MUMBAI: As Indian enterprises are confronted by an increasingly complex risk management landscape, new governance risks related to cybersecurity, Artificial Intelligence (AI) and other emerging technologies have been deemed as most critical by a majority of internal audit professionals, according to the Institute of Internal Auditors (IIA) – Protiviti India Survey 2025.
As many as 66 per cent of Chief Audit Executives (CAEs) across large and midsized enterprises interviewed for the survey consider emerging technologies including AI, ML, and bots, and cybersecurity as the top risks confronting their organisations.
These professionals are directly responsible for corporate governance and compliance and for protecting their organisations from fraud and operational risks.
“Internal audit has evolved beyond a compliance function–it is now a strategic enabler of business resilience and governance, especially in an era of rapid digital transformation and complex regulations. However, gaps in governance and expertise persist, highlighting the urgent need for organizations to strengthen their risk frameworks and invest in digital readiness,” said Anthony Pugliese, President and CEO, IIA Inc.
The IIA India – Protiviti survey also found that despite the growing recognition of digital tools as both risks and enablers, digitization of the internal audit function is still not widespread. A large majority of CAEs (60 per cent) admitted that their department currently is partially digitized, while 23 per cent stated they are yet to start on this journey.
Further, CAEs are increasingly looking to engage domain experts who can identify risks in areas where high degree of technical competencies are needed. As many as 56 per cent of respondents cite the lack of Subject Matter Experts (SMEs) for auditing technical or emerging risk areas as the biggest gap in their current and future needs for internal audit.
Puneet Gupta, Managing Director at Protiviti India Member Firm and author of the survey report, said, “Today’s Chief Audit Executives (CAEs) are not just risk managers; they are catalysts for organizational change. The message is clear: internal audit must lead the charge — harnessing advanced analytics to uncover hidden risks, accelerating digital adoption, and fostering tech-driven ecosystems.”
The IIA India-Protiviti survey further revealed that the majority of Indian enterprises are equally convinced that AI and ML will shape the future of internal audit, with 69 per cent of the respondents saying so.
However, these respondents also admit that there is a lack of available use cases that show how AI/ML can be used in internal audits.
While data analytics and AI-driven tools have significantly improved audit quality, many organizations have yet to fully integrate advanced analytics into their audit processes.
Only 18 per cent of the respondents claim to be using data analytics extensively, while a vast majority of 82 per cent are using it moderately or rate-to-none.
Burzin Dubash, President of IIA India, said, “As businesses navigate increasing regulatory scrutiny and financial uncertainty, internal audit has transformed into a critical pillar of business resilience and governance. By leveraging data analytics, AI, and machine learning, audit practices are becoming more efficient, insightful, and proactive in identifying risks and ensuring compliance.” (ANI)
