CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
Just 23% of audit leaders say budgets increased in 2025
Less than half of internal audit leaders say their functions have sufficient funding and more of them are reporting staff reductions than in previous years, according to an Internal Audit Foundation benchmark report.
The survey of nearly 400 North American internal audit leaders showed that just 45% say they have sufficient funding, down eight percentage points from the previous year, while 18% reported staffing cuts, a seven-percentage-point increase. Just under a quarter of audit leaders (23%) said their budgets went up in 2025, the lowest rate since the post-Covid trough of 2021.
Meanwhile, the scope of work for audit leaders continues to expand: Most chief audit executives (86%) hold at least one responsibility outside of internal audit. Fraud investigation is the most common non-audit remit for CAEs (47%), followed by enterprise risk management (36%) and ethics/whistleblower programs (34%).
A few other highlights:
- 85% of CAEs report functionally to an audit committee, board or equivalent.
- 52% of audit committees meet more than four times per year.
- At publicly traded companies, 80% of CAEs also oversee the SOX program.
92% of legal professionals use AI in daily work
Most legal professionals (92%) are using at least one AI tool in their daily work, according to a report by Wolters Kluwer Legal & Regulatory. Among in-house legal teams, nearly four in five (79%) expect AI funding to rise or stay level over the next three years, the survey of more than 800 legal professionals in the US, China and Europe found.
Majorities of respondents in both legal departments (62%) and law firms (57%) believe AI adoption will reduce billable hours, though institutional informational security preparedness may be lagging. About one-third of legal departments and 29% of law firms say they are “very prepared” for the infosec challenges presented by AI, while 52% of both groups report being “somewhat prepared.”
A few other key findings:
- Majorities of both groups view technological expertise as “extremely important” or “important”: legal departments 75%, law firms 66%.
- At 42% of organizations, the IT department is the primary AI advocate, followed by corporate leadership (34%) and senior partners (27%).
81% of respondents said AI regulation will be highly impactful, and only 34% say their organizations are “very prepared” for AI compliance requirements.
