How an AI Security Audit Protects Data, Reputation, and Policyholders

Artificial intelligence is moving quickly from pilot projects to everyday use in the insurance sector. Large language models are being embedded in underwriting tools, claims workflows, and productivity platforms. Some carriers are experimenting with more advanced applications such as fine-tuned models and even AI agents that can make proactive decisions. These changes bring efficiency and insight, but they also introduce new categories of risk.

For boards, audit committees, and executives responsible for oversight, the priority is to ensure that AI is deployed responsibly, aligned with regulatory expectations, and supported by controls that protect sensitive data and maintain trust. An AI security audit provides the structure to do this work. In this article, we explore why insurers should consider an audit now, how to prepare effectively, and the areas an audit evaluates to give stakeholders confidence that AI is both secure and well-governed.

Why Insurers Can’t Overlook AI Security Audits

AI adoption in insurance is advancing quickly. It begins with tools embedded in familiar platforms, then moves to systems grounded in proprietary data, followed by models fine-tuned for specific tasks, and finally to autonomous agents capable of managing multi-step processes. Each stage increases reliance on complex systems that interact with core insurance data.

As adoption expands, regulators are publishing expectations. By June 2025, more than 20 jurisdictions had adopted the NAIC’s Model Bulletin on the use of AI, with several states issuing insurance-specific guidance. An audit demonstrates that an insurer is not only implementing safeguards but can also show evidence of oversight when regulators or boards request it.

Equally important, an audit addresses risks unique to large language models. Traditional cybersecurity disciplines such as access control and data protection remain necessary, but they are not sufficient. These models can be manipulated through prompt injection, influenced by tainted training data, or mishandled in ways that expose sensitive information. They can also produce biased outcomes if controls around data governance are weak. An AI security audit evaluates whether safeguards exist to mitigate these challenges.

Preparing for an AI Security Audit

Organizations that approach an audit with preparation gain more than compliance. They also accelerate their ability to use AI effectively. Preparation begins with mapping how and where AI is used. This includes documenting productivity tools, embedded applications, and any systems fine-tuned on internal data. It is also important to understand whether the organization is experimenting with Retrieval Augmented Generation (RAG), which connects a model to proprietary knowledge bases and, when paired with a knowledge graph, allows the model to reason over relationships in your data so answers reflect vetted, internal information.

From there, insurers should inventory the components that support AI systems. This includes user interfaces, model architectures, prompt templates, data pipelines, and the external data sources that feed them. Having this landscape documented helps auditors trace how data moves and where control points exist. Documenting components is not a paperwork exercise. It allows auditors to follow how information enters the system, how prompts are constructed, and where outputs flow.

Scope the audit along two lines: the organization’s overall AI use and the specific systems that incorporate AI. Then anchor the scope with the same questions used in cybersecurity assessments: which assets matter most, where they live logically and physically, what backups exist, and what recent business changes could shift the risk profile. Mergers, new products, or key staff turnover all influence the context in which AI operates.

Finally, preparation means aligning AI efforts with established frameworks. Insurers already use structures such as the NIST Cybersecurity Framework and Center for Internet Security (CIS) Top 18 to guide cybersecurity programs. Johnson Lambert’s cybersecurity assessments map programs to these same frameworks.

A practical pre-audit checklist:

1. Map where AI is used across the enterprise.
2. Inventory components: User interface, model, prompts, data pipelines, data sources.
3. Define scope for both organizational use and specific AI-enabled systems.
4. Anchor scope with asset locations and recent business changes.
5. Align preparation materials to existing frameworks and regulatory requirements.

Core Areas of an AI Security Audit

An AI security audit reviews several dimensions of control, beginning with governance: whether the organization has a framework for mapping, measuring, and managing AI risks. The model lifecycle is another focus, with attention to how datasets are curated, models trained, and validation conducted.

Auditors also examine how securely models are configured and maintained, testing whether protections exist against unauthorized access or leakage of sensitive information. Because large language models are often integrated into broader systems, the audit reviews how those integrations are managed. Authorization decisions must remain outside the model, and authentication must be handled by established mechanisms, not by the AI itself.

Two principles guide secure LLM integrations. First, authorization decisions and enforcement remain outside the model so that policy is applied consistently across applications. Second, the model does not perform authentication; the enterprise’s existing mechanisms do. Treat jailbreaks and prompt injection as plausible in every environment and enforce least-privilege access so any misuse is constrained.

Third-party dependencies are another area of focus. Many insurers rely on vendors for model applications, training data, or integration services. An audit assesses whether contracts and oversight mechanisms are strong enough to reduce supply chain risk. Finally, auditors evaluate monitoring and reporting capabilities, asking whether systems are in place to detect anomalous behavior that might indicate manipulation or failure.

