Licensed for noncommercial personal use by Ashok Kumar DL (ashokkumardl@ymail.

com) on 1/10/2024, 1:43:44 PM

 OCEG is a global nonprofit organization and community. We
inform, empower, and help advance the careers of our
135,000+ members who work in governance, strategy, risk,
compliance, security, and audit. This approach to business,
and to life, is what we call Principled Performance®. For over
20 years, we've set the standards for GRC and the associated
critical disciplines that comprise GRC. The foundational
standards for GRC form the basis of OCEG's GRC Capability
ModelTM (the "Red Book") and additional OCEG capability
models.

GRC, as an acronym, denotes governance, risk, and

compliance — but the full story of GRC is so much more than
those three words. The acronym GRC was created by OCEG as
a shorthand reference to the critical capabilities that must
work together to achieve Principled Performance® — the
capabilities that integrate the governance, management, and
assurance of performance, risk, and compliance activities.
This integrated collection of capabilities enables an
organization to reliably achieve objectives, address
uncertainty, and act with integrity —this is Principled
Performance®. For more information, visit: www.oceg.org

LogicGate® is a global leader in transformative risk

management and compliance solutions. Our award-winning
Governance, Risk, and Compliance (GRC) platform, Risk
Cloud®, enables customers to understand and navigate risks,
turning them into strategic advantages. With an unwavering
commitment to fostering business resilience in dynamic
landscapes, LogicGate is actively shaping the future of risk
management. Learn more about our solutions by visiting
www.logicgate.com

Principled Performance, OCEG, and GRC Capability Model are registered trademarks of OCEG.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
About the Authors

Carole Switzer
Carole Switzer is the Co-Founder of OCEG and has
helped to guide the growth and development of
OCEG guidance and content for twenty years. She
is a widely recognized expert on GRC and has driven
the OCEG mission of helping organizations achieve
Principled Performance worldwide.

Lee Dittmar
Lee Dittmar is a consultant, executive,
entrepreneur, advisor, and thought leader in
governance, risk management, compliance, data
analytics, regulation, and technology
implementation strategy. His current focus is
Artificial Intelligence and the related adoption,
governance, risk management, and compliance
challenges. Lee is an OCEG Fellow who helped
shape the early ideas of GRC and the OCEG GRC
Capability Model. National Law Journal named Lee
to the top 50 “Governance, Risk, and Compliance
Trailblazers and Pioneers.”

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
Table of Contents
Comments from the Sponsor 5
Purpose of this Survey 6
Key Findings 8
Conclusion 13
APPENDIX Survey Data with Additional Commentary 15

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
Sponsor Comments
When OpenAI's ChatGPT went mainstream, it became clear to LogicGate that generative AI is a
fundamental shift in the technological and business landscape that is here to stay, drastically changing
how the world develops and interacts with technology. For all of the challenges facing GRC teams in
leveraging AI systems, these steps can help mitigate the risks while taking advantage of the benefits:

● Have a plan: Develop a plan for deploying, overseeing, and managing AI. You should also
develop policies around the acceptable use of AI across your organization so that everyone is on
the same page about where, how, and for what purposes it's OK to use AI.

● Conduct regular security assessments: It's important to apply diligence to the security of
your AI systems, just as your risk team does for your organization's networks.

● Develop your systems securely: If you're developing a solution in-house, make sure the
process adheres to the same secure development, configuration, and deployment standards
that you'd use for any other commercial or internal products.

● Manage third-party and vendor risk: If the AI was built by a third party or outside vendor,
assess any risk involved with those entities through your third-party risk management program.

● Maintain data security: Make sure you're able to trace where any data you feed to an AI
system is going and how it's being stored and processed. If the data is of an extremely sensitive
nature, consider not providing it to the AI at all.

At LogicGate, we always say that the best companies aren't built by avoiding risks but by taking the right
ones. Artificial intelligence certainly presents its fair share of risks, but we believe that, with the proper
safeguards in place, it has the potential to revolutionize how organizations approach GRC.

