Over half of UK businesses have no idea how fast they could stop AI in a crisis
Only 21% of businesses could confidently stop an AI system within 30 minutes during a crisis.
New research from global IT governance association ISACA reveals that UK businesses are dangerously unprepared to manage AI risks. The study found that 59% of organizations have no idea how quickly they could stop an AI system during a crisis, with only 21% confident they could shut one down within 30 minutes. Beyond emergency response, accountability is equally murky—just 38% of workers can identify who's responsible for AI failures, and only 42% feel they could explain an AI malfunction to leadership or regulators.
These gaps create significant compliance and operational risks, particularly with the EU AI Act's requirements for AI explainability and accountability. ISACA's Chief Global Strategy Officer Chris Dimitriadis notes that companies are treating AI as a technical problem rather than an organization-wide governance challenge. The report identifies poor visibility as a key issue, with one-third of organizations not requiring employees to disclose when they're using AI at work, creating dangerous blind spots. ISACA urges businesses to establish clear senior-level accountability, implement better AI auditing, and integrate AI incident response into their broader cybersecurity strategies.
- 59% of UK businesses don't know how quickly they could stop AI in a crisis
- Only 38% have clear executive accountability for AI failures under EU AI Act requirements
- One-third of organizations don't require AI use disclosure, creating major visibility gaps
Why It Matters
Without proper AI governance, businesses face regulatory penalties, operational disruptions, and reputational damage from uncontrolled AI incidents.