Auditing Artificial Intelligence: A Handbook for Audit, Risk, and Security Professionals
暫譯: 人工智慧審計:審計、風險與安全專業人員手冊
Marcella, Albert J.
商品描述
Artificial Intelligence (AI) is revolutionizing industries, yet its rapid evolution presents unprecedented challenges in governance, ethics, and security. Auditing Artificial Intelligence is an essential guide for IT auditors, information security experts, and risk management professionals seeking to understand, evaluate, and mitigate AI-related risks.
This book provides a structured framework for auditing AI systems, covering critical areas such as governance, compliance, algorithm transparency, ethical accountability, and system performance. With 24 insightful chapters, it explores topics including:
- AI Governance & Ethics - Establishing frameworks to ensure fairness, accountability, and transparency in AI deployments.
- Risk Management & Compliance - Addressing the legal and regulatory landscape, including GDPR, the EU AI Act, and ISO standards.
- Bias & Trustworthiness - Evaluating AI decision-making to detect bias and ensure equitable outcomes.
- Security & Continuous Monitoring - Safeguarding AI systems from adversarial attacks and ensuring operational consistency.
- Model Performance & Explainability - Assessing AI outputs, refining accuracy, and ensuring alignment with business objectives.
Designed for professionals tasked with assessing AI systems, this book combines practical methodologies, industry standards, and real-world audit questions to help organizations build responsible and resilient AI practices and assess associated risks. Whether you are assessing AI governance, monitoring AI-driven risks, or ensuring compliance with emerging regulations, this handbook provides the guidance you need to navigate and assess the complexities of AI systems with confidence.
Stay ahead in your role and responsibility for assessing the rapidly evolving deployment and use of AI across the organization -- equip yourself with the knowledge and tools to ensure its responsible, safe, approved, secure, and ethical use.
商品描述(中文翻譯)
人工智慧 (AI) 正在革新各行各業,但其快速演變也帶來了前所未有的治理、倫理和安全挑戰。《人工智慧審計》是一本針對 IT 審計師、資訊安全專家和風險管理專業人士的必備指南,旨在幫助他們理解、評估和減輕與 AI 相關的風險。
本書提供了一個結構化的框架,用於審計 AI 系統,涵蓋治理、合規性、演算法透明度、倫理責任和系統性能等關鍵領域。全書共 24 章,探討的主題包括:
- **AI 治理與倫理** - 建立框架以確保 AI 部署的公平性、責任性和透明度。
- **風險管理與合規性** - 處理法律和監管環境,包括 GDPR、歐盟 AI 法案和 ISO 標準。
- **偏見與可信度** - 評估 AI 決策以檢測偏見並確保公平的結果。
- **安全性與持續監控** - 保護 AI 系統免受對抗性攻擊,並確保操作的一致性。
- **模型性能與可解釋性** - 評估 AI 輸出、提高準確性,並確保與商業目標的一致性。
本書專為負責評估 AI 系統的專業人士設計,結合實用的方法論、行業標準和現實世界的審計問題,幫助組織建立負責任且具韌性的 AI 實踐,並評估相關風險。無論您是在評估 AI 治理、監控 AI 驅動的風險,還是確保遵守新興法規,本手冊都提供了您所需的指導,幫助您自信地導航和評估 AI 系統的複雜性。
在您負責評估組織內快速演變的 AI 部署和使用時,保持領先地位——為自己裝備必要的知識和工具,以確保其負責任、安全、合規、可靠和倫理的使用。
作者簡介
Dr. Albert (Al) Marcella, Ph.D., CISA, CISM, President of Business Automation Consultants (BAC) LLC, is an internationally recognized public speaker, researcher, IT consultant, and workshop and seminar leader with 46 years of experience in IT audit, risk management, IT security, and assessing internal controls, having authored numerous articles and 30 books on various IT, audit, and security related subjects. Dr. Marcella's clients include organizations in financial services, IT, banking, petrol-chemical, transportation, services industry, public utilities, telecommunications, and departments of government and nonprofits.