While AI is a powerful tool on its own, it's even more powerful when coupled with a modern GRC platform like
LogicGate Risk Cloud. With LogicGate's OpenAI integration, customers easily implement and utilize AI
technology with Risk Cloud applications, scale content generation, and quickly solve complex problems
with AI-powered systems and models - streamlining risk management all from one platform.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
Purpose of the Survey
Artificial intelligence (AI) is an exponential technology rapidly transforming our world. While AI
is not new, its relevance has exploded in the past year, driven by breakthroughs with
generative AI and large learning models (LLMs). AI is already used in various industries, from
healthcare to finance and transportation to retail, as well as by many government and public
service organizations. AI will ultimately redefine work and play, change business and
government, and impact every aspect of our lives. AI systems will become more powerful and
sophisticated, be part of the solution to big problems, and create new opportunities for
businesses and governments.

The potential for AI to drive innovation and unlock unimaginable opportunities is vast, but its
misuse could lead to unforeseen and negative consequences. Visionary leadership will be
essential to capitalize on AI's benefits while preserving economic well-being, societal
cohesion, and humanity. But to be blunt, organizations that ignore AI's transformative
potential risk being left behind.

GRC programs must evolve to meet the unique challenges and opportunities created by AI.
OCEG recognizes that two sets of questions need to be asked and answered - first, how the
overall use of AI in an organization should be addressed with GRC and, second, how
organizations should use AI to improve the effectiveness of GRC programs, processes, and
activities. The research survey that this report summarizes addresses the second question
and offers a snapshot of how organizations are already using, or are planning to use, AI in GRC
activities.

As we prepared the survey, we anticipated that "AI for GRC" was already becoming increasingly
important and recognized as an essential part of next-generation GRC programs. In the
survey, we sought to assess the current state of the application of AI to improve governance,
risk management, compliance, and other elements of GRC that drive Principled Performance,
and to assess how well respondents understand the potential value. Given the exponential
pace of development of AI technology, we expected to find that most organizations recognize

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
the potential benefits but are early and still immature in their AI for GRC undertakings. Our
findings align with that expectation.

Demographics
Overall, 378 individuals participated in the survey, of which 248 answered all questions. We
have included all of them in the data presented in this report.

More than half of survey participants self-identify as senior executives or board members.
Almost two-thirds (64%) state that they have active roles in governing, managing, designing,
or monitoring the use of AI in their organizations. Some 33% indicate that they have
governance or oversight roles regarding the use of AI.

Almost all (87%) state that they have governance, oversight, or management roles in regard to
GRC capabilities.

The survey participants are from many industries and sectors, with 27% from Financial
Services/Banking and 28% from Technology/Software. Other significant representation is
from healthcare, energy, government/military, and manufacturing.

Survey respondents are from every region of the world:

US or Canada 39% Europe 16% Asia 16%

Middle East 12% Africa 10% Latin America 5%

Australia/New Zealand 2%

The size of participating organizations ranges from small to very large. 44% have more than
1000 employees and 18% have more than 10,000.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
Five Key Findings
1. Recognition of the value of AI for GRC is overwhelmingly
positive, but actual implementation is still nascent.

As expected, a minority of respondents report using AI to perform GRC activities. An overwhelming

majority agree with the usefulness of all postulated potential applications of AI for GRC.

21% report that they currently use AI directly or with SaaS to perform GRC activities

For each of the 21 potential applications of AI for GRC outlined in the survey, 89% to 97% affirm
that they would be very useful or somewhat useful

On average, 10X more respondents recognize the value of the 21 potential applications than
the number who report actually using AI for each GRC application

Only 12% of respondents say their organization has a documented AI governance or

management plan. We found that this subset of respondents is much further along in their
implementation of the use of AI for GRC.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 2. The use of generative AI for GRC activities is in the early stages
of development. There is much work to achieve a high level of
confidence that risks are well understood and that effective
risk mitigation strategies are in place before we see
widespread use of generative AI and LLMs for GRC.

Unsurprisingly, most respondents do not have high confidence in their organizations'

understanding or mitigation of AI risk. Part of the problem is the lack of documented plans or risk
management strategies for how AI will be used for GRC.

Half report that they are not confident that there is a good inventory and understanding of all
the ways AI currently is used in GRC technologies

48% say they are not confident that their organization has effective risk mitigation strategies
in place for identified risks arising from the use of AI in GRC

Only 26% explicitly allow the use of generative AI to support GRC capabilities
under certain conditions - 42% do not allow the use of generative AI for GRC

82% of respondents agree or strongly agree that companies must adopt generative AI or risk
being left behind

The survey revealed less use of generative AI applications than we would have expected at this
time. We believe there is some combination of fear, skepticism, and "unknown unknowns" at work.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 3. The most widely used applications of AI for GRC are reported
to be for Cyber Risk Management and Enterprise Risk
Management.

