4.1 Project management and governance

Effective project management and governance are essential foundations for the successful development and deployment of AI systems in the public sector.

The audit of AI project management and governance focuses on organisational oversight rather than technical performance. It is conducted at the governance level, drawing primarily on document reviews and interviews, and does not involve direct testing of the AI system.

Auditors should begin by considering the size and structure of the organisation under review, as these factors influence governance arrangements and the extent of available documentation. Larger organisations may have established AI strategies and principles, while smaller entities may manage AI projects more informally. Where documentation is limited, interviews can provide valuable insights into project management practices. At a minimum, auditors should expect to see evidence of key governance components, as outlined in the Expected controls subsections.

4.1.1 AI project proposal

Understanding the origins and objectives of an AI project is a critical first step. Most organisations require a project proposal to be approved before work begins, although the level of formality may vary. A robust proposal should set out:

  • The aims and objectives of the project.
  • The intended scope and deliverables.
  • Performance indicators and success criteria.
  • An assessment of prerequisites, such as data availability and relevant expertise.
  • A cost-benefit analysis.
  • Identification of key stakeholders.
  • An evaluation of suitable technologies.
  • Arrangements for managing the AI system throughout its lifecycle.

For AI systems, assessing prerequisites such as available data and expertise, and developing a clear understanding of the technology’s potential and restrictions, often requires collaboration between technical and domain experts at the earliest stages.

Even in agile projects, where plans may evolve, it is important to define objectives, requirements, and performance indicators at the outset.

Where internal AI policies exist, project plans should reference these to ensure alignment with organisational governance principles, including for purchased or externally developed systems.

For complex or high-cost projects, a proof of concept can help test feasibility and reduce the risk of poor outcomes. This should assess both technical performance and the ability to meet functional requirements. AI projects above a certain scale may lead to additional regulatory requirements regarding feasibility studies and documentation.

An AI system should demonstrate clear, measurable benefits compared with conventional approaches to justify its complexity, cost, and associated risks. While deep-learning models remain widely used, they often involve costs that are not immediately apparent. For example, training or fine-tuning deep-learning models typically requires specialised hardware such as graphics processing units (GPUs), which may be deployed on-premises or rented from cloud platforms. On-premises deployment requires significant investment in hardware, energy, and cooling, with the added risk of obsolescence over time. Cloud-based deployment usually follows a pay-as-you-go pricing model, charging by the hour for training and inference workloads. Costs can escalate quickly depending on the duration and intensity of these processes.

Despite these challenges, AI systems may deliver substantial benefits. These include improved efficiency and productivity through task automation, reduced human error, and enhanced innovation. For instance, machine learning models can identify patterns and connections that are not immediately obvious to humans, accelerating processes such as drug discovery or large-scale data analysis. AI can also strengthen cybersecurity and optimise energy systems, including power plant design and grid reliability. In the public sector, AI offers opportunities for more efficient administration and personalised services at lower cost.

Auditors should verify that a thorough cost-benefit analysis has been conducted before project implementation, particularly for foundation models and LLMs where consumption-based pricing can create significant ongoing expenses. A cost-benefit analysis should include:

  • Definition of goals the audited body is looking to achieve with the AI system and associated key performance indicators (KPIs).
  • Comparative evaluation against current systems and feasible alternatives, considering performance, cost, and business impact. This should include analysis of model accuracy and error-related costs, development and maintenance expenses, and potential savings. Reliable results should be based on robust testing methods such as historical data comparisons, pilot studies, or A/B testing.
  • Translation of technical performance into business-relevant value (financial, operational, strategic).
  • Identification of hidden and lifecycle costs, including environmental impact.
  • Analysis of token/API costs for foundation models and their impact on long-term viability.
  • Measurement of productivity improvements and indicators of “AI for its own sake”.
  • Lifecycle maintenance cost projections, including end-of-life considerations.
  • Assessment of legal, compliance, and opportunity costs.

4.1.1.1 Risks to consider

  • Adopting AI solutions without clear added value or suitability.
  • Inadequate evaluation of alternative approaches, such as analytical or rules-based.
  • Limited technical understanding among management, or insufficient awareness of operational realities within technical teams, can result in poor communication and unrealistic expectations.
  • Feasibility has not been verified through a proof of concept.
  • Undefined objectives or performance indicators.
  • Failure to align with internal AI governance principles.
  • Excessive computing costs, such as hardware, energy or cloud-charges, arising from the use of unnecessarily complex models.
  • High token or API costs from LLM usage where simpler models would suffice.

