, , , ,

AI Governance for CPA Firms: Closing the Gaps Your Current Policies Don’t Cover

By

AI Governance for CPA Firms: Managing Security, Compliance and Ethical Risks

Most CPA firms already have policies for data security, acceptable use, vendor management, incident response and client confidentiality. Many also have a Written Information Security Plan, or WISP, that outlines how the firm protects sensitive client and taxpayer information.

The challenge is that AI is creating situations those policies may not clearly address. As staff members use tools like Claude, ChatGPT, Microsoft Copilot and AI-enabled features inside tax, audit and workflow platforms, firms need to understand where existing controls still apply, where they need to be clarified and where new guidance is required.

Why existing policies may not be enough for AI

Existing policies often explain how employees should protect data, use approved systems and follow firm security practices. What they may not explain is how those rules apply when someone summarizes a client email thread in an AI assistant, uses Copilot to search internal files or turns on an AI feature inside a platform the firm already uses.

A practical way to evaluate the gap is to look at the policies the firm already has and ask whether they answer today’s AI-specific questions.

Existing policy areaAI question it may not answer
Acceptable useWhich AI tools are approved, restricted or prohibited?
Data securityWhat client or taxpayer information can never be entered into an AI tool?
Vendor managementDo AI features inside existing platforms need a separate review?
Microsoft 365 accessAre SharePoint, OneDrive and Teams permissions ready for broader Copilot use?
Incident responseWhat happens if client data is entered into an unapproved AI tool?
Review standardsWhat AI-assisted work requires human review before it reaches a client?

Protecting taxpayer data is already a legal and business obligation for tax professionals, so AI governance should connect back to how the firm protects client information across systems, vendors and workflows.

The goal is not to create a disconnected AI policy that lives somewhere else. The goal is to close the gaps between existing policies and the way AI is now being used in real client work.

Not every AI tool creates the same governance problem

CPA firms should avoid treating every AI tool as if it creates the same risk. Claude, ChatGPT, Microsoft Copilot, AI research tools and embedded vendor features all raise different governance questions.

For standalone AI assistants, the issue is often account type and data handling. A firm-approved business workspace creates a different risk profile than an employee using a personal or free account. Before employees use tools like Claude or ChatGPT for work, the firm should understand what version is approved, how data is handled, what administrative controls are available and what review expectations remain in place.

Microsoft Copilot creates a different question because it works within the firm’s Microsoft 365 environment. If a user already has access to files in SharePoint, OneDrive or Teams, Copilot may be able to surface that information in response to prompts. That makes permission cleanup, access reviews and data governance part of the AI governance conversation.

CPA-specific tools need their own review as well. Tax research, audit, document management, workflow, client intake and practice management platforms may already be trusted by the firm, but new AI features still need to be evaluated before they are enabled. The firm should understand what data the feature uses, whether information is sent to an external model, how outputs are validated and what documentation the vendor can provide.

Client data and human review need clearer rules

Client data rules need to be clear enough for staff to apply without pausing to interpret policy language in the middle of a deadline. Broad phrases like “do not share confidential information” may be technically correct, but they are often too vague to guide real behavior.

For a CPA firm, the clearest guidance usually comes from naming the types of information that are off-limits in unapproved AI tools. That includes taxpayer identification numbers, bank account information, tax returns, workpapers, source documents, financial statements, payroll records, confidential client communications, portal credentials and internal security documentation.

Just as important, firms need to define where AI can assist and where professional judgment cannot be delegated. AI may help draft a summary, organize notes, identify themes or create a first-pass explanation, but a qualified person still needs to verify accuracy, context, source material and client suitability before the output is used.

How AI connects back to WISP and cybersecurity compliance

AI governance should connect to the same client-data protection expectations CPA firms already manage through their WISP, vendor oversight, access controls, training and incident response planning. The point is not to rewrite the firm’s entire security program around AI. The point is to make sure AI-related risks are not sitting outside it.

Existing security programs already require firms to think through access, risk assessment, vendor oversight, incident response and the safeguards needed to protect customer information. AI adds new places where those same controls need to show up.

For example, if the firm’s WISP addresses vendor management, the AI governance question is whether AI vendors and AI-enabled vendor features are included in that review process. If the WISP addresses incident response, the question is whether the firm knows what happens if client information is entered into an unapproved AI tool. If the firm has access control requirements, the question is whether those controls are strong enough for Copilot, workflow automation and AI-assisted search.

A practical AI governance approach should help firms identify, evaluate and revisit AI-related risk as tools and use cases change. The NIST AI Risk Management Framework offers one useful reference point for thinking about how organizations can manage AI risk in a more repeatable way.

A practical place to start

Firms do not need to solve every AI governance issue at once. They do need to identify where existing policies are silent, inconsistent or too vague to guide real behavior.

A focused review should start with a few practical questions:

  • Do we know which AI tools staff are already using?
  • Have we defined which tools are approved, restricted or prohibited?
  • Do we distinguish between personal accounts and firm-approved business workspaces?
  • Have we clarified what client data can never be entered into unapproved AI tools?
  • Have we reviewed Microsoft 365 permissions before expanding Copilot use?
  • Do AI features inside existing vendor platforms go through review before being enabled?
  • Have we defined which AI-assisted outputs require human review?
  • Does our incident response plan account for AI-related data exposure?
  • Could we explain our AI governance approach to a client, insurer or regulator if asked?

The answers will vary by firm, but the review itself is valuable. It helps leadership see whether AI use is being managed intentionally or whether decisions are happening through assumptions, exceptions and workarounds.

Building AI governance that fits the way CPA firms work

The next step is not necessarily a longer policy. In many cases, the better starting point is to update the policies and processes the firm already uses so AI fits into them more clearly.

That might mean adding AI-specific language to acceptable-use policies, updating vendor review checklists, clarifying data-handling rules, reviewing Microsoft 365 permissions, defining human review standards or adding AI scenarios to staff training. It may also mean documenting how AI-related incidents should be escalated if client or firm data is exposed.

AI governance will keep changing because the tools will keep changing. CPA firms need a governance approach that is practical enough to use and flexible enough to revisit.

Netgain helps CPA firms evaluate those gaps across Microsoft 365 security, access controls, data protection, vendor risk, cybersecurity monitoring, WISP alignment and operational workflows. A focused review can help clarify where current policies still work, where they need to be updated and where stronger controls may be needed as AI use expands.