This finding most likely is a reflection of the fact that both Cyber Risk and ERM solution
providers, as well as the major cloud providers, are embedding AI into their products.

28% are using AI in Cyber Risk Management and 27% in Enterprise Risk Management

24% are using AI in Regulatory Compliance and in Controls Compliance

19% are using AI for Third-Party Risk Management

Compliance risks associated with AI will become a larger issue as more countries promulgate
regulations. In some markets, the nature and extent of regulatory requirements is a moving
target. In all markets, there are ever-changing risks as laws, rules, and regulations continue to
evolve. There will also be substantial and increased regulatory complexity, as different
countries and different agencies within countries establish requirements.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 4. Organizations with documented plans for how AI will be used
to improve GRC are more advanced, based on their more
positive responses in most areas covered by the survey.

Unsurprisingly, organizations with documented plans are further along in their AI for GRC
efforts. Having an established plan or one in development creates a bifurcation in the survey
results.

Only 12% (44 of the 374 respondents who answered this question) report that their
organizations have documented their AI for GRC plans. Another 30% report they have a plan in
development.

71% of organizations with a documented plan use AI directly or in a SaaS solution to perform
GRC activities. Another 25% say they are planning to do so.

19% of organizations with a plan in development say they are using AI directly or in a SaaS
solution for GRC needs. Another 54% have plans to do so.

66% of organizations without a plan, or even a plan in development, say they are NOT using AI
directly or in a SaaS solution at this time.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 5. There are many use cases for the application of AI for GRC,
which will deliver benefits in effectiveness and efficiency.

AI for GRC has excellent potential. There is a lot of work to do to capitalize on the opportunity.
Successful use case examples will serve as evidence of the value.

The survey asks about 21 use cases of AI being applied to improve GRC capabilities. All 21 use
cases have some respondents currently using AI in the described manner, either
enterprise-wide or in some parts of their organizations.

The responses are overwhelmingly positive when we ask about the 21 use cases as “potential
applications" of AI for GRC. The combination of "very useful” and "somewhat useful" responses
is 87% to 97% for individual use cases.

In preparing the survey questions, we identified additional use cases beyond the 21 we
presented in the survey. If we were to ask about these additional uses, we expect we would
have similar responses, where some respondents are using these applications and far more
see potential benefits from such uses.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
Conclusion
AI will impact every form, type, and size of organization in every industry around the world. The
benefits will likely be great for organizations that plan and manage the transition well. For
others, the risks will be significant. AI presents the opportunity to do many things better and
do many things only AI makes possible. Efficiency is not the biggest play. The most significant
benefits almost certainly will come from improved abilities to anticipate, recognize,
understand, and mitigate risks. AI for GRC will improve organizational resilience.

We are early in the journey, both in terms of AI adoption generally and in the application of AI
for GRC specifically. The survey results confirm the latter. However, the respondents'
overwhelmingly positive views on the potential usefulness of AI in improving GRC capabilities
are evidence of a fast-coming wave of change.

We are surprised that only 12% of respondents report having a documented plan for how their
organizations would use AI to support GRC efforts, evaluate that use, and protect against the
risks created. Given the current focus on AI generally and the year that has already passed
since the introduction of easily accessible generative AI, we expected this number to be
higher. Encouraging, however, is the fact that another 31% have such a plan in development.
But what about the rest? We encourage the development of at least a skeleton plan as soon
as possible, with more details to follow. Without a plan, risks will only increase.

There are other indications that there is more work required to ensure proper governance and
controls around the use of AI for GRC. Less than one-third of respondents say they have
partially or fully defined governance processes and put controls in place to use AI with GRC
capabilities. Half are not confident that their enterprise has a good inventory and
understanding of how AI is currently used in GRC technologies or software as a service (SaaS).
Nearly half are not confident that they have adequate risk mitigation strategies regarding
using AI in GRC systems. When we ask those who report using AI-supported GRC systems
whether they are addressing cyber security and data privacy considerations in that use,
almost one quarter say no and another quarter say they do not know.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
Boards and senior executives should encourage their teams to pursue AI-enabled
improvements in their governance, risk management, and compliance programs and
processes. This is one side of the coin, whereas the other side is GRC for AI with strategies
and programs to ensure that AI is used safely, responsibly, and ethically, with cognizance of
risks and in compliance with external and internal requirements. So, of course, the pursuit of AI
for GRC should include the application of effective GRC for AI.

