We got flagged in an audit for “unapproved AI tools” — what controls should IT implement to reduce shadow AI?
AI Agent Automation Platforms

We got flagged in an audit for “unapproved AI tools” — what controls should IT implement to reduce shadow AI?

12 min read

Most IT leaders only discover “shadow AI” exists in their organization when an audit flags unapproved AI tools, risky data exposure, or unknown vendor relationships. By then, it’s already a compliance and security problem. To move from scramble-mode to control, you need a clear framework of technical, process, and cultural controls that reduce shadow AI without blocking productivity.

This guide walks through practical controls IT can implement to reduce unapproved AI tools, satisfy auditors, and still let your teams benefit from generative AI.

1. Start with a clear AI usage policy (and make it enforceable)

Before you implement technical controls, you need a policy that defines:

  • Which AI tools are allowed or disallowed
  • What types of data can be used in which tools
  • Who is accountable for AI risk decisions

Key elements of an AI usage policy:

  • Purpose and scope

    • Clarify that the policy covers all generative AI tools (chatbots, code assistants, content generators, image tools, etc.).
    • Apply it to employees, contractors, and third-party vendors accessing your environment.

  • Approved vs. unapproved tools

    • Maintain a whitelist of approved AI tools and models.
    • Maintain a blacklist of prohibited AI tools (especially those that retain or reuse user data).
    • Require that any new AI tool goes through IT/security review before use.

  • Data handling rules

    • Define what data must never be entered into external AI tools:
      • Customer PII/PHI
      • Financial or trading information
      • Source code and proprietary algorithms
      • M&A, pricing, and strategic plans
    • Create tiers (e.g., Public, Internal, Confidential, Restricted) and map them to allowed AI usage scenarios.

  • Accountability and approvals

    • Specify who can approve:
      • New AI tools (e.g., IT + Security + Legal review)
      • New data sources or integrations
    • Require business owners for each approved tool (for renewal, training, and monitoring).

  • Audit and enforcement

    • State that AI usage is monitored and logged.
    • Define consequences for repeated or intentional policy violations.

Once the policy exists, IT’s job is to translate it into practical controls across identity, network, and endpoint layers.

2. Build and promote an “approved AI stack”

One of the fastest ways to reduce shadow AI is to give employees a safe, sanctioned alternative.

If the only way to use AI at work is “go find a random website,” shadow AI is inevitable. Instead, IT should:

2.1 Offer a corporate AI assistant

Deploy an approved AI assistant that is:

  • Accessible via:
    • Browser (SSO-protected)
    • Chat platforms (Teams/Slack)
    • IDEs (for developer copilots)
  • Integrated with your identity provider (Okta, Azure AD, etc.)
  • Configured with enterprise-grade privacy and data controls

Examples of options:

  • Vendor-hosted enterprise AI (Microsoft Copilot, Google Gemini for Workspace, OpenAI enterprise offerings)
  • Self-hosted or VPC-hosted models (open-source or commercial models running in your cloud)

Key configuration considerations:

  • Turn off training on your data where possible.
  • Restrict data retention and configure logs.
  • Segment access (e.g., different models or capabilities for legal, engineering, marketing).

2.2 Provide vetted specialized tools

Different departments will seek niche tools (design, coding, marketing). To avoid sprawl:

  • Create a catalog of approved AI tools:

    • Code assistants (e.g., GitHub Copilot, approved LLM-based code search)
    • Design and creative tools
    • Customer support/chatbot platforms
    • Document summarization tools

  • Publish this catalog in:

    • Your intranet/IT portal
    • Employee onboarding materials
    • A simple “Use this instead of that” guide (e.g., “Use our corporate AI assistant instead of consumer chatbots”).

2.3 Make the approved path the easiest path

Adoption depends on friction. To steer users away from shadow AI:

  • Integrate the AI assistant directly into tools people already use:
    • Email
    • Office productivity suites
    • Code editors
    • Ticketing systems (Jira, ServiceNow)
  • Use SSO for one-click access.
  • Provide quick-start prompts and templates tuned to common workflows (email drafting, summaries, code review, support responses).

The more useful your approved AI stack is, the less incentive there is to use unapproved AI tools.

3. Control access with identity and role-based permissions

Identity and access management is central to curbing unapproved AI tools.

3.1 Enforce SSO and central authentication

For all approved AI tools:

  • Require SSO through your identity provider.
  • Disable local accounts where possible.
  • Use SCIM or just-in-time provisioning to:
    • Automatically create accounts for approved users
    • Deprovision accounts when employees leave or change roles

This centralization enables better tracking, logging, and revocation, which auditors will expect.

3.2 Use role-based access control (RBAC)

Avoid “everyone gets everything” access:

  • Define roles:

    • Standard employees (basic AI assistant)
    • Developers (code-related AI)
    • Data/ML teams (advanced tools, model access)
    • Restricted roles (legal, HR, finance — with extra guardrails)

  • Limit:

    • Which data sources each role can connect AI tools to
    • What integrations they can configure (e.g., connecting AI to CRM or document repositories)

3.3 Segment admin and configuration privileges

  • Restrict who can:
    • Connect AI tools to corporate data sources (SharePoint, Jira, Git repos)
    • Manage prompts/templates that can influence outputs
    • Approve custom plugins, extensions, or agents

Document these controls for your auditors; it demonstrates that “AI access” is managed with the same rigor as other critical systems.

