This report examines the current state of generative AI usage within organizations, highlighting the risks and opportunities associated with its implementation. A survey conducted by ISACA with over 2,300 professionals in audit, risk, security, data privacy, and IT governance reveals that while the use of generative AI is increasing, many organizations lack sufficient policies and training to manage its risks effectively. Only 29% of organizations permit the use of generative AI, and a mere 10% have a formal policy in place. The report outlines key concerns, including the lack of training for employees and insufficient attention to ethical standards, which could lead to increased risks. Additionally, it identifies the top risks associated with AI, such as misinformation, privacy violations, and job displacement. Despite these challenges, the outlook remains optimistic, with many professionals believing that AI can enhance productivity and positively impact their industries.