AI audit standards are coming. Here is how to be ready before they land.

What is actually happening

In early March 2026, Accounting Today reported that the AICPA Auditing Standards Board, the body that writes US auditing standards, is planning a slate of future projects. One of them is evaluating guidance to help auditors use generative and agentic AI and data-analytics tools appropriately in their work.

Read that carefully, because the wording matters. The ASB is not banning AI in the audit. It is studying how to set expectations for using it well. That is the normal way a profession absorbs a new tool. First practitioners adopt it informally, then the standard setters catch up and put rails around it.

Around the same time, in January 2026, The CPA Journal published a piece titled "How to Audit AI." The two threads are related but distinct. One is about auditing the AI systems your clients run. The other is about how you, the auditor, may use AI in your own procedures. Both signal the same direction. AI in assurance work is now a governance question, not just a productivity one.

It also tells you the conversation has moved past whether auditors should touch AI. The fact that the body responsible for US auditing standards is allocating project time to this means the question is now how, not if. When a standard setter starts that work, it is usually because adoption on the ground has already outrun the existing guidance. The tools are in the field. The rulebook is catching up to them. That is the situation you are operating in right now, and it is worth naming plainly so you can plan around it.

What the timeline really looks like

Here is the part to be precise about, because it is easy to overstate. No formal timeline has been announced. The ASB has said this is on its list of future projects, not that an exposure draft is imminent. Related reporting suggests a draft for comment could land by the end of 2026, but that is a projection, not a commitment.

So the honest framing is this. A standard is probably coming, the rough window is sometime after late 2026, and the exact requirements are unknown. That is not a reason to wait. It is a reason to get your habits in order while you still have the slack to do it calmly.

Standards work this way on purpose. There is a comment period, then a final document, then an effective date that is usually a year or more out. The firms that struggle are never the ones who saw it coming. They are the ones who were already using AI on engagements with no record of how, and suddenly have to reconstruct it.

There is also a quieter risk in waiting. Once a draft is out for comment, the expectation in the profession tends to shift even before the rule is final. Peer reviewers read the direction of travel. Clients read the headlines. If you are still using AI with no documentation when the comment period opens, you are behind a curve everyone else can already see. The cheap insurance is to act in the gap, while there is no deadline pressing on you and no one watching how you got there.

How to use AI in audit work defensibly today

You do not need the final standard to know what it will reward, because good documentation discipline does not change with the technology. Whatever the ASB eventually writes, it will almost certainly expect you to show your judgment. So build that now.

• Record the procedure, not just the result. If you used a tool to scan a population, sample journal entries, or summarize a contract, note what you asked it to do and what it returned. A conclusion with no visible method is the thing reviewers flag.
• Keep the human checkpoint explicit. AI can flag the eighty entries worth a second look. You decide which ones matter and why. Write down that you reviewed the output and what you did with it. The judgment has to be yours and it has to be visible.
• Treat tool output as evidence to corroborate, not accept. A summary that looks authoritative can still be wrong. Tie anything material back to the source document or the underlying number before you rely on it.
• Note the tool and its limits. Which system, what it is good at, where it tends to miss. A reviewer who knows you understood the tool's weaknesses will trust the work more than one who sees a black box.

None of this requires the standard to exist. It is the same skepticism and documentation you already owe under existing audit standards. AI just raises the stakes, because the output is faster and more convincing, which makes an unchecked draft easier to wave through.

A useful test is to imagine a reviewer sitting across from you a year from now, after the ASB has published whatever it publishes, asking you to walk through one AI assisted step on an engagement you ran today. Could you show what the tool did, what you checked, and why you stood behind the result? If the answer is yes, you are already meeting the spirit of a rule that does not exist yet. If the answer is no, that is the gap to close, and it costs almost nothing to close it now versus reconstructing it under review later. The discipline scales down too. You do not need a firm wide policy to start. One auditor, on one engagement, writing two extra sentences about how a tool was used and checked, is the whole habit in miniature.

The boundary, and where to go for the hands on part

This briefing is deliberately about standards readiness, not about which buttons to press during fieldwork. If you want the practical, repeatable workflow side, that lives elsewhere on purpose. For the day to day system, the CPA close-week AI system walks through building AI into a recurring close, and the AI tools accountants actually use covers what to reach for and what to skip.

The split is intentional. Those pages help you move faster. This one helps you stay defensible while you do it. You want both, in that order: a workflow that saves time, and a record that holds up if a reviewer, a peer, or a future standard asks how you got there.

If you only have time for one move this quarter, make it the documentation habit, because it is the part with no substitute. You can adopt a faster tool any time. You cannot retroactively create the paper trail for an engagement you already signed off without one. Pick a single recurring procedure where you already lean on AI, write down the method once, and reuse that template. The cost is a paragraph. The protection is a defensible record on every engagement it touches, ready for whatever the ASB eventually asks.

The skill under the standard

Standards come and standards change. The thing that survives every revision is a working method: where AI belongs in the engagement, where it does not, and how to keep your own professional judgment in front of its output and on paper. That habit is what makes a new rule a formality for you instead of a fire drill.

If you want the structured version of that method, Claude AI for Accountants teaches it for working CPAs and finance professionals, and the two minute course quiz will point you to the right starting place for your role.