Cybersecurity, AI found to be top emerging governance risks: Survey

Mumbai, March 5, 2025

The findings were released at the IIA India International Conference 2025 held on Tuesday in Mumbai.

New governance risks related to cybersecurity, Artificial Intelligence (AI) and other emerging technologies have emerged as most critical in risk management for enterprises, by a majority of internal audit professionals, according to the latest Institute of Internal Auditors (IIA) – Protiviti India Survey 2025.

The findings were released at the IIA India International Conference 2025 held on Tuesday (March 5, 2025) in Mumbai.

As many as 66% of Chief Audit Executives (CAEs) across large and midsized enterprises interviewed for the survey consider emerging technologies including AI, ML, and bots, and cybersecurity as the top risks confronting their organisations.

These professionals are directly responsible for corporate governance and compliance and for protecting their organisations from fraud and operational risks, IIA said.

The survey, conducted by consulting firm Protiviti with IIA India, further revealed that a majority of Indian enterprises lack adequate skills to deal with these emerging risks, with only 16% of CAEs affirming they believe they are “highly prepared” to proactively identify and address emerging risks as part of internal audits.

The findings are based on interviews with 225 CAEs representing premier multinationals, large corporate houses, new-age tech companies, and startups based in India.

“Internal audit has evolved beyond a compliance function—it is now a strategic enabler of business resilience and governance, especially in an era of rapid digital transformation and complex regulations. This survey confirms that Indian businesses acknowledge the growing importance of risk management and digital capabilities, particularly in addressing emerging threats like cybersecurity, financial fraud, AI, and machine learning,” said Anthony Pugliese, President and CEO, IIA Inc.

“However, gaps in governance and expertise persist, highlighting the urgent need for organisations to strengthen their risk frameworks and invest in digital readiness,” he added.

The IIA India - Protiviti survey also found that despite the growing recognition of digital tools as both risks and enablers, digitization of the internal audit function is still not widespread. A large majority of CAEs (60%) admitted that their department currently is partially digitized, while 23% stated they are yet to start on this journey.

The survey further revealed that the majority of Indian enterprises are convinced that AI and ML will shape the future of internal audit, with 69% of the respondents saying so.

Burzin Dubash, President, IIA India, said, “As businesses navigate increasing regulatory scrutiny and financial uncertainty, internal audit has transformed into a critical pillar of business resilience and governance.”

“By leveraging data analytics, AI, and machine learning, audit practices are becoming more efficient, insightful, and proactive in identifying risks and ensuring compliance,” he said.

This survey highlights the pressing need for organisations to accelerate digital transformation, adopt technology-driven solutions, he added.

[The Hindu]