IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Modern office ai computers workers uk security gap illustration
#
Risk & Compliance
#
AI
#
AI Ethics & Governance

UK AI adoption outpaces governance as only 7% have frameworks

Fri, 25th Jul 2025
Author image
By Shannon Williams, News Editor

Research from Trustmarque shows that while 93% of UK organisations are now using artificial intelligence in some capacity, only a small proportion have embedded suitable governance frameworks to manage associated risks.

Governance lagging adoption

The AI Governance Index 2025, drawn from responses of 507 senior UK IT decision-makers, reveals only 7% of businesses have fully embedded frameworks to govern AI, while 54% report having minimal governance or none at all. The survey highlights a significant gap between fast adoption and the introduction of processes essential for safe, compliant, and effective AI deployment.

The findings suggest that many organisations still rely on previous generations of software development processes, which are not designed to address challenges unique to AI. Risks such as model bias or unexplained AI decision-making often go unaddressed. Just 28% of those surveyed apply bias detection during testing, while only 22% test for model interpretability, reflecting slow progress in addressing AI-specific risks.

Technology infrastructure is another area of concern. Only 4% of organisations assess their technology environment as fully ready for AI at scale. Barriers cited by IT leaders include manual or missing audit trails, version control, and registries for AI models, all of which impact the traceability and oversight of deployed solutions.

Accountability concerns

Questions around accountability also persist. The research identifies a fragmented approach to AI governance oversight within UK organisations: only 9% report strong alignment between IT leadership and governance, while 19% indicate there is no clear ownership for governance activities. In most cases, responsibility for AI governance sits at a departmental level rather than with strategic leadership, leading to disjointed approaches to monitoring and compliance.

Monitoring and measurement practices remain limited. Just 18% of organisations have implemented continuous monitoring with defined KPIs to track the effectiveness of their AI governance. This lack of oversight further complicates efforts to manage risk effectively.

Industry viewpoints

Our report shows that AI adoption is outpacing governance. It's a clear gap - 93% of organisations are using AI but only 7% have fully embedded governance frameworks.

Seb Burrell, Head of AI at Trustmarque, said: "Right now, systems and processes haven't kept up with the speed of innovation. Development teams lack proper tooling and infrastructure, and the issues are compounded by the lack of management buy-in for building robust governance systems.

"Governance is also often seen as a constraint, but our findings suggest otherwise. Organisations that have adopted AI governance are seeing real, tangible benefits - faster deployments, stronger accountability, and reduced manual review cycles. It's a vital support function to enable responsible, scalable AI."

James McKeown, AI Specialist and Principal Test Consultant at Trustmarque, added: "What stood out in this research is how many organisations are adopting AI without fully understanding the risks.

We see projects moving fast, but often without the checks, controls, or delivery oversight needed to support them. That's where governance makes the difference. Without it, you're not just risking compliance gaps, you're risking poor outcomes, rising costs, and wasted time. Governance isn't about slowing things down. It's what helps organisations scale AI safely and effectively."

Legacy development and risk

The Trustmarque research identifies that fewer than one in four UK organisations actively test for bias or explainability in AI models, with only 8% integrating governance into their software development lifecycle. The reliance on legacy software development approaches is seen as a key factor holding back the adoption of robust AI governance frameworks.

The report states that as adoption speeds up, the risks of operating without appropriate governance – including bias, compliance issues, and lack of clear accountability – are likely to grow, affecting both operational results and regulatory exposure.

Trustmarque, together with its governance and assurance arm Acutest, provides services designed to help organisations embed AI governance, integrate risk management, and align the deployment of AI within broader business strategies, supporting the need for more mature governance practices identified in the research.

Related stories
Forrester tips cloud & generative AI to fuel IT boom
Google unveils open UCP standard for AI-driven shopping
Humanforce names Cameron Partridge Chief Growth Officer
Rubrik launches CXO Visionaries for cyber & AI leaders
Google debuts Disco to test AI-powered GenTabs apps

Top stories

MedExpress automates one million patient letters a month
Royal Navy tests sovereign AI at sea on flagship ship
Mobile & AI power record UK online Christmas sales
Tech leaders urge Khan to drop AI ‘mass unemployment’
Integrity360 buys Advantus360 to launch Canada hub