The opportunities and challenges posed by GRC and AI demand bold and visionary leadership.
There needs to be more than the old ways amidst exponential technological change.
AI-enabled GRC and Principled Performance will help shape a future that maximizes AI's
benefits while safeguarding the interests of all stakeholders.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
APPENDIX
SURVEY DATA WITH ADDITIONAL COMMENTARY

In this appendix, we present a summary of the answers to each survey question with some
additional comments you may want to consider.

1. Do you personally have any role in governing, managing, designing, or auditing the
use of AI in any part of your organization?

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 2. Do you personally have any role in governing, managing, or operating GRC
capabilities in any part of your organization?

Looking at answers to questions 1 and 2 together, the vast majority of respondents have direct
roles in the use of AI and in GRC capabilities for their organizations. About one-third have
governance/oversight roles in one or the other or both.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 3. Does your organization currently use AI directly or within any SaaS to perform any
GRC needs?

● 21% say “Yes” – a surprisingly low number, perhaps due to different interpretations of
what constitutes a GRC need.
● 30% say “Not now but planning to do so” – we expect this to grow quickly.
● 41% say “No" – we expect this to decline quickly.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 4. Does your organization have a documented plan for how it will use AI to support
GRC efforts, evaluate that use, and protect against the risks that may be created?

● 12% say "Yes” – but we expected more to have at least a draft plan by now.
● 31% say, “It is in development” – this is encouraging.
● 48% say “No” – they may think they don't need it if they aren't officially authorizing use,
but we believe this is a high-risk approach.
● 9% say “I don't know” - this is concerning given the roles of respondents.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 5. Does your organization allow the use of any generative AI applications to support
your GRC capabilities?

● 43% say, “No, not at this time,”- but we expect this to change quickly as AI-enabled
“GRC assistants and “chatbots” are deployed.
● 22% say, “The organization has not indicated explicit approval or disapproval – we
believe that not having a clearly defined policy presents significant risk.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 6. In which of these aspects of GRC is your organization currently using any form of
AI? Select all that apply:

● Enterprise Risk and Cyber Risk Management have the highest number of affirmative
responses representing 28% of respondents.
● Five areas were in the low to mid-20s. Only Third-Part Risk Management was lower with
18% of respondents. We are surprised at this relatively lower number for an area where
we expect AI to have an increasing role.
● Organizations with documented plans reported the highest percentage of AI usage. For
example, 61.4% of organizations with documented plans say they use AI for Enterprise
Risk Management (ERM). For organizations without documented plans or plans in
development, only 15% report using AI for ERM.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 7. Does your organization have defined controls or governance processes in place to
use AI within GRC capabilities?

● Only 9% of respondents say they have fully defined controls in place, and another 20%
say their controls and governance processes are "partially defined". This seems to
correlate with respondents who are currently using some application of AI for GRC.
● 25% say they are presently designing controls and governance processes for AI with
GRC capabilities.
● 37% say “No” and another 9% say “I don’t know “.
● Respondents with document plans report the highest percentages of defined controls
and governance processes. 43% say fully defined and 38% say partially defined.
● 70% of respondents without plans say they do not have defined controls or governance
processes in place.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 8. Is your organization requiring its GRC SaaS providers to disclose the use of AI and
the methods in place to ensure strong governance over such use?

● Only 19% say “Yes” – given the expected integration of AI into GRC solutions, this is low.
● 30% say “No” – we would ask these respondents, “Why not?"
● 36% say, “We aren’t currently using any AI-assisted GRC systems” - given the expected
integration of AI into GRC solutions, this will change quickly.
● 15% say “I don't know” – a surprisingly high percentage given the roles of most
respondents, they should know.
● Only 7% of respondents without documented plans say they require GRC SaaS
providers to disclose the use of AI in their solutions. 38% of the no-plan group say they
do not require such a disclosure. A full 43% say they are not using any AI-assisted GRC
SaaS systems, but we suspect they may not know whether AI does assist the systems
they use.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 9. How confident are you that your enterprise has a good inventory and
understanding of all the ways AI is currently used in your GRC technologies or
software as a service (SaaS)?

● Only 16% are very confident – this needs to improve quickly.

