GRC Spot

Inaugural Address to GRC Spot Readers

William L. “Bill” Wells
2–3 minutes

Welcome!

As I sat down to begin writing content for this site, I knew I needed to launch the site with a topic that would resonate not only with those in the GRC profession, but also those in the professions with whom we work—GRC’s collaborative constituents and clients:

  • executive leaders
  • legal counsel
  • finance
  • business unit and technology managers
  • architects and engineers
  • product owners and business analysts
  • sales and marketing staff
  • facilities management

…and every other role and function that touches regulated content