Search papers, labs, and topics across Lattice.
BAIRForensic Bioinformatic ServicesForensic Bioinformatics ServicesMax PlanckWright State UniversityApr 13, 2026arXiv:2604.10875This paper analyzes ASB 018, an audit standard for probabilistic genotyping software used in the US criminal legal system, to assess the standard's effectiveness. Through qualitative analysis of the standard and associated audit reports, the authors identify critical gaps between the standard's goals and actual auditing practices, such as the failure to establish restrictions on software use despite observed failures. These gaps are attributed to design flaws in the standard itself, including vague language and undefined terms, highlighting a broader challenge in AI governance.
AI audit standards can fail to ensure responsible AI practices due to vague requirements and undefined terms, even while appearing compliant.
AI governance efforts increasingly rely on audit standards: agreed-upon practices for conducting audits. However, poorly designed standards can hide and lend credibility to inadequate systems. We explore how an audit standard's design influences its effectiveness through a case study of ASB 018, a standard for auditing probabilistic genotyping software -- software that the U.S. criminal legal system increasingly uses to analyze DNA samples. Through qualitative analysis of ASB 018 and five audit reports, we identify numerous gaps between the standard's desired outcomes and the auditing practices it enables. For instance, ASB 018 envisions that compliant audits establish restrictions on software use based on observed failures. However, audits can comply without establishing such boundaries. We connect these gaps to the design of the standard's requirements such as vague language and undefined terms. We conclude with recommendations for designing audit standards and evaluating their effectiveness.