● 35% say they are somewhat confident.
● 32% are not very confident, and 17.4% are not confident at all – this means that half of
respondents lack confidence, which is indicative of unassessed or controlled risk. An
essential aspect of good governance over AI is having an accurate understanding of
where and how it is being used.
● Even worse, 80% of respondents who say they do not have a documented plan are
either “Not very confident” or “Not confident at all”.
● Conversely, for the group with a documented plan, 88% report being “very confident” or
“somewhat confident”.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 10.How confident are you that your organization has effective risk mitigation
strategies in place for identified risks arising from the use of AI in GRC systems?

● 17% say they are "Very confident”.

● 35% say they are ‘Somewhat confident”.
● 33% say “Not very confident,” and 15% say “Not confident at all”.
● Given that we asked about “identified risks” here, we expected fewer non-confident
responses.
● 90% of respondents who report having a documented plan say they are “very” or
“somewhat” confident. Only 30% of those without documented plans are “very” or
“somewhat” confident.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 11. Is your organization incorporating cybersecurity and data privacy considerations
into its AI-supported GRC systems with safeguards to protect personally
identifiable information (PII) and sensitive data with access controls?

● 43% say “We aren’t currently using any such systems”. – 75% of this subgroup are
organizations without documented plans.
● Only 13% of respondents without documented plans say they are incorporating
cybersecurity and data privacy into AI-supported GRC systems.
● 14% say: “I don’t know”. – It is troubling that so many respondents would not know if
cybersecurity and data privacy were being considered.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 12. Does your organization have processes to ensure that your use of AI-supported
GRC systems is compliant with all relevant laws, regulations, industry standards,
and internal policies on an ongoing basis?

● 16% say “Yes, fully” – This number needs to move higher as the deployment of AI
increases.
● 23% say “Yes, partially" – These respondents need to determine what is not in place and
address the shortfalls.
● 15% say “No” – This is a troublingly high percentage.
● 36% say “We aren’t currently using any such systems” – Interestingly, this is lower than
the 43% who answered the same to survey question 11.
● 9% say “I don’t know”.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 13. Please provide views on these statements:

● 77% consider themselves well-informed on generative AI models.

● 82% say that companies must adopt generative AI or risk being left behind.
● 94% say that GRC technology providers should explore ways to utilize AI within their
platforms. Overwhelmingly positive, this is an unsurprising result.
● 89% say that AI can save time in day-to-day activities. Overwhelmingly positive, this is
an unsurprising result.
● 64% say that their organizations would allow the use of ChatGPT-powered features if
oered by their GRC SaaS provider. However, the currently allowed use of generative
AI to support GRC was a lower percentage, at 26%. This suggests two things: 1 a
risk-averse approach to the adoption of generative AI for GRC; and 2 GRC technology
vendors may be slow in adding generative AI to their solutions.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
14, 16, and 18 combined: How is your organization currently using these applications of
AI?

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 ● Only the 46 respondents who reported that they were using AI for GRC in some way
were given the opportunity to answer these questions, so the percentages are based
on a much smaller sample.
● Two-thirds to three-quarters of respondents using AI for GRC reported using each of
the 21 applications.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
15, 17 and 19 combined: How useful do you think these potential applications of AI would
be (or already are) to your organization?

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 ● All respondents were given the opportunity to answer these survey questions. Total
respondents ranged from 260 – 265 for each row.
● The responses were overwhelmingly positive. More than 90% reported that all of these
applications of AI for GRC would be useful.
● The using (questions 14, 16, and 18) to useful (questions 15, 17, and 19) percentages
increase by 20 - 30% for all use cases.
● The conclusion here is that we can expect a substantial increase in the adoption of all
these use cases as AI for GRC expands in the future.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 20. Do you personally have any of the following titles (or equivalent titles)? Select
the primary one that applies to you.

● 2/3 of survey respondents answered this question and the following additional
demographic questions.
● Almost half of those who responded to this question are senior executives or board
members, a good percentage which adds credibility to the results. The breakout is
represented in the chart above.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 21. What is the size of your organization in number of employees?

● The mix of company sizes provided a diverse data set.

● 44% have more than 1000 employees and 18% exceed 10,000 employees.

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 22. What is your organization's primary industry?

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
 23. In what region is your organization domiciled?

December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM
December 2023

Licensed for noncommercial personal use by Ashok Kumar DL ([email protected]) on 1/10/2024, 1:43:44 PM