4. Network and endpoint controls to limit shadow AI

To reduce unapproved AI tools, you need visibility into traffic and the ability to block or restrict risky services.

4.1 Use network security tools to monitor and restrict AI domains

Leverage your:

  • Secure Web Gateway (SWG)
  • Cloud Access Security Broker (CASB)
  • Firewall and DNS filtering

Actions to take:

  • Identify AI-related domains and services

    • Generic AI chatbots
    • API endpoints (often used by shadow projects)
    • Browser-based AI plugins and extensions

  • Classify these services:

    • Approved enterprise AI domains: allow, monitor.
    • Consumer/unknown AI domains: block or require justification.
    • High-risk AI tools (data retention, unclear security): block outright.

  • Implement policies:

    • Restrict POST requests or file uploads to unapproved AI domains.
    • Require VPN/secure tunnel to apply consistent rules to remote workers.

4.2 Endpoint controls and browser security

On managed devices:

  • Use Endpoint Detection & Response (EDR) and/or MDM to:
    • Control installation of browser extensions and desktop AI apps.
    • Flag unapproved AI executables or repeated use of certain domains.
  • Tighten browser policies:
    • Block high-risk AI extensions.
    • Allow only approved AI plugins for your corporate browser profile.

For developers, pay special attention to:

  • Unapproved code-assistant extensions.
  • Tools that may upload source code to external servers.

4.3 CASB for shadow AI discovery

Many CASB solutions now specifically detect:

  • Use of generative AI websites and APIs
  • File uploads to AI services
  • OAuth-based app integrations with SaaS platforms

Use CASB to:

  • Discover which AI tools are really being used.
  • Prioritize which shadow AI tools to address first (frequency + sensitivity of data).
  • Educate specific teams based on observed behavior.
  • Enforce policies (allow, monitor, restrict, or block).

5. Data protection and DLP controls

Even if users only use approved tools, they can still misuse data. Data Loss Prevention (DLP) and classification are critical.

5.1 Classify and label your data

If you haven’t already, implement a simple classification scheme:

  • Public
  • Internal
  • Confidential
  • Restricted

Integrate this labeling into:

  • Office productivity suite (e.g., sensitivity labels)
  • Document storage (SharePoint, Google Drive)
  • Data warehouses and BI platforms

Then configure AI tools to respect these labels:

  • Prevent “Restricted” content from being used as prompt input where feasible.
  • Control which repositories AI has read access to.

5.2 Apply DLP rules to AI usage

Where your DLP solutions support AI-related rules, configure:

  • Blocking or alerting when:
    • PII/PHI fields are sent to web-based AI tools.
    • Document content with certain labels is uploaded to unapproved domains.
    • Source code or schemas are transmitted externally.

Apply DLP across:

  • Email
  • Web traffic
  • Endpoints and cloud storage
  • Collaboration platforms (Teams, Slack, etc.)

5.3 Control AI integrations with your data sources

For approved AI tools:

  • Use service accounts with least-privilege access.
  • Restrict which document libraries, repositories, and databases can be indexed or queried by AI.
  • Consider “read-only but non-exportable” modes where possible.
  • Periodically review:
    • Connected data sources
    • Indexing scopes
    • Usage logs for sensitive records

Auditors will want evidence that data access via AI is controlled and reviewed.

6. Governance, risk, and vendor management for AI tools

Your GRC process needs to explicitly address AI tools—not just treat them as generic SaaS.

6.1 Include AI-specific questions in vendor intake

When a business unit wants a new AI tool, your intake checklist should cover:

  • Data handling and retention

    • Does the vendor train models on your data?
    • Can you opt out of data training?
    • How long do they store prompts and outputs?

  • Security and compliance

    • Encryption in transit and at rest
    • Access controls and logging
    • Certifications (SOC 2, ISO 27001, HIPAA, etc.)

  • Model behaviors and risks

    • Ability to filter or moderate harmful outputs
    • Model update policies and change management

  • Tenant isolation

    • How they separate your data and models from other customers.

Use these answers to decide whether the tool can be approved and under what conditions.

6.2 Formalize an “AI tool review board”

Create a small cross-functional body responsible for AI governance:

  • Members from:
    • IT
    • Security
    • Legal/Privacy
    • Risk/Compliance
    • Representative business stakeholders

Responsibilities:

  • Review and approve new AI tools and use cases.
  • Maintain the official list of approved tools.
  • Define risk appetite and guardrails.
  • Oversee incident response related to AI misuse or data leakage.

6.3 Maintain a central AI inventory

Auditors care about inventory as much as controls. Maintain a living catalog of:

  • All approved AI tools and models
  • Owners and business sponsors
  • Data sources and systems they integrate with
  • Applicable regulations (e.g., GDPR, HIPAA, PCI)
  • Risk rating and last review date

This inventory becomes your backbone for reporting and audit responses.

