According to an ISACA pulse poll of 3,270 digital trust professionals, only 15% of organisations have AI policies, and 40% of organisations offer no AI training at all.
These gaps are concerning given that 70% of respondents say staff are using AI, and 60% say employees are using generative AI (e.g., Microsoft CoPilot, Google Gemini, and OpenAI’s ChatGPT).
The poll showed the most common uses of AI are:
- Increasing productivity (35%)
- Automating repetitive tasks (33%)
- Creating written content (33%)
A full 60% of respondents are worried or very worried that bad actors will exploit generative AI, with 81% saying the top AI risk is misinformation/disinformation. Yet only 35 percent say AI risks are an immediate priority for their organisation.
Respondents believe jobs will be significantly impacted by AI, with 45% saying many jobs will be eliminated over the next five years and 80% saying many jobs will be modified. Yet digital trust professionals—those who work in fields such as information security, governance, risk and privacy—are more optimistic about their own jobs. Seventy-eight percent say AI will have a neutral or positive impact on their careers.
To achieve that neutral or positive impact and retain or advance their careers, 85% say they will need to increase their AI skills and knowledge within two years.
“AI is moving at a speed we haven’t seen before, with its use in organisations outpacing the policies, training and skills that are absolutely critical for making sure it is used securely,” said Shannon Donahue, ISACA Chief Content and Publishing Officer. “AI is quickly becoming a business imperative, and ISACA is fully committed to providing the tools, resources and training to help individuals and enterprises thrive in an AI world.”
“While there are many unknowns when it comes to AI’s trajectory, one thing is clear—digital trust professionals must prioritise AI education and training to harness the technology’s value, enhance their own skillset, and evolve and advance their careers with the changing times,” says RV Raghu, Director at Versatilist Consulting India Pvt Ltd, and ISACA India Ambassador.
ISACA is addressing this knowledge gap by releasing a series of on-demand AI training, with three courses launching today:
- AI Essentials—Explores foundational principles and applications of AI and provides a comprehensive overview of core AI concepts, algorithms and application of AI
- Auditing Generative AI: Strategy, Analysis and Risk Mitigation—Explores generative AI, including considerations of usage, associated risks, and its impact on auditing processes, with emphasis on security, ethical considerations, data governance, and compliance with regulations
- AI Governance: Principles, Strategies and Business Alignment—Explores how governance practices apply throughout the AI lifecycle, from development and implementation to ongoing monitoring and maintenance, ensuring consistent and effective governance at every stage
These new courses join additional AI-focused resources from ISACA, including:
- A new book titled Artificial Intelligence: A Primer on Machine Learning, Deep Learning, and Neural Networks
- Artificial Intelligence Audit Toolkit
- Using the Digital Trust Ecosystem Framework to Achieve Trustworthy AI white paper
- An AI acceptable use policy template (one of 15 IS/IT policies available in ISACA’s Policy Template Library)