TMCnet News
New Drata Research Finds Only 13% of GRC Professionals Are Fully Confident in Their AI VisibilityDrata, the leading Agentic Trust Management Platform, today revealed the findings of its report, The State of GRC in the Age of AI. The report exposes a widening gap between what organizations expected from AI in governance, risk, and compliance (GRC) and what it has actually delivered-and traces that gap to three compounding failures: vendors oversold, buyers bought breadth, and governance never caught up. While it's long been stated that AI tools arrived faster than the governance to manage them, the precision to trust them, or the accountability to own their failures, this research proves the validity of that belief and its impact on organizational security. Only 13% of IT and security professionals confidently claim full visibility into the AI tools active within their organization, while the remaining 87% admit they are governing (or attempting to govern) something they cannot fully see. That blindness creates risks that security teams exist to prevent, yet 71% of organizations report that an AI tool used for GRC has led to a failed audit or lapsed regulatory standard at least once. The study, conducted by Wakefield Research on behalf of Drata, surveyed 300 IT and security professionals on AI adoption trends, corresponding risks, and the habits their organizations are embracing to close that gap. Additional findings include:
The survey findings point to a clear mandate for GRC leaders: visibility must come before governance, and it must come now. Organizations that pair AI adoption with a trust center, targeted agentic tools, and clear ownership over outcomes are already seeing the payoff via faster vendor reviews, fewer failed audits, and limited reversion to manual work. Drata built its Agentic Trust Management Platform for exactly that mandate, giving teams the visibility and control to govern AI with the same rigor they apply to every other system of record. Learn more about the findings and how Drata can help close the trust gap:
About Drata Drata provides the trust network that enables businesses to operate, scale, and partner with confidence. Powered by AI and designed to operationalize trust, the Drata Agentic Trust Management Platform continuously interprets controls, risk, and assurance signals-reducing repetitive manual work while improving visibility into internal and third-party risk, enabling always-on audit readiness across compliance frameworks, and accelerating security reviews. Purpose-built for enterprise complexity, Drata unifies governance, risk, compliance, and assurance to deliver faster time-to-value, reduce operational overhead, and enable continuous trust for 8,500+ organizations worldwide. For more information, visit drata.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20260715745957/en/ |