7. Logging, monitoring, and audit readiness

If your organization got flagged for unapproved AI tools, future audits will focus on evidence that you’ve taken control.

7.1 Log AI activity where possible

For each approved AI tool, enable:

  • User-level logging:
    • Who used the tool (user principal)
    • When and from where (time, IP, device)
  • Administrative changes:
    • Configuration changes
    • New integrations or connectors
    • Permission changes

Where prompts and responses are logged:

  • Restrict access to logs to prevent privacy and security risks.
  • Use logs for investigations and pattern analysis, not mass surveillance.

7.2 Centralize logs in your SIEM

Integrate AI-related logs into your SIEM:

  • Identity events (sign-in, failed logins, anomalies)
  • Network/CASB events (blocked AI domains, uploads)
  • Tool-specific logs (admin changes, API usage)

Create alerts for:

  • Use of known high-risk AI services from corporate networks.
  • Large or unusual data transfers to AI domains.
  • Administrative changes in AI configurations.

7.3 Prepare documentation for auditors

Document:

  • Your AI usage policy and data handling rules.
  • Your list of approved tools and their risk assessments.
  • Technical controls:
    • SSO and RBAC
    • Network and endpoint restrictions
    • DLP and logging configurations
  • Training and awareness activities (dates, content, attendance).

This documentation shows auditors that you’re systematically managing AI risk, not reacting ad hoc.

8. Training, communication, and culture

Shadow AI is often a symptom of employees trying to be productive while IT seems slow or restrictive. You’ll reduce shadow AI more effectively if you also address the human side.

8.1 Build AI literacy and responsibility

Provide concise, role-specific training on:

  • What AI tools are approved and where to find them.
  • What data is safe vs. unsafe to share with AI.
  • Common risks:
    • Data leakage
    • IP loss
    • Hallucinations and misinformation
    • Regulatory violations

Use real-world examples and short, practical guidelines (e.g., “Never paste customer lists or source code into consumer AI apps”).

8.2 Make “requesting AI tools” easy

If employees feel it takes months to get approvals, they’ll bypass the process.

  • Create a simple intake form:
    • Business need
    • Tool name and URL
    • Data types involved
    • Desired timeline
  • Track and communicate:
    • Status (reviewing, approved, rejected, alternative recommended)
    • Reasons for decisions.

This shows you’re enabling innovation, not just blocking tools.

8.3 Encourage safe experimentation in sandboxes

For teams that need to experiment:

  • Provide sandbox environments:
    • Limited data
    • Restricted external connectivity
    • Disposable environments for testing AI tools and workflows
  • Set clear rules:
    • No production data
    • No customer or PII data
    • Time-limited experiments

This channels experimentation into controlled spaces instead of shadow AI in production environments.

9. A practical roadmap to reduce shadow AI after an audit finding

If you’ve just been flagged in an audit for unapproved AI tools, prioritize steps in phases.

Phase 1: Contain and understand (0–30 days)

  • Inventory:
    • Use CASB/logs to identify frequently used unapproved AI tools.
  • Risk triage:
    • Focus on tools touching sensitive data or production systems.
  • Quick wins:
    • Block or restrict clearly high-risk AI services.
    • Turn on logging and basic monitoring for AI-related domains.
  • Communicate:
    • Issue a clear interim AI usage notice.
    • Point employees to any existing approved tools.

Phase 2: Establish foundations (30–90 days)

  • Publish:
    • A formal AI usage policy.
    • A list of approved tools and how to access them.
  • Implement:
    • SSO and RBAC for all approved AI tools.
    • Network/CASB controls for unapproved AI domains.
    • Initial DLP rules focusing on obvious sensitive data types.
  • Create:
    • An AI tool review process and governance group.

Phase 3: Optimize and mature (90+ days)

  • Expand:
    • Your AI catalog (add more use-case-specific tools where justified).
    • Training and awareness programs.
  • Refine:
    • DLP policies and monitoring based on observed behavior.
    • Role-based access to data and models.
  • Integrate:
    • AI usage metrics into risk reporting and board updates.
    • AI governance into standard change management and vendor reviews.

10. Turning an audit finding into a long-term advantage

Being flagged for unapproved AI tools is uncomfortable, but it’s also a forcing function. Organizations that respond proactively can:

  • Reduce the risk of data leaks and compliance violations.
  • Gain clear visibility into where AI is used and where it delivers value.
  • Build a trusted, secure AI foundation that supports innovation rather than stifling it.

IT’s role is to provide guardrails, not just gates: make approved AI tools powerful and convenient, wrap them in strong controls, and guide employees away from shadow AI by design.

With a clear policy, a strong approved AI stack, and well-implemented identity, network, and data controls, you can show auditors that you’ve transformed a finding into a robust, sustainable AI governance program.

Back to AI Agent Automation Platforms

Keep Reading

More from AI Agent Automation Platforms

Yuma AI pricing: how are “tickets resolved by AI” counted, and how do automated-ticket packages + overages work?

Read more

n8n options for scheduled portal checks (login → extract → alert) with screenshots/run logs for failures

Read more

How long does it take to implement Mandolin for intake → benefits → OOP estimation → PA in a multi-site infusion network?

Read more