Friday, February 26, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

Can AI Be the Next Step in GRC’s Evolution?

by French Caldwell
October 18, 2017
in Data Privacy, Featured
lock screen superimposed over man working on laptop

How IT Can Leverage AI to Prevent Major Cybersecurity Incidents

The need for artificial intelligence (AI) in IT governance, risk and compliance (GRC) is growing quickly.  As companies expand their digital footprints, cybersecurity vulnerabilities worsen due to an increased amount of data being produced from IT security monitoring and performance tools. 

At its recent Ignite 2017 conference, Microsoft revealed its plans for further incorporating artificial intelligence (AI) into its various offerings.  For example, the company is embedding AI in Excel to assist with automatic determination of different types of entries – Excel will be able to go beyond automatically differentiating between text and numbers to being able to identify the type of text utilized.  Since the program will be able to better identify types of text – for example, differentiating between objects, corporations and people – it also will be able to discover relationships within and between data sets.

A recent report issued by MetricStream found that AI has already taken the step of improving the discovery of data relationships in governance, risk and compliance (GRC). For instance, if a risk assessor creates a link of a risk to a business objective, an auditor identifies a relation of a risk to a control, and an IT security manager identifies a link between a control and an IT asset, an analyst now can evaluate the relationships between IT assets, risks and controls and business objectives.  Over time, through machine learning, a GRC system leveraging AI could begin to distinguish these relationships on its own, and thereby augment the discovery of linkages between data objects and make suggestions to human end users of the system. Further, rather than waiting for a human analyst to evaluate the relationships and trends, an AI-backed GRC solution could utilize cognitive computing to continuously analyze the data objects for any changes that could lead to greater risks or control failures – any detected threats to the ability to achieve business objectives would automatically alert human analysts for deeper evaluation.

Within an IT GRC context, the need for AI is growing quickly.  As companies expand their digital footprints, cybersecurity vulnerabilities worsen due to an increased amount of data being produced from IT security monitoring and performance tools.  In response to this, vendors have begun augmenting threat-monitoring tools with AI; the potential for discovering patterns of security vulnerabilities and IT asset performance can be significantly enhanced by the incorporation of this technology. However, AI still requires human analysis of the reports from those assets. Applying machine learning, GRC solutions can learn from the human analysis and then continuously monitor for the emergence of high-risk vulnerabilities, thus catching them and, through cognitive computing, orchestrate corrective action that can prevent a major incident or failure.

How far is the GRC industry from deploying solutions augmented by AI?  Perhaps not that far.  According to a recent survey conducted by GARP, a risk professionals association, 15 percent of their risk management organizations are already using AI. However, just 4.6 percent say that it plays a significant role in risk management.  Certainly, if compliance and audit professionals were surveyed, the numbers would be even smaller.  Still, with new tools emerging from industry giants like Microsoft that enable developers to incorporate AI capabilities into Excel-based solutions, there will be a lot of experimentation over the next two to three years, and GRC solutions that incorporate AI will play a major role in the industry in the near future.


Tags: Artificial Intelligence/A.I.GRCmachine learning
Previous Post

Raising the Bar on Business Ethics in the 21st Century

Next Post

TRACE: 1MDB

French Caldwell

French Caldwell One of the foremost thought leaders in IT, French Caldwell has been decisively shaping the GRC market for the last 12 years. French is a former Fellow and Vice President at Gartner, where he led their GRC research, including the influential Gartner Magic Quadrant on GRC, as well as research into disruptive technology. He also worked with the White House and U.S. Naval War College in 2002 to develop the Digital Pearl Harbor war game, the first ever strategic assessment of cyber war strategies. In 2012, the game took on a very real form with the strategic attacks on oil and gas infrastructure in Saudi Arabia and Qatar. French is also a retired naval officer and a nuclear submariner. Post-­retirement, French served as a diplomatic liaison to NATO for the post-­Cold War Congressional Commission on Roles and Missions of the Armed Forces. As an academic, French served as a Federal Executive Fellow at the Brookings Institution, an Adjunct Fellow at the Center for Strategic and International Studies and an Adjunct Professor and Graduate Research Advisor at the George Washington University School of Engineering Management. He has written a book on international law and has over 400 published research papers. French has an M.A. in International Economics, Strategy and Diplomacy and a B.S. in Oceanography.

Related Posts

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

February 25, 2021
cannabis leaf on $100 bill

The Intersection of EDD and Banking Cannabis

February 24, 2021
gold cup award on red background with stars

Ethisphere Announces the 2021 World’s Most Ethical Companies

February 23, 2021
illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
Next Post
Malaysian prime minister Mohd Najib Abdul Razak

TRACE: 1MDB

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights