10 key takeaways from Audit & Beyond 2025

Audit & Beyond 2025 wrapped last week, but the lessons learned are just beginning to drive change across the GRC landscape.

The biggest theme: Artificial intelligence continues to redefine how work gets done. It’s eliminating manual burden, accelerating insights, and elevating the role of audit, risk, and compliance teams. Yet while 53% of enterprises are implementing AI, only 3 in 10 leaders feel prepared to govern its use responsibly.

To get out of pilot mode and turn these investments into sustained progress, organizations must build a strong foundation for coordinated, continuous governance.

And the place to do it? Audit & Beyond. At our seventh annual conference, over 1,000 compliance, risk, and audit professionals gathered at the Gaylord Pacific Resort in San Diego, CA — and thousands more tuned in virtually — to get strategies for breaking down silos between GRC teams, share ideas, and explore ways to use new technology for long-term impact.

10 transformative lessons we learned at Audit & Beyond 2025

1. Elevate human intelligence with automation and AI

During the opening keynote, Raul Villar Jr., Anton Dam, and several senior members of the AuditBoard Product team announced new innovations designed to help you transform human intelligence with AI and automation.

As Villar shared:

The message is clear: technology isn’t the hero — people are. Imagine a world where AI deletes the “chore work” of audit and risk — returning hours to the strategic, high-judgment tasks that move your organization forward. That’s the future AuditBoard is building through innovations such as:

• AI-powered assurance: Supercharge your GRC workflows with Accelerate, enabling continuous auditing, audit-ready document generation, and real-time support from an integrated AI assistant.
• AI-powered ecosystem: Reduce response times and improve accuracy with Automated Security Questionnaires that auto-fill answers using existing data in minutes.
• AI-powered insights: Plan smarter, recover faster, and make more risk-informed decisions with Scenario Planning. Use bowtie analysis and Monte Carlo simulations to refine responses to potential risk events. Learn how you can take a proactive approach and drive strategic risk management.

2. AI will continue to reshape risk management

In a forward-looking fireside chat featuring Haibei “Happy” Wang, CTO of AuditBoard, and John Maeda, VP of Engineering, CoreAI at Microsoft, speakers explored how AI’s dual powers of cognition and context are reshaping risk management.

Completion models help systems think, while embedding models help them understand context. Organizations that combine both will lead the way in developing AI that augments human insight.

The session reinforced that the future of GRC is human-centered AI — designed to expand judgment, improve decision-making, and make continuous improvement achievable across the enterprise.

3. Strengthen AI governance with FairNow

In addition to this suite of new solutions and capabilities, we were thrilled to announce that FairNow is now a part of AuditBoard. FairNow is designed to help teams close the AI governance gap and ensure responsible, compliant AI use with a streamlined AI registry, dynamic risk assessments, and intelligent automated compliance.

Learn more about the FairNow acquisition.

4. Supply chain disruption underscores the interconnectedness of today’s risk landscape

From the pandemic to trade wars, the global supply chain has been increasingly volatile, making planning, strategy, and compliance an incredibly complex undertaking. In his keynote, Richard Chambers, former President of The IIA, joined Roland Chapin, General Atomics, and Jeff Sebree, Eagle Materials, to unpack what it takes to navigate today’s complex risk ecosystem:

• Geopolitical conflicts and trade policies
• Rising costs and new compliance requirements
• Cyber and AI-driven threats
• Regulatory divergence and evolving tariffs

Their advice: Challenge past assumptions, strengthen third-party risk programs, and leverage real-time key risk indicators for strategic foresight.

As Chambers noted, the global supply chain is now a strategic target on the geopolitical stage. Global volatility will continue to impact supply chain risk. Take action by reviewing your 2026 audit plan. Where can you embed real-time risk indicators or strengthen third-party risk visibility?

See more of Richard Chambers’ tips for navigating supply chain risk in the age of continuous volatility.

5. Enable growth with proactive risk management

GRC expert Michael Rasmussen challenged leaders to embrace risk and resilience management as not just a protector, but an enabler of business strategy.

He emphasized the importance of moving from fragmented risk ownership to a federated approach that balances centralization with each team’s unique perspectives and strengths.

He also discussed the benefits of risk management solutions that enable a shared risk taxonomy, real-time monitoring, contextual analysis, and AI-powered intelligence.

Scenario planning, stress testing, and proactive governance help organizations gain a 360° view of risk so you can prepare for volatility rather than react to it. As Rasmussen stated, risk management should not be a brake, but a navigation system, helping your organization achieve its objectives.

6. Inject cyber resilience into strategic decision-making

Jen Easterly, former Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), urged attendees to balance innovation with vigilance.

Her keynote underscored how today’s tools can be both transformative and dangerous if not governed responsibly. Easterly challenged organizations to embed cyber resilience into every stage of their digital transformation journey, reminding leaders that trust is built through transparency, not technology alone.

Pro tip: Make cyber resilience a foundational part of your digital strategy, integrated into every process, policy, and partnership.

7. Implement a champion’s mindset

In one of the week’s most inspiring moments, Olympian, mother, and cancer survivor Chaunté Lowe took the stage to share her story of perseverance, adaptability, and strength.

Her message resonated beyond athletics:

Lowe encouraged attendees to redefine success, embrace failure as fuel for growth, and build “fire-proof goals” that can withstand any setback.

8. Bold, courageous leadership takes many forms

The Connected Leaders: Women in GRC roundtable, sponsored by Protiviti, was one of the event’s standout sessions — a fireside chat with Alexis Parker, Chief Audit Executive at Bacardi, and other leaders who shared how taking bold risks and showing up authentically have shaped their careers.

The conversation explored what it means to own your voice, transition from mentorship to sponsorship, and lead with empathy in a fast-changing industry.

As April Crichlow, CMO at AuditBoard, shared during the session:

Panelists agreed that diversity of thought, sponsorship, and experience isn’t just valuable — it’s essential to organizational resilience and innovation.

9. The time to fully leverage AI capabilities is now

Across the event, there was collective urgency to act, as captured by Steve Sanders, Group Chief Internal Auditor, Bank of Ireland:

However, Sanders says his biggest takeaway from the week is around the idea of human intelligence:

“My personal biggest takeaway from the week was that we will only be successful if we couple AI with our human touch. Connecting with old peers and friends, as well as making many new ones at the conference, reminded me of the sheer power and impact of proper human connection. We need to be experts in both our humanity and our technologies. Thank you, AuditBoard, for an event that allowed us to exercise both. I can't wait to help make next year's event even bigger and better.”

10. Watch the 2025 Audit & Beyond keynotes on demand

Technology is accelerating at an unprecedented pace, but the greatest source of competitive advantage remains human intelligence empowered by AI. The organizations that rise strongest will be those that commit to governance, upskilling, and connection.

Don't miss out on the insights that will transform your career and your organization. Watch the Audit & Beyond 2025 keynotes on demand today.

About the authors

AuditBoard is the leading AI-powered GRC platform, transforming the way the world’s biggest companies manage risk. More than 50% of the Fortune 500 trust AuditBoard to elevate their audit, risk, and compliance management.