifacts collected
Stakeholder roster and survey distribution path confirmed
Materiality inputs prepared by finance segment and customer risk appetite
Optional Shadow MCP Discovery scope confirmed for developer fleets
Missing prerequisites either move Day 1 or become a named scope limitation in the Audit Opinion. They do not stretch the public offer beyond two weeks.
How the two weeks unfold
Four moves. One 2 week Audit.
The two-week clock starts after prerequisites are complete. Required access that does not arrive becomes a scope limitation, not an invisible extension.
Before Day 1
Prerequisites locked
Sponsor, materiality inputs, stakeholder routing, access paths, exports, and optional Shadow MCP scope are ready before the two-week clock starts.
First 72 hours
First-read memo
Cross-cutting read across AI Transformation, AI Governance, and AI Fluency: approved AI, Shadow AI, workflow candidates, usage, spend, and evidence gaps.
Days 4-10
Cross-pillar baseline
Tool inventory, license utilization, workflow candidates, role capability gaps, risk posture, eval coverage, and evidence systems.
Days 11-14
Opinion and sequence
Audit Opinion, Workflow Evidence Map, materiality exceptions, working-paper package, and a recommendation for what to fund first, next, and later.
The same two-week motion also produces the first golden dataset for one priority surface when the Audit scopes an eval benchmark.
Audit opinion
Every Audit lands one of four opinions.
The same discipline finance has used for a century, applied to the AI estate.
Clean
AI estate visible. Material risk contained.
Qualified
With exceptions noted.
Adverse
Do not extend in current state.
Scope limitation
Access was insufficient.
Clean
AI estate visible. Material risk contained.
AI estate is visible, evidenced, and material risk is contained.
Inventory complete, Shadow AI under threshold, governance evidence in place, adoption outcomes traceable.
Qualified
With exceptions noted.
Most of the estate is in order. Specific named exposures require remediation before next quarter.
Named Shadow AI hotspots, specific evals gaps, specific roles below fluency baseline.
Adverse
Do not extend in current state.
Material exposures span multiple anchors. New AI workstreams should pause until remediated.
Unmanaged Shadow AI on regulated workflows, no evidence systems, no policy enforcement, internal agents in production with no evals.
Scope limitation
Access was insufficient.
Visibility access was insufficient to issue an opinion.
MDM coverage gap, IDP access denied, fleet too small for valid sample.
Materiality
What's a material AI failure?
Financial audit set materiality thresholds a century ago, often around 5% of net income. AI teams are still guessing.
The Audit defines materiality per use case through impact severity across regulatory, financial, and reputational harm, plus frequency across one user, one query type, one workflow class, or portfolio-wide exposure. Findings above the materiality threshold land in the opinion as audit exceptions. Findings below land in the appendix.
Materiality is set jointly in the kickoff session. TrustEvals walks the customer through industry defaults for their finance sub-segment. The customer signs off. The threshold lands in the engagement letter, and the opinion is issued against it.
A finding without a materiality threshold is a complaint. A finding above threshold is an audit exception.
The numbers a board has never seen before.
Most boards see vendor counts and seat licenses. The Audit returns duplicate spend, Shadow AI, internal agents in production, adoption outcomes, risk without evidence, and the workforce-fluency stage. On one page.
What flows from the audit
Audit findings. Sequenced workstreams.
The Audit shows which AI work is creating value, which Shadow AI and policy gaps create exposure, and which teams need enablement. That decides what runs next.
AI Transformation
Turn the adoption findings into production workflows with measurable revenue, margin, or cycle-time outcomes.
Open ai transformation →AI Governance
Turn the risk findings into policy, continuous evidence, and framework-ready proof before the audit committee asks.
Open ai governance →AI Fluency
Turn usage and capability gaps into role-specific enablement, manager telemetry, and stronger day-to-day AI judgment.
Open ai fluency →Three lines of defense
The Audit fits the risk model finance already uses.
Three lines of defense means business owns the work, risk oversees the controls, and audit tests whether the evidence holds.
First line
1LoD
Business teams own the AI workflow
AI Transformation + AI Fluency
Second line
2LoD
Risk and compliance oversee the controls
AI Governance
Third line
3LoD
Internal audit and external auditors rely on the evidence
AI Audit
Evals layer
Continuous evaluation evidence spans all three lines, feeding operating decisions, governance proof, and audit testing without belonging to any single anchor.
| Line | Plain-English role | TrustEvals role |
|---|---|---|
| First line1LoD | Business teams own the AI workflow | AI Transformation + AI FluencyWorkflow owners capture the upside and build the role-level fluency to operate it. |
| Second line2LoD | Risk and compliance oversee the controls | AI GovernancePolicy, evidence, exception handling, and framework mapping. |
| Third line3LoD | Internal audit and external auditors rely on the evidence | AI AuditOpinion, materiality, working papers, and substantive testing evidence. |
FAQ
Common questions. Direct answers.
No. It is the entry diagnostic that maps AI visibility, Shadow AI, workflow value, spend, usage, risk, and evidence gaps before recommending which workstream to run next.
The Audit is fixed-scope for medium-to-large finance teams. Smaller organizations are scoped differently because the discovery footprint changes.
Two weeks after prerequisites are complete. The first 72 hours produce the first-read memo; Days 4-10 build the cross-pillar baseline; Days 11-14 land the Audit Opinion, working-paper package, and sequenced recommendation.
Sometimes, if you already know your AI inventory, Shadow AI exposure, usage depth, risk posture, and exact workstream gap. Most teams that try to skip the Audit pause two weeks in to build that baseline anyway.
Before Day 1, we lock employee and device footprint, MDM or endpoint export path, IDP and SaaS admin access, gateway and scanner exports, SIEM or observability evidence, developer tooling scope, internal agents, materiality inputs, and stakeholder routing.
No. The AI Audit is a use-case-specific operating diagnostic that produces evidence your SOC 2 and ISO 42001 auditors can rely on. We sit one layer below the framework audit.
No. Gateways answer what traffic flows through controlled routes. Agent-security and MCP tools answer which agent behaviors are risky. The Audit ingests those signals alongside identity, device, SaaS, code, and observability evidence to show value, exposure, evidence gaps, and fluency gaps.
Yes. Same memo. The output is a structured audit memorandum with the opinion, materiality threshold, scope, exceptions, and remediation sequencing on the first three pages. The committee gets the same shape they already read from external auditors. No separate audit-committee cut.
Yes. We deliver the working-paper package. Big-4 and mid-tier audit firms increasingly co-engage with us when their finance clients need AI assurance evidence the framework auditor cannot produce alone.
Cadence
Keep the opinion current.
The 2 week Audit is the first opinion. Refreshes are smaller: quarterly to keep the baseline current, and event-driven when the AI estate materially changes.
Initial
Two weeks
Full diagnostic. Opinion issued.
Quarterly
Three days
Refresh the inventory, re-run materiality scan, refresh the opinion.
Event-driven
Same-week
Model swap, vendor change, new internal agent in production, regulatory letter.
The cadence is not another full engagement. It is how the opinion stays defensible after tools, models, vendors, and internal agents change.
Start with the 2-week AI Audit.
Leave with the operating read: AI value, AI risk, fluency gaps, owners, and the next funded workstream.