Posts Tagged ‘grc technology’
Study Ranks AI Models on Compliance Tasks
We’re back to artificial intelligence today, with fresh research on how well various AI models perform at tasks that compliance teams encounter on a daily basis. The bottom line: yes, just about all AI models are generally good at lots of compliance work, but integrating AI into compliance workstreams is still going to be a…
Read MoreKeeping Humans in the AI Loop
I spent this week in Lithuania attending a conference for compliance officers in Eastern Europe, and this being Europe, of course that meant artificial intelligence and data privacy were all over the agenda. So it’s rather poetic that European regulators also just published fresh guidance on human oversight of automated decision-making systems. The guidance was…
Read MoreAI and Policy Chatbots, Part II
Today I want to return to the idea of using an AI-driven chatbot as a compliance policy adviser for employees. On one hand, the potential gains for your compliance program are clear; but are we miscalculating some of the potential risks that AI chatbots might bring to your program too? This particular bee crept into…
Read MoreYes, Automating ICFR Helps, But…
Internal audit and GRC professionals talk all the time about the importance of automating internal controls. Now we have some fresh academic research demonstrating what sort of benefit a company can gain from following that path. The research comes from Musaib Ashraf, an accounting professor at Michigan State University who published a nifty paper several…
Read MoreSurveys Depict Compliance Strains
Everyone loves end-of-year surveys predicting corporate compliance challenges for the year to come, and today we have a double dose of them: one survey report from the audit world and the other from legal, both suggesting that companies are struggling to keep pace with regulatory burdens and compliance risk. First is a survey from the…
Read MoreSOX Costs Drop; Struggles Don’t
Sarbanes-Oxley compliance costs fell for many companies last year, according to an analysis released this week — although time spent on SOX compliance work actually rose, suggesting that many companies are struggling to implement automation technologies even as demands from their audit firms keep rising. In other words, as usual, SOX compliance is a bit…
Read MoreCyber Failure Leads to False Claims Penalty
We have a fascinating enforcement action from the Justice Department this week, where a subsidiary of Verizon has agreed to settle charges that its failure to meet certain cybersecurity standards as part of a government contract qualified as a violation of the False Claims Act. Verizon Business Network Services, an IT services subsidiary within the…
Read MoreUsing GRC Frameworks for New Tech
Today we have another dispatch from this week’s ISACA-Institute of Internal Auditors GRC Conference, on a subject that gives compliance and audit professionals plenty of heartburn: emerging technologies. How can you apply GRC frameworks to assure that as those technologies spread through your enterprise, they don’t cause unnecessary risk? That was the question for a…
Read MoreThoughts on Data Security
This week I’m attending the ISACA-Institute of Internal Auditors GRC Conference in Las Vegas. As one might imagine, data security is all over the agenda, so I’ve been taking notes for those audit and compliance executives back home looking for suggestions on how to make your GRC efforts better. For starters I attended a fascinating…
Read MoreA Survey on Compliance IT Issues
KPMG published a survey last week that delivers news both good and bad for compliance officers. Spending on staff and technology are likely to increase in the next year (yay!) — but compliance functions are also under more pressure, primarily from boards and regulators, to do better (boo!). The survey polled 240 chief compliance officers…
Read More