Governance, risk and compliance (GRC) leaders shared top priorities in a recent MetricStream report.

More than half of respondents (51%) stated that navigating the complex regulatory landscape is among their top challenges this year, with new guidelines, evolving requirements, and unexpected policy shifts occurring almost weekly.

About 48% of professionals said they struggle to keep up with increasingly sophisticated cybersecurity threats, making cyber risk a major concern. The need to ramp up investments in proactive cyber risk management solutions is more critical than ever.

Approximately 47% of respondents recognize the value of AI, yet only 14% have integrated it into their GRC frameworks.

Forty-six percent of respondents emphasized the importance of building resilient enterprises to navigate an unpredictable risk landscape.

Overall, GRC professionals maintain a positive outlook for the future. Ninety-two percent of respondents expressed optimism about their risk and compliance strategies, and 77% expect their risk and compliance budgets to either stay the same or increase in 2025.