CCOs and CROs are maximizing technology’s benefits by promoting resilience and maintaining guardrails, according to our
2025 Digital Transformation Survey.
of CCOs/CROs ranked governance, risk and compliance (GRC) tools and processes as one of their top three approaches for mitigating technology risks.
GRC tools are increasingly providing critical functionality for risk identification and risk assessment, while supporting incident response planning to minimize damages in the case of a breach.
Regulators lean in on cyber
As regulators take a firm stance on cybersecurity, complying with regulatory requirements related to data privacy is CCOs’ and CROs’ top concern related to cybersecurity and data privacy. From SEC annual and incident disclosures to executive orders designed to protect critical infrastructure, the regulatory requirements companies face related to cybersecurity can be intense. Treating cybersecurity compliance as a core business function is helping many companies meet their obligations.
Measure this — it matters
Although compliance and risk management was the top technology ROI metric priority for CCOs and CROs in our Digital Transformation Survey, it ranked just sixth among the measures all other executives plan to track for technology ROI this year. The focus of CCOs and CROs on compliance and risk management measures shows that loss event frequencies, regulatory compliance scores and detection/response rates can be important gauges for judging the full effects of technology on organizational results.
A COO’s perspective
“In the next few years, increased automation in compliance tracking will help meet regulatory requirements more efficiently.”
— Life Sciences company chief compliance officer in our Digital Transformation Survey
Enhancing compliance and resilience
CCOs and CROs are working to strengthen compliance and resilience as organizations upgrade their technology to drive revenue, efficiency and profits. Tech-enabled compliance and resilience efforts are most effective when:
Governance remains a constant priority
Real-time monitoring is performed with right-fit tools
