Ravi Soin knew something had shifted the moment he mapped AI usage at Smartsheet. Tools had slipped into workflows. Some carried official approval. Others did not. Yet when he pressed vendors for records of data accessed or actions taken, the responses came back sparse. The audit infrastructure simply did not exist.
That gap crystallized his view. The danger lay not in the models themselves but in their opacity. Invisibility breeds risk. Security leaders once defaulted to control through restriction. They learned the hard way that bans push adoption into shadows. Visibility suffers even more.
Soin, chief information and security officer at Smartsheet, now frames the core question differently. “Can we trace it?” he asks in a recent TechRadar article. Treat each AI agent as a new kind of employee. Assign it a role, limit its authority, and demand a clear chain of accountability. New hires do not make high-stakes calls unsupervised. Neither should autonomous systems.
Surveys from early 2026 confirm the urgency. The Cloud Security Alliance polled more than 1,500 security leaders for its State of AI Cybersecurity 2026 report. Sensitive data exposure topped worries at 61 percent. Regulatory compliance violations followed closely at 56 percent. And 92 percent expressed concern over AI agents loose across the workforce.
Generative AI already sits inside 77 percent of security stacks. Yet only 14 percent of professionals let AI take independent remediation steps without human review. The hesitation makes sense. When something goes wrong, boards, lawyers, and regulators demand answers. Who approved this? How? When? And why? Without logs that capture queries, decisions, escalations, and overrides in real time, those questions become impossible to answer.
Audit used to mean periodic checks. Digital systems changed that. Observability platforms turned review into continuous monitoring. Agentic AI demands the next step. Record every data source touched. Note every autonomous action versus those routed for approval. Track the human in the loop. Do it as events unfold, not after the fact.
But here’s the shift many organizations miss. Audit cannot remain an afterthought. It must form the base layer of any AI strategy. Soin evaluates every internal build and vendor offering against one standard. Show the traceable chain from data inputs to recommendations to human sign-off. Fail that test and the tool stays out, no matter how slick the results look.
This approach does more than satisfy compliance. It builds confidence. Employees act on AI suggestions when they understand the logic and see oversight in place. Productivity rises. Second-guessing falls. Governance stops slowing teams down and starts accelerating them.
Recent industry gatherings highlight how far standards still need to travel. In April, experts from NIST, OWASP, SANS, and others met in Washington to debate AI security baselines. Rob van der Veer, chief AI officer at Software Improvement Group and founder of the OWASP AI Exchange, noted that new tools can surface weaknesses in AI systems faster than developers realize. “This shifts the balance toward attackers,” he said, according to a Fortune report.
Gary McGraw, cofounder of the Berryville Institute of Machine Learning, pointed to a deeper flaw. Current benchmarks test how well AI performs security tasks. They rarely measure how secure the AI systems themselves are. Apostol Vassilev, who leads AI security research at NIST, drove the point home. No fixed set of guardrails holds against every adversarial prompt. “The security of AI systems is not a static problem,” he told the group. It requires ongoing red teaming, frequent updates, and built-in resilience so organizations can contain damage and recover quickly.
These observations align with regulatory momentum. The EU AI Act imposes strict obligations on high-risk systems, including detailed documentation, risk assessments, human oversight, and post-market monitoring. NIST’s AI Risk Management Framework offers voluntary guidance that emphasizes mapping, measuring, and managing risks across the full lifecycle. ISO 42001 adds management system requirements. Together they point the same direction. Auditability has moved from nice-to-have to table stakes.
Yet gaps remain. A Thoropass survey of compliance leaders found 82 percent already view AI use as a material risk to their compliance posture. Sixty-nine percent believe AI advances faster than their controls can adapt. And 91 percent have faced auditor pushback that forced evidence resubmission.
Utilities face an especially sharp version of the problem. Deploying AI for alert triage creates documentation demands that traditional NERC CIP audits cannot easily handle. Post-hoc reviews fall short when models make thousands of decisions daily. Eric Swidey, founder of Thirty Seven Inc., warned in Utility Dive that organizations risk compliance gaps that only surface during formal examinations.
Observability vendors have begun to adapt. Platforms once focused on infrastructure metrics now double as AI auditing tools. They track agent behavior, decision paths, and policy adherence at scale. In regulated sectors or any operation touching EU users, this capability has become non-negotiable.
Financial services institutions feel the pressure acutely. Black-box models complicate traditional IT audits. Bias testing, data integrity checks, and ethical reviews add layers. The American Bankers Association outlined a three-domain approach in February. Governance sets policy. Management handles day-to-day controls. Internal audit provides independent assurance. Mapping AI inventory across the enterprise serves as the essential first move.
Security leaders who act early gain advantage. They map every OAuth token and API key that signals hidden AI integrations. They set explicit rules on which decisions require human approval and revisit those thresholds twice a year. They favor vendors who embed traceability from the start and integrate those logs into central monitoring systems.
The payoff appears in faster, safer scaling. When AI carries clear ownership, recorded actions, and override mechanisms, trust grows. Teams move quicker because they know they can verify and correct course. Trust, but verify. The old security maxim applies with new force.
Challenges persist. Real-time auditing carries computational cost. Some estimates suggest 10 times the inference overhead. Budgets strain. Vendors race to offer audit features, yet many simply wrap large language models in reporting interfaces. Skeptics call parts of the market a grift. CertiK and others push specialized AI auditors for code review, but enterprise needs stretch further.
Still, the direction holds. AI will not retreat. Attackers already use it across every phase of campaigns. Defenders who harness it while maintaining visibility win. A Red Canary report cited in CIO magazine found AI tilts toward defenders when paired with disciplined processes and human guidance. Investigation times drop dramatically in some cases, from over 30 minutes to under two.
The organizations that succeed will treat auditability as operational reality rather than compliance theater. They will log, monitor, explain, and oversee at the pace of agentic systems. They will answer the hard questions before regulators or boards ask them.
Because in the end the test is straightforward. When an AI-driven process produces unexpected harm, can you trace exactly what happened? Security leaders who can say yes without hesitation stand apart. Those who cannot face a future of mounting risk and eroding trust.
WebProNews is an iEntry Publication