Regulatory Compliance a Major Challenge, But GRC Leaders Remain Optimistic: MetricStream and GRC Report Survey

March 11, 2025, | Bengaluru: MetricStream, the global market leader in governance, risk, and compliance (GRC), in collaboration with GRC Report, today released the results of their 2025 GRC practitioner survey. More than 100 global risk leaders and practitioners shared their key GRC priorities for the year, with a strong focus on integrated programs to manage emerging risks, resilience requirements, regulatory changes, cyber risks, and the promise of AI to improve efficiency and drive innovation.

Key takeaways from the survey: • More than half of respondents (51%) stated that navigating the complex regulatory landscape is among their top challenges this year, with new guidelines, evolving requirements, and unexpected policy shifts occurring almost weekly.

• About 48% of professionals said they struggle to keep up with increasingly sophisticated cybersecurity threats, making cyber risk a major concern. The need to ramp up investments in proactive cyber risk management solutions is more critical than ever.

• Approximately 47% of respondents recognize the value of AI, yet only 14% have integrated it into their GRC frameworks.

• 46% of respondents emphasized the importance of building resilient enterprises to navigate an unpredictable risk landscape.

Overall, GRC professionals maintain a positive outlook for the future. 92% of respondents expressed optimism about their risk and compliance strategies, and 77% expect their risk and compliance budgets to either stay the same or increase in 2025.

“The GRC landscape is evolving at an unprecedented pace. By leveraging AI and an integrated approach to risk, compliance, and audit, organizations are successfully managing increasing regulatory pressures and emerging operational resilience requirements while balancing resource constraints,” said Manu Gopeendran, SVP of Strategy and Marketing at MetricStream. “As we look ahead to 2025 and beyond, GRC professionals have a unique opportunity to build stronger programs, foster a culture of risk awareness and compliance, and turn emerging challenges into catalysts for growth and innovation.” “The results of the 2025 GRC survey reinforce what we see in the market. GRC leaders are under immense pressure to manage evolving regulations, cyber threats, and operational resilience. Organizations that proactively integrate AI and automation into their programs will gain a competitive edge by improving agility and efficiency," said Michael Rasmussen, GRC Pundit at GRC 20/20 Research.

"This survey provides a valuable snapshot of how GRC professionals are navigating this dynamic environment. By understanding the priorities and concerns of their peers, organizations can benchmark their own efforts and strengthen their risk management and compliance programs,” said Samuel Rasmussen, Editor-in-Chief of the GRC Report.

About the Report More than 100 GRC leaders, including Chief Information Security Officers (CISOs), Chief Risk Officers (CROs), risk and compliance managers, audit professionals, and others, shared their insights on current audit, risk, compliance, cyber, and AI challenges and opportunities. They answered a collection of predefined questions while also sharing their own personal perspectives.

Survey respondents spanned different regions, including North America, Europe, Asia, and MENA.

(Disclaimer: The above content is a press release and PTI takes no editorial responsibility for the same.). PTI PWR PWR

Source: PTI