| Subject: | “Artificial Intelligence – Governance, Data protection & Ethical Risks. Implications for Internal Auditing” |
| Date: | Monday, 15 December 2025 |
| Time: | 9:00 to 13:00 |
| Venue: | Cleopatra Hotel, Nicosia |
| Language: | English |
| CPE Points (Continuous Professional Education): | 4 CPEs |
| Instructors: | Mr. Gionata Ponti (BSc, MSc) |
| Outline: |  Seminar Outline |
| Registration Form: | Seminar Participation |
Seminar Outline
1) SESSION 1 — AI Essentials for Internal Auditors
1. Introduction & Objectives
– Why AI matters for internal audit – New regulatory landscape: AI Act, ISO 42001
– Overview of seminar structure
2. AI Fundamentals
– What AI is (ML, LLMs, agents, automation vs AI) – Data foundations: data types, quality, risks – Key AI limitations: bias, hallucinations, explainability, drift – Typical organizational weaknesses (shadow AI, uncontrolled tools)
3. Implications for Internal Audit
– How AI changes risk profiles – Audit responsibilities – Key AI red flags
Case Study #1 — Biased Hiring Model
2) SESSION 2 — AI Governance & Risk
1. ISO 42001 Overview
– Purpose and structure (PDCA, clauses 4–10) – Governance, documentation, accountability – Why ISO 42001 concerns internal auditors
2. AI Risks & Safety
– Prompt injection & jailbreaking – Model misuse & harmful outputs – Security, privacy, data leakage – Drift and monitoring Case Study #2 — Shadow AI in a Bank
3. Regulatory Landscape
– AI Act (risk categories & obligations) – ISO 42001 vs NIST AI RMF – Evidence auditors should request
3) SESSION 3 — Internal Audit and AI Systems
1.Using AI for Risk Assessment & Risk Sensing
– Identifying emerging risks with GenAI tools – Continuous risk intelligence using AI-based analysis
2. Automating Sampling & Testing with ML
– AI-driven anomaly detection – ML-based transaction sampling and stratification – Practical examples from banking and government
3. NLP for Contract & Policy Review
– AI-assisted extraction of key clauses – Summarization and deviation analysis – Reducing manual review effort
4. Practical GenAI Applications for Internal Audit
– Drafting audit programs – Summarizing interviews – Preparing working papers – Enhancing root cause analysis – Accelerating documentation & reporting
Case Study #3 — Real Examples from Banking, Insurance & Government
– Fraud detection with ML models – Using AI tools for control testing – Continuous auditing & monitoring examples
4) SESSION 4 — Practical Case Studies & Applied Governance
Case Study #4 — Municipal Microloan Risk Assessor
Case Study #5 — Public Chatbot Red-Team Failures
3. Ethical & Data Protection Considerations for Internal Audit (15 min) – Privacy risks, transparency, fairness – Data lifecycle responsibilities – Knowing when to escalate AI-related concerns
4. Q&A & Conclusion
Trainer: Mr. Gionata Ponti
Software Team Leader with 9+ years of experience in IT/OT integration, digital transformation, and compliance across the pharmaceutical, manufacturing, and
packaging sectors. Skilled in risk management, data integrity, and control assurance within highly regulated environments.
Currently pursuing the Swiss Federal Diploma – AI Business Specialist, with a focus on AI strategy, innovation, and data governance. Passionate about bridging technology and business assurance, applying robust analytical and control frameworks to emerging technologies such as automation and artificial intelligence.
Strong background in GMP, GAMP, CSV, automation, and process optimization. Experienced in leading cross-functional teams and aligning technology, governance, and audit objectives to deliver measurable business value