<![CDATA[Technological advances, particularly in Artificial Intelligence (AI), are accelerating digital transformation while increasing system complexity and exposure to sophisticated cyber threats. These developments challenge traditional cybersecurity audit approaches, which are largely periodic, retrospective, and focused on binary control checks. In response, the adoption of generative AI (GenAI) and predictive AI (PredAI) in cybersecurity auditing is becoming increasingly important. Although AI can improve audit intelligence, scalability, timeliness, and effectiveness, its use also raises concerns about transparency, governance, and auditor independence. This study employed a two-stage methodology. First, a systematic literature review following PRISMA examined studies published between 2021 and 2026, yielding 36 eligible articles. The review found that hybrid AI approaches dominate the literature (58.3%), followed by GenAI (25.0%) and PredAI (16.7%). Despite this growing interest, the literature gives limited attention to risk-based auditing approaches that move beyond binary control confirmation toward context-aware, intelligence-driven cyber risk assessment. Second, using Design Science Research, the study developed the conceptual Anti-Sheriff cybersecurity auditing model. The model shifts auditing from compliance-driven enforcement to intelligence-supported risk governance, enabling continuous auditing, better risk prioritisation, and stronger organisational cyber resilience.]]>
Copyrights © 2026
