Key Data Points:

• 15% of organizations have deployed AI extensively across business units and customer touchpoints
• 48% use hybrid implementation models (SaaS + OEM + custom-built)
• 60% have basic AI governance policies and only 19% have conducted structured risk assessments covering legal, ethical and societal dimensions
• Just 22% conduct AI-specific due diligence for third-party vendors
• Fewer than 20% have implemented explainability, bias detection or fairness mechanisms and 60% lack formal model integrity assurance processes
• 51% have no controls to detect or mitigate AI hallucinations
• 66% conduct no formal audits or rely on ad-hoc checks
• Only 19% have mechanisms to detect or mitigate data poisoning during model training
• 56% mandate security reviews before deployment

Mumbai, 3rd December 2025: Global professional services firm Alvarez & Marsal (A&M) today unveiled its latest AI Survey Report at the Annual Information Security Summit (AISS) in New Delhi. The report provides a comprehensive assessment of enterprise AI maturity across India Inc covering governance, responsible AI, model security, lifecycle risk management, and regulatory readiness. The findings are based on a month-long survey of CISOs, CIOs, CTOs, and CROs across BFSI, technology, healthcare, manufacturing, retail, and other major sectors.

The report highlights that India Inc. is rapidly scaling AI, fueled by global tailwinds, competition, and advances in Gen AI technologies. AI now cuts across customer engagement, operational optimization, and mission-critical processes in multiple sectors. Yet adoption remains fragmented with only 15% of organizations having extensive enterprise-wide AI deployment. While AI will continue growing, the report cautions that oversight is not keeping pace with it. In many organizations, AI infrastructure is expanding faster than the governance, security, and ethical safeguards needed, creating widening gaps in accountability and risk management.

Dhruv Phophalia, Managing Director and India Practice Leader of Disputes and Investigations, Alvarez & Marsal, said “AI is now embedded deeper into business processes and decision systems than ever before. India’s AI opportunity is substantial, but its long-term gains depend on how effectively organizations govern and secure the systems they deploy. Those who invest early in these foundations will be best placed to unlock the full economic and competitive potential of AI”

AI Governance

Governance maturity remains limited despite rising usage. While 60% of organizations have introduced basic governance or acceptable-use policies, only 19% have carried out detailed risk assessments, and 81% still lack full visibility of how their AI systems are monitored or governed. With many AI initiatives developed in silos, accountability and standards vary widely, especially when third-party and in-house models coexist.  The study underscores the need for integrated, organisation-wide governance frameworks that embed transparency, oversight and clear role ownership.

Responsible AI

The report finds that responsible AI principles are widely acknowledged, however their implementation remains limited. Fewer than 20% of organizations have deployed mechanisms for explainability, bias detection, or fairness, and 60% lack any formal process to validate model integrity. Data governance shows similar gaps with only 26% having integrated data masking and PII-scanning within AI workflows, and 60% perform no structured dataset validation. These weaknesses leave systems exposed to bias, compromised training data, and inconsistent outcomes. The report highlights the need to embed fairness checks, model transparency, and secure data practices into the development lifecycle to ensure decisions remain interpretable and accountable as adoption scales.

Securing the AI Lifecycle

As more complex AI models go into production, security across the AI lifecycle will be imperative. While 52% of enterprises have secure development environments with basic controls, fewer than 30% conduct penetration testing or red-teaming, and only 19% have safeguards to detect data poisoning during model training. These early-stage vulnerabilities can compromise entire models before they are even deployed. The study advocates the need for stronger end-to-end security practices. Measures such as containerizing training environments, validating dataset authenticity, and embedding adversarial testing into the build lifecycle can substantially improve model resilience.

Commenting on the findings, Chandra Prakash Suryawanshi, Managing Director, Alvarez & Marsal, said “As AI systems become more autonomous and data-intensive, gaps in oversight, model integrity and lifecycle governance carry far greater consequences. This report shows a clear need for organisations to move from fragmented controls to a holistic approach that integrates governance, security, and monitoring across every stage of the AI lifecycle.”

Deployment and Operationalization

Operational risks intensify as AI models go live. Although 56% of organizations conduct security reviews before deployment, advanced safeguards remain limited. Only 30% have controls against prompt-injection attacks and just 19% have mechanisms to detect or manage hallucinations in real time. Data protection challenges also persist, with most enterprises depending on traditional access controls rather than automated privacy-preserving methods. The report notes that stronger version control, clearer audit trails, and closer monitoring of how models behave with live data will be essential for safe, reliable deployment.

Monitoring and Compliance

Post-deployment oversight remains a critical weakness. 26% of organizations have no monitoring in place, and a further 45% rely on partial or non-real-time tracking. Incident-response maturity is similarly low, with only 15% reporting AI-specific response plans and 66% conducting no formal audits of their AI systems. These gaps leave enterprises exposed to performance drift, undetected failures, and regulatory risk. Establishing continuous monitoring, clearer escalation processes, and periodic assessments of fairness, accuracy, and compliance can help organizations respond quickly to issues.

Read the full report here
 

About Alvarez & Marsal

Founded in 1983, Alvarez & Marsal is a leading global professional services firm. Renowned for its leadership, action, and results, Alvarez & Marsal provides advisory, business performance improvement, and turnaround management services, delivering practical solutions to address clients' unique challenges. With a worldwide network of experienced operators, world-class consultants, former regulators, and industry authorities, Alvarez & Marsal helps corporates, boards, private equity firms, law firms, and government agencies drive transformation, mitigate risk, and unlock value at every stage of growth.

To learn more, visit: AlvarezandMarsal.com.