Audit-Ready Test Artefacts

1 The Hook

Taurangi Wealth, a fictional NZ financial services firm, ran an AI that recommended investments to retail customers. A customer complained to the FMA that the recommendations were unsuitable, and the FMA opened a review. They asked the firm to demonstrate how the system had been tested.

The QA lead was not worried at first. Testing had been done — there were hundreds of test results sitting in Jira, all marked passed. She pulled them up and shared them.

Then the auditor started asking questions. Which AI risks did your test plan address? Fair question — she had no risk register to point to. What test level was each of these? They were just labelled “test 1”, “test 2”. What technique did this one use — was it a fairness test, a performance test, a data test? The Jira tickets did not say. Can you show me the traceability from each test case to a specific risk in the system? There was no traceability, because there were no documented risks. Who reviewed this result, and on what basis did they sign it off? The ticket just said “Pass”.

The testing was real. The documentation was not audit-ready. From the regulator’s seat, a pile of passed tickets with no risk linkage, no test levels, no technique tags, and no decision rationale is almost indistinguishable from no testing at all — because there is no way to verify that what was tested actually covered the risks that mattered.

This lesson is about the half of 42119 that teams forget: the standard specifies not only what to test but how to document it. An audit-ready artefact carries enough metadata for a regulator to understand what was tested, why, against which risk, and what was decided. This lesson shows you exactly what those artefacts look like.

2 The Rule

3 The Analogy

4 The Mandatory Test Case Fields

A 42119 test case carries metadata a traditional test case does not. These are the fields that let an auditor read a single test case and understand its place in the whole effort:

Compare a traditional test case — ID, description, steps, expected result, pass/fail — against that list. The traditional case answers “did it pass?” The 42119 case also answers “which risk did this protect against, at which level, using which technique, decided by whom, and where is the proof?” Those extra fields are exactly the questions the Taurangi Wealth auditor asked and the QA lead could not answer.

5 What 42119 Requires in a Test Plan

The test plan is where coverage is justified. Under 42119 an AI test plan must make explicit:

• A risk register reference: the plan points to the AI risk register (Lesson 1) and shows that every significant risk has test coverage.
• The AI-specific test types included: which of data, model, fairness, drift, and explainability testing are in scope — and, importantly, which are deliberately out of scope and why.
• Coverage rationale: why this set of tests, at these depths, adequately addresses the risks — the link from risk severity to test effort.
• Lifecycle phase covered: which phases (design, development, deployment, post-deployment) the plan addresses, so it is clear that, for example, drift testing is scheduled for production and not assumed done at go-live.

The thread running through all of this is the risk register. A 42119 test plan is, in essence, an argument that the testing covers the registered risks adequately — and the artefacts are the evidence backing the argument.

6 The Test Summary Report Under 42119

The summary report is what an auditor or executive actually reads. It translates a cycle of AI testing into a verifiable account. A 42119-aligned summary report section covers:

• Test scope: what was tested this cycle — which model version, which lifecycle phase, which data.
• AI test types executed: the specific 42119 techniques run, not just “testing was done”.
• Risks addressed: which numbered risks from the register this cycle covered.
• Coverage achieved: what proportion of in-scope risks were tested, and to what depth.
• Open risks: what was not covered, or covered with reservations — stated plainly, because hiding open risk is what gets organisations in trouble with regulators.
• Sign-off recommendation: a clear, evidenced recommendation — proceed, proceed with mitigations, or do not proceed — with the rationale.

7 Traceability in AI Testing — To Risks, Not Just Requirements

In traditional testing, traceability usually runs test case → requirement: every requirement has a test, every test traces to a requirement. That still applies. But AI testing adds a second, more important thread: test case → risk.

Why the shift matters: many AI failures are not violations of a written requirement. No requirement said “the model must not under-perform for South Auckland” — yet that was the failure. The Revenue Analytics Unit had no requirement that was breached; it had an unmanaged risk. Requirements-only traceability would have shown full coverage while the real exposure went untested.

So 42119 traceability connects each test case to the AI risk register. When the auditor asks “which risks did your testing address?” — the Taurangi Wealth question — risk-based traceability is the answer. You can show, risk by risk, which test cases covered it, at which level, with which technique, and what the result was. Requirements traceability alone cannot answer that question, because the most dangerous AI failures live in the gap between “what we specified” and “what could go wrong.”

8 Evidence Requirements by Test Type

“Evidence” means different things for different AI test types. What you point the auditor at depends on what you tested:

The common thread: evidence is the underlying measurement, reproducible and dated — never a sentence asserting that something was fine. “Fairness was checked” is not evidence; the per-group table with the tolerance and the reviewer sign-off is.

9 The NZ Audit Context

This is not abstract for NZ organisations. Several regulators and frameworks make 42119-style documentation a practical necessity, not a nice-to-have.

The pattern across all three: if an AI system makes or shapes a consequential decision about a person, someone with authority can ask you to show how you tested it — and “the tests passed in Jira” is not an answer. 42119 artefacts are.

