Compliance mandates and risk management processes can be a huge burden to a company's bottom line. In an effort to streamline data management resources and to curb costs, some businesses are making the switch to automated compliance processes.
This trend might give those in the governance, risk and compliance (GRC) field pause. After all, when these professionals hear that automated processes will be used to "streamline resources" and "curb costs," it's no wonder they suspect GRC jobs will be part of the cuts.
But rather than summarily reduce the number of GRC jobs available, the shift toward automated compliance is more likely, at least in the short term, to change desired skill sets. Human input will still be required to ensure that automated tools are working correctly, and related processes are regulatory compliant.
In the latest SearchCompliance #GRCchat, we asked participants their opinion on how increasingly automated compliance processes would impact GRC jobs. Many were skeptical that there would be a dramatic reduction in GRC job availability due to automation.
A4 Prob wont have huge impact on GRC jobs- will always need human element in place to ensure automated controls working correctly #GRCChat— Ben Cole (@BenjaminCole11) July 24, 2014
A4 IT compliance team members will also need to be involved in implementation strategy of any automation tool #GRCChat— Ben Cole (@BenjaminCole11) July 24, 2014
In other words, it's virtually impossible to completely remove the human element from any GRC management strategy. New, complicated GRC management systems need highly skilled workers to implement and maintain them. And of course, no tool will be completely infallible. Employees must be available to fix any problems -- especially if they could result in regulatory violations.
#GRCchat A-4: Well, you'd need folks w. deep technical know-how to troubleshoot systems. Business process engineers? Enterprise architects?— Linda Tucci (@LTucci) July 24, 2014
GRC professionals will also be required to identify areas where automated tasks are most beneficial. A company-wide risk assessment is an appropriate way to get this started, and one that will require input from department heads, IT staff and security personnel throughout the organization.
A5 Risk assessments can also help identify areas where security/compliance processes overlap- use automation to consolidate them #GRCChat— Ben Cole (@BenjaminCole11) July 24, 2014
A5 Risks assessments help determine what GRC processes are big threats and result in big costs- and ideal places for automation #GRCChat— Ben Cole (@BenjaminCole11) July 24, 2014
How do you think automated compliance processes will impact GRC jobs? Join the discussion by adding your two cents here, or by using the #GRCchat hashtag on Twitter.
For more coverage of this month's #GRCchat, follow @ITCompliance on Twitter and read our recaps on how automation is changing regulatory compliance processes.