Audit domains at a glance:

• Governance of AI risk mapping, measurement, and management
• Model lifecycle: dataset curation, training, validation
• Secure configuration and maintenance
• LLM integration controls
• Third-party dependencies and supply chain
• Monitoring and reporting for anomalous outputs or behavior

AI control testing should sit on top of your current governance, risk, and compliance stack. Use AI-specific guidance for governance, rely on your existing GRC processes for operational oversight, and apply platform-security standards to the technical implementation. This layered view makes it easier for boards and regulators to understand how AI risks are managed within established lines of defense.

AI Risks Every Insurer Must Anticipate

Insurers face recurring AI risks that are not edge cases but predictable threats. The most common include:

• Data poisoning: malicious data introduced into training or context that corrupts outputs
• Prompt injection: manipulated inputs that force models to reveal information or behave in unintended ways
• Insecure output handling: results accepted without validation or sanitization, creating downstream exposure
• Privacy risks: leakage of sensitive data when safeguards are insufficient
• Model bias: skewed outcomes when datasets are incomplete or unrepresentative

If monitoring is tuned only for infrastructure signals, organizations will miss model-level anomalies. Extending monitoring to detect unusual outputs or behaviors and routing those signals into incident response ensures AI failures or attacks are addressed with the same discipline as other high-impact events.

How Auditors Evaluate Controls

Audit procedures extend beyond policy review. They may include fairness and impact assessments to test for bias, conformity assessments to verify compliance with regulations, and error-rate analysis to uncover disparities in outcomes. Some audits incorporate red-teaming exercises, where specialists attempt to exploit weaknesses or stress-test robustness. Others focus on cyber safety and privacy checks, examining how data is handled and whether confidentiality is preserved. Data quality and governance assessments are also common, ensuring training and validation datasets are accurate, representative, and traceable.

Evaluation methods commonly applied:

• Fairness and impact assessments
• Conformity assessments
• Error-rate analysis
• Red teaming
• Cyber safety and privacy checks
• Data quality and governance assessments

Fairness and impact assessments surface where outcomes vary unexpectedly across populations. Conformity assessments verify attention to regulatory obligations. Error-rate analysis shows where performance degrades under certain conditions. Red teaming exposes weaknesses that do not appear in static reviews. Cyber safety and privacy checks validate whether data handling keeps information secure and confidential. Data quality and governance assessments demonstrate that training, testing, and validation datasets are complete, representative, and traceable through provenance. Together, these methods give a fuller picture of AI risk than any single approach.

The primary deliverable is a findings and recommendations report. This consolidates results across governance, model lifecycle, security, integration, third-party, and monitoring domains, mapped against frameworks like the NIST AI Risk Management Framework and CSA’s AI Model Risk Management guidance. Boards, audit committees, and regulators can use this report to understand both current state and action items.

Extending Cybersecurity Programs to AI

For insurers that have already invested in cybersecurity programs, an AI security audit feels familiar. Johnson Lambert’s approach evaluates people, processes, and technology against requirements like the NYDFS Cybersecurity Regulation, leveraging the NAIC Insurance Data Security Model Law and frameworks including NIST CSF 2.0, CIS Top 18, COBIT, AICPA Trust Services, and COSO. We will also leverage AI specific frameworks like the NIST AI Risk Management framework, Cloud Security Alliance AI Controls Matrix, and the OWASP Top 10 List for LLM and Gen AI. 

An AI audit extends this same discipline into a new risk category. It applies established structures—risk assessments, control testing, and framework mapping—to the distinctive challenges of AI. Just as Johnson Lambert maps cybersecurity programs to frameworks like NIST CSF 2.0 and NYDFS, the AI audit extends those mappings to cover the emerging risks of generative models.

By positioning the AI audit as an extension of the cybersecurity program, leadership sees one integrated approach rather than parallel efforts. This continuity strengthens governance and demonstrates to boards and regulators that AI adoption is being managed with the same rigor as other critical systems.

Taking the Next Step

AI is reshaping insurance operations, and governance must keep pace to ensure its benefits are realized. Regulators are sharpening their expectations, and boards are asking tougher questions about how AI fits into existing risk frameworks. An AI security audit provides a clear answer.

By preparing now through mapping AI use, documenting system components, aligning frameworks, and assessing third-party exposure, insurers can approach audits as an opportunity rather than a hurdle. The result is stronger governance, greater confidence in AI adoption, and assurance that risks are being managed responsibly.

To learn how Johnson Lambert can help your organization scope, prepare for, and conduct an AI security audit, contact us today.