10 Common Mistakes

11 Now You Try

Three graded exercises on building audit-ready artefacts. Write your answer, run it for AI feedback, then compare to the model answer.

Missing 42119-required fields:

1. Risk category — which AI failure mode (data/model/fairness/explainability/drift) does this address? Without it, the auditor can't group coverage by risk.

2. Test level — is this data, model, system, or integration testing? Confirms testing happened at the right layer.

3. AI technique type — which specific 42119 test type? "Check it gives sensible decisions" names no technique (is it performance? fairness? explainability?).

4. Traceability reference — which numbered risk in the register does this protect against? There's no link to a real risk, so coverage can't be proven.

5. Decision rationale — why these 50 claims, at this depth, with this criterion? The choices look arbitrary.

6. Audit timestamp / model version — when, and against which model version? The result isn't tied to a point in the lifecycle.

7. Evidence pointer — where are the actual 50 decisions and their assessment? "Pass" points to nothing.

What's wrong with the acceptance criterion: "Most decisions look reasonable" is subjective and unmeasurable — it has no threshold, no ground truth, and no definition of "reasonable". A 42119 criterion would be measurable (e.g. "decisions match the adjudicated ground-truth label in at least 90% of the 50 cases, with precision and recall reported by claimant group"). As written, two testers could reach opposite conclusions and both be "right".

Test ID: TC-118-R2

Risk category: Model — performance (with fairness breakdown)

Test level: Model

AI technique type: Model performance testing (precision/recall against ground truth, segmented by claimant group)

Description: Submit the 500-claim adjudicated benchmark set through claim-decision model v2.3 and compare the model's accept/decline/refer decisions against the human-adjudicated ground-truth labels, overall and broken down by region and claim type.

Acceptance criteria: Overall recall for "should refer" claims ≥ 0.85; precision for "decline" ≥ 0.90; and no region's recall more than 8 percentage points below the overall figure. Any breach is a fail with the affected segment listed.

Traceability reference: AI risk register risk R-03 (model wrongly auto-declines valid claims) and R-08 (decision quality varies by region).

Decision rationale: The 500-claim benchmark is the adjudicated reference set; recall on "should refer" is prioritised because a missed referral means a valid claim is wrongly auto-declined — the highest-harm error for a claimant. Regional breakdown included because R-08 flags geographic disparity risk.

Audit timestamp / model version: Run 2026-05-14, model v2.3, benchmark set BM-CLAIM-500 (snapshot 2026-05-01).

Evidence pointer: /qa-evidence/TC-118-R2/ — confusion matrix, per-segment precision/recall table, benchmark set manifest, reviewer sign-off (J. Patel, 2026-05-15).

Result: [Pass / Fail] with any breaching segments listed.

What makes it audit-ready: every mandatory field present, a measurable criterion tied to claimant harm, traceability to two numbered risks, a rationale for the choices, a dated model version, and a pointer to reproducible evidence — versus the original's "most decisions look reasonable / Pass".

TEST SUMMARY REPORT — Data Quality Testing Cycle
System: MSD Benefits Eligibility AI v1.4 | Cycle: 2026-05 | Author: [QA Lead]

1. Test scope: Data quality testing of the training and evaluation datasets for model v1.4, prior to UAT. Covers the applicant dataset snapshot DS-2026-04 (320,000 records). Lifecycle phase: development. Out of scope this cycle: model performance, fairness, and drift testing (scheduled separately).

2. AI test types executed: Data representativeness testing (coverage by age band, region, benefit type); data provenance testing (lineage and Privacy Act lawful-basis verification); label correctness testing (sample re-check and inter-labeller agreement on 1,000 records).

3. Risks addressed: R-04 (under-represented applicant groups receive less reliable decisions); R-06 (training data lacks lawful basis for AI use); R-11 (eligibility labels inconsistent across assessors).

4. Coverage achieved: Representativeness — all age bands and benefit types within ±3pp tolerance; 2 of 16 regions outside tolerance (rural South Island under-represented). Provenance — lawful basis confirmed for all fields; lineage documented. Label correctness — inter-labeller agreement 0.81; 4% of sampled labels corrected.

5. Open risks: (a) Two rural regions remain under-represented (R-04 partially open) — fairness impact to be confirmed in fairness testing cycle. (b) Inter-labeller agreement of 0.81 is acceptable but not strong; recommend a labelling-guideline review before the next training round.

6. Sign-off recommendation: PROCEED TO UAT WITH CONDITIONS — data is fit for development-stage use, conditional on (i) the two under-represented regions being flagged as known limitations into fairness testing, and (ii) a labelling-guideline review scheduled before the next retrain. Do not proceed to production sign-off until fairness and drift cycles are complete.

What makes it strong: it names specific test types and numbered risks, gives measured coverage (not "we tested the data"), states open risks honestly, and gives a clear conditional recommendation rather than a bare "pass". The candour in section 5 is what an auditor trusts.

12 Self-Check

Click each question to reveal the answer.

13 Interview Prep

Real questions asked in NZ QA interviews for AI-adjacent roles. Read the model answers, then practise your own version.