Research conducted by Dr. Marcella on unmanned aircraft systems, cyber extortion, workplace violence, personal privacy, electronic stored information, privacy risk, cyber forensics, disaster and incident management planning, the Internet of Things, ethics, and astrophotography has been published in the ISACA Journal, Disaster Recovery Journal, Journal of Forensic & Investigative Accounting, EDPACS, ISSA Journal, Continuity Insights, Internal Auditor Magazine and the Astronomical League's Reflector Magazine.
Dr. Marcella, along with co-authors Madeline Parisi and Brian Moore's four-book series "From Street-smart to Web-wise(R) A Cyber Safety Training Program Built for Teachers and Designed for Children," released in 2025 by Taylor & Francis Publishing, provides K-8 educators, parents, and educators globally, who nurture, guide, support, and ignite a passion for knowledge and learning in children of every educational background, with guidance and tools need to make student cyber-safety awareness practical, fun, and impactful.
Dr. Marcella holds a B.S. degree in Management, a B.S. degree in Information Technology Management, an MBA with a concentration in Finance, and a Ph.D. in Management/Information Technology Management. Dr. Marcella is a Certified Information Systems Auditor (CISA), a Certified Information Security Manager (CISM), and holds an ISACA Cybersecurity Certificate.
Dr. Marcella is the 2016 recipient of the Information Systems Security Association's Security Professional of the Year award and recipient of the Institute of Internal Auditors Leon R. Radde Educator of the Year 2000 award and has been recognized by the Institute of Internal Auditors as a Distinguished Adjunct Faculty Member. Dr. Marcella has taught IT audit seminar courses for the Institute of Internal Auditors (IIA) and the Information Systems Audit and Control Association (ISACA).
作者簡介(中文翻譯)
阿爾伯特(Al)馬塞拉博士,Ph.D.,CISA,CISM,商業自動化顧問(BAC)有限責任公司的總裁,是一位國際知名的公共演講者、研究者、IT顧問以及工作坊和研討會的領導者,擁有46年的IT審計、風險管理、IT安全及內部控制評估的經驗,並撰寫了多篇文章及30本有關各種IT、審計和安全相關主題的書籍。馬塞拉博士的客戶包括金融服務、IT、銀行、石油化工、運輸、服務業、公用事業、電信以及政府部門和非營利組織等機構。
馬塞拉博士在無人機系統、網路勒索、工作場所暴力、個人隱私、電子存儲信息、隱私風險、網路取證、災難及事件管理規劃、物聯網、倫理學和天文攝影等方面的研究已發表於《ISACA期刊》、《災難恢復期刊》、《法醫與調查會計期刊》、《EDPACS》、《ISSA期刊》、《持續性洞察》、《內部審計雜誌》和《天文聯盟的反射雜誌》中。
馬塞拉博士與共同作者馬德琳·帕里西和布萊恩·摩爾共同創作的四本書系列《從街頭智慧到網路智慧(R) 一個為教師而建、為兒童而設的網路安全培訓計劃》,將於2025年由泰勒與法蘭西斯出版,為全球K-8教育工作者、家長和教育者提供指導和工具,幫助他們培養、指導、支持並激發各種教育背景兒童的知識和學習熱情,使學生的網路安全意識變得實用、有趣且具影響力。
馬塞拉博士擁有管理學學士學位、資訊科技管理學士學位、專注於金融的MBA學位,以及管理/資訊科技管理的博士學位。馬塞拉博士是認證資訊系統審計師(CISA)、認證資訊安全經理(CISM),並持有ISACA網路安全證書。
馬塞拉博士是2016年資訊系統安全協會年度安全專業人士獎的獲得者,並獲得內部審計師協會2000年利昂·R·拉德教育者獎,並被內部審計師協會認定為傑出兼任教員。馬塞拉博士曾為內部審計師協會(IIA)和資訊系統審計與控制協會(ISACA)教授IT審計研討會課程。
