MetricStream and GRC Report’s 2025 GRC Practitioner Survey Reveals AI, Cyber Risk, Operational Resilience, and Regulatory Compliance as Top Priorities
Media Contact:
Patricia A. McParland
Associate Vice President, Marketing
pr@metricstream.com
MetricStream, the global market leader in governance, risk, and compliance (GRC), in collaboration with GRC Report, today released the results of their 2025 GRC practitioner survey. More than 100 global risk leaders and practitioners shared their key GRC priorities for the year, with a strong focus on integrated programs to manage emerging risks, resilience requirements, regulatory changes, cyber risks, and the promise of AI to improve efficiency and drive innovation.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250306037964/en/
Key takeaways from the survey:
- More than half of respondents (51%) stated that navigating the complex regulatory landscape is among their top challenges this year, with new guidelines, evolving requirements, and unexpected policy shifts occurring almost weekly.
- About 48% of professionals said they struggle to keep up with increasingly sophisticated cybersecurity threats, making cyber risk a major concern. The need to ramp up investments in proactive cyber risk management solutions is more critical than ever.
- Approximately 47% of respondents recognize the value of AI, yet only 14% have integrated it into their GRC frameworks.
- 46% of respondents emphasized the importance of building resilient enterprises to navigate an unpredictable risk landscape.
Overall, GRC professionals maintain a positive outlook for the future. 92% of respondents expressed optimism about their risk and compliance strategies, and 77% expect their risk and compliance budgets to either stay the same or increase in 2025.
“The GRC landscape is evolving at an unprecedented pace. By leveraging AI and an integrated approach to risk, compliance, and audit, organizations are successfully managing increasing regulatory pressures and emerging operational resilience requirements while balancing resource constraints,” said Manu Gopeendran, SVP of Strategy and Marketing at MetricStream. “As we look ahead to 2025 and beyond, GRC professionals have a unique opportunity to build stronger programs, foster a culture of risk awareness and compliance, and turn emerging challenges into catalysts for growth and innovation.”
“The results of the 2025 GRC survey reinforce what we see in the market. GRC leaders are under immense pressure to manage evolving regulations, cyber threats, and operational resilience. Organizations that proactively integrate AI and automation into their programs will gain a competitive edge by improving agility and efficiency," said Michael Rasmussen, GRC Pundit at GRC 20/20 Research.
"This survey provides a valuable snapshot of how GRC professionals are navigating this dynamic environment. By understanding the priorities and concerns of their peers, organizations can benchmark their own efforts and strengthen their risk management and compliance programs,” said Samuel Rasmussen, Editor-in-Chief of the GRC Report.
Download the full survey report here.
MetricStream and the GRC Report will be joined by Michael Rasmussen, the GRC Pundit and Lead Analyst at GRC 20/20 Research on Tuesday, March 11, 2025, at 11 AM ET, in a webinar to discuss the survey results.
To attend the webinar, register here.
About the Report
More than 100 GRC leaders, including Chief Information Security Officers (CISOs), Chief Risk Officers (CROs), risk and compliance managers, audit professionals, and others, shared their insights on current audit, risk, compliance, cyber, and AI challenges and opportunities. They answered a collection of predefined questions while also sharing their own personal perspectives.
Survey respondents spanned different regions, including North America, Europe, Asia, and MENA.
About MetricStream Inc.
MetricStream is the global SaaS leader of Integrated Risk Management and GRC solutions that empower organizations to thrive on risk by accelerating growth via risk-aware decisions. We connect governance, risk management and compliance across the extended enterprise. Our ConnectedGRC and three product lines – BusinessGRC, CyberGRC, and ESGRC – are based on a single, scalable platform that supports you wherever you are on your GRC journey.
MetricStream is headquartered in San Jose, California, with an operations and R&D center in Bangalore, India, and sales and operations support around the globe. More information is available at www.metricstream.com, LinkedIn, Facebook and Twitter.
About the GRC Report
The GRC Report is your daily source for trending news and insights in Governance, Risk Management, and Compliance (GRC). We provide relevant updates and expert analysis to help individuals and organizations stay informed in this rapidly evolving field. With a focus on regulatory developments, best practices, emerging technologies, and industry trends, we aim to offer comprehensive coverage of the GRC landscape to navigate today’s complex business environment. For more information, please visit grcreport.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250306037964/en/