4.1.1.2 Expected controls

  • Early and ongoing stakeholder engagement. Mechanisms include collaborative workshops, citizen assemblies or public consultations.
  • Well-defined problem statements and agreed assumptions.
  • Joint development of project objectives and the AI project plan with the project owner and relevant stakeholders to ensure feasibility and shared understanding.
  • Clear traceability from objectives to technical and functional requirements, which are well documented and translated into model requirements that can be measured and monitored.
  • Definition of indicators to measure the added value of the AI system from the outset, ensuring benefits can be assessed throughout the lifecycle.
  • Documented cost-benefit analysis, risk analysis and technology recommendations.
  • Proof of concept for larger projects.
  • Consideration of environmental impact before deployment.
  • Mapping of the AI project to the institution’s AI strategy and/or guidelines, where applicable.

4.1.2 Jurisdiction-specific legal and ethical requirements

AI projects often engage a broader range of legal and ethical considerations than traditional IT systems, particularly where systems are complex, autonomous, or impact individuals directly. The relevance of specific regulations depends on factors such as the use of personal data, the degree of automation, and the intended users and purposes of the system. For example, AI systems that simply support internal processes and do not directly affect citizens may require less intensive audit scrutiny on ethical issues than automated decision-making systems that have a direct or indirect impact on individuals.

While many laws and regulations are technology-agnostic, translating principles such as anti-discrimination and privacy into technical requirements can be challenging. Standards for interpreting legal concepts, such as discrimination in the context of algorithms, and translating them to technical requirements are still evolving.59 Auditors should confirm that project teams include sufficient legal expertise and that internal guidelines address ethical use and legal risks. The evaluation of relevant laws and regulations should cover both normal operation and potential side effects, including those arising from model imperfections or malfunctions.

These challenges are partly mitigated by AI-specific regulations now being developed and implemented in many jurisdictions (see Section 3). For example, the EU AI Act, as a product safety regulation, contains more technical detail than fundamental rights legislation. This enables it to link legal requirements to technical specifications based on the characteristics of the AI system. While this can help developers embed ethical principles in practice, it also requires careful evaluation of the regulation’s applicability. Developers may seek to avoid obligations by exploiting ambiguities or exemptions in the regulation’s scope, such as classification rules, risk levels, or operator categories.

When using external services or models, organisations should assess legal and ethical implications, including compliance with local laws and the provenance of training data. External models may have been developed in ways that breach local regulations or raise ethical concerns, such as potential violations of intellectual property rights during the training of LLMs. Organisations should also consider the long-term risks of relying on foreign suppliers or externally developed models. In addition, regulations may restrict the physical location of hosted services, and these constraints can change over time – as illustrated by legislative changes to cross-border data transfers between the EU and the US following the Schrems I and II cases.

4.1.2.1 Risks to consider

  • Insufficient knowledge of or attention to legal and ethical requirements.
  • Violation of data protection or anti-discrimination laws.
  • Late or missing evaluation of regulatory frameworks can lead to project delays, increased costs or stopped projects.
  • Circumvention of regulatory requirements through tactics such as downplaying or artificially constraining an AI system’s functionality, mislabelling of the AI system or project type, or similar techniques to avoid compliance.
  • Lack of awareness of the legal or ethical risks associated with the development of external models or the physical location of external services.
  • Uncertainty in the long-term feasibility of using services from foreign suppliers.

4.1.2.2 Expected controls

  • Interdisciplinary project teams with legal, technical, and domain expertise.
  • Internal guidelines on ethical AI use and associated legal risks.
  • Comprehensive evaluation of relevant laws and regulations.
  • Analysis of legal and ethical implications when using external services or models

4.1.3 AI lifecycle management

Comprehensive lifecycle management ensures that AI projects are planned and supported from inception to decommissioning. This includes:

  • Defining the purpose, boundaries, and limitations of the AI application.
  • Planning for design, development, quality assurance, deployment, maintenance, updates, and eventual decommissioning.
  • Embedding ethical principles – such as data protection, transparency, and non-discrimination – throughout the lifecycle (“Ethical AI by Design”).
  • For purchased or outsourced systems, ensuring that lifecycle management covers procurement, contract management, and alignment with local governance principles.

4.1.3.1 Risks to consider

  • Unclear roles and responsibilities within the auditee organisation for all project phases, leading to delays or reduced functionality.
  • Insufficient safeguarding of ethical principles if these are not implemented by design in the whole AI lifecycle.
  • Insufficient capability to support the AI system over its lifecycle, including maintenance, updates, and incident management.
  • Limited transparency and control when development, infrastructure, or components are outsourced, leading to:
    • Inadequate information for informed decisions or to ensure auditability;
    • Unclear roles and responsibilities, increasing risks and hindering incident response or failure analysis; and
    • Performance continuity issues in fast-changing environments, where underlying models or platforms are frequently updated without auditee control.
  • Purchased or externally developed systems without long-term support, combined with a lack of in-house expertise, can result in declining performance and heightened security risks.

4.1.3.2 Expected controls

  • A documented lifecycle plan covering roles60, responsibilities, timelines, and resources.
  • Ethical principles embedded by design.
  • For purchased or partially outsourced development, measures should ensure the auditee retains sufficient control over AI usage, including:
    • Comprehensive documentation that clearly defines the roles and responsibilities of both the auditee and the external provider; and
    • Where relevant, service level agreements (SLAs) that guarantee ongoing support and provide adequate control over external infrastructure or services, ensuring effective incident management and failure analysis.
  • An agreed quality assurance plan aligned with project objectives and associated technical and functional requirements.

4.1.4 AI risk assessment

AI systems introduce risks that may not be fully addressed by traditional risk management frameworks. As the technology evolves, so too does our understanding of the risks it presents. Many of these risks stem from the way AI systems learn from data, and from the limited transparency and control over the patterns they identify. For example, AI can unintentionally reinforce existing inequalities, expose confidential information embedded in training data, or be manipulated through adversarial techniques. These risks are heightened when organisations use externally developed foundation models, where the training data and safeguards may be unclear.

When auditing general AI management at the auditee organisation, auditors should consider whether the organisation’s risk management framework has been updated to reflect AI-specific concerns. At the project level, the nature and severity of AI-related risks will vary depending on the application. Key areas of concern include security, fairness, transparency, and explainability, each of which is explored in more detail elsewhere in the relevant sections of Section 4.4.

A central question for auditors is whether the organisation has conducted a risk analysis that explicitly considers the unique risks associated with AI. This analysis should address not only project risks, but also potential impacts on individuals and society.

4.1.4.1 Risks to consider

  • Standard risk assessments may overlook AI-specific risks.
  • Operational, technical, and social risks arising from AI may not be fully identified, communicated, or mitigated.

4.1.4.2 Expected controls

  • Where relevant, assess ethical considerations as well as traditional project and safety risks.
  • Include risks linked to reliance on external infrastructure or models.
  • When using externally developed or open-source models, consider safety risks from malicious actors, such as the introduction of backdoors or issues with model alignment.
  • Consider established AI risk management frameworks61 and guidelines for legally required assessments62 to help identify and address AI-specific risks, even where not mandated by law.
  • Develop strategic intelligence to anticipate disruptions and manage emerging risks, using tools such as horizon scanning and scenario analysis.63
  • Consider and compare risks of alternative approaches during project proposal and model selection (see Section 4.1.1 and 4.3).
  • Systematically map potential harms across critical domains (such as healthcare or law enforcement), and use standardised scales to assess the severity of impacts, including those related to misinformation, security, discrimination, and socioeconomic disruption.
  • Documentation review for risk assessment:
    • Review technical documentation, including coding languages, platform versions, model artefacts, and the history of prompt and generation settings for generative AI.
    • Verify compliance with privacy laws, ethical guidelines, and internal AI policies.
    • Assess quality controls, including documentation of MLOps/LLMOps processes, red-teaming activities, and monitoring dashboards (see Section @(ModelDevelopment)).
    • Ensure explicit documentation of any underlying assumptions made during AI evaluations.

  1. A comprehensive overview of practical implications of AI principles, including generative AI and pointing out research gaps, can be found in: Oesterling, A. et. Al. (2024) Operationalizing the Blueprint for an AI Bill of Rights: Recommendations for Practitioners, Researchers, and Policy Makers.↩︎

  2. See Appendix 5 for a list of possible roles.↩︎

  3. For example, National Institute of Standards and Technology. (2023). Artificial Intelligence Risk Management Framework (AI RMF), or the IBM AI Risk Atlas: F. Bagehorn et al. (2025) AI Risk Atlas: Taxonomy and Tooling for Navigating AI Risks and Resources.↩︎

  4. For example, guidelines for when and how to perform a data protection impact assessment (as required by GDPR in the EU), have emerged on both international and national levels. We expect similar guidelines to emerge for fundamental rights impact assessments, as required in some cases by the EU AI Act.↩︎

  5. OECD (2024), “Framework for Anticipatory Governance of Emerging Technologies”, OECD Science, Technology and Industry Policy Papers, No. 165, OECD Publishing, Paris.↩︎