Grant Thornton AI Risk Advisory

Chicago, United States

Board-level AI governance oversight, internal audit advisory, and NIST AI RMF application Grant Thornton's Risk Advisory practice advises boards, audit committees, and management on AI governance, risk management, and responsible AI programs. The firm publishes guidance on applying NIST AI RMF to generative AI, assists organizations in building enterprise-wide AI risk strategies, and helps internal audit functions develop AI-specific audit approaches. Key practice leaders include Vikrant Rai (Cybersecurity and AI risk) and Will Whatton (Technology Modernization and AI data capabilities). **Notable work:** Published 'How to apply the NIST risk framework to GenAI' (2024); hosted 'Governing AI with Confidence' webinar for audit and risk leaders (March 2026); published 'Seven AI questions used by leading boards'