Survey finds leading organizations are six times more likely to apply AI across multiple GRC functions to manage key risks

LOS ANGELES, CA — June 24, 2025 — AuditBoard, the leading global platform for connected risk transforming audit, risk, and compliance, today announced the results of new research that found most advanced organizations are six times more likely to leverage AI across multiple governance, risk, and compliance functions to manage some of the most critical risks they face.

AuditBoard, in partnership with Panterra Research, surveyed over 400 GRC professionals across the United States, Canada, Germany, and the United Kingdom for its report, AI-powered GRC: From reactive compliance to proactive strategy. Key findings include:

• 72 percent of the most mature organizations use AI to track risk proactively, compared to just 52 percent at the lowest maturity tier.
• More than half of mature organizations use AI for predictive risk modeling, shaping risk posture, and strategic planning — not just for checking compliance boxes.
• 44 percent of the most mature organizations plan to invest further in AI-driven risk management in the next 12 months, doubling down on proven returns.

“For AI to truly move the needle for GRC functions, organizations must prioritize integration, strong governance frameworks, and collaborative cross-functional strategies," said Michael Rasmussen, CEO of GRC Analyst & Pundit. "This goes beyond mere efficiency gains, enabling a shift where compliance actively contributes to business growth."

“We believe that compliance can be a growth catalyst for organizations when managed effectively,” said Rich Marcus, Chief Information Security Officer at AuditBoard. “Plugging in AI throughout GRC functions can help companies differentiate themselves from competitors and see around corners in today’s rapidly changing regulatory environment. This proactive approach allows organizations to move beyond reactive compliance, enhancing their overall GRC maturity and enabling them to focus on strategic growth rather than just mitigating threats.

For the full findings and actionable insights around AI-driven GRC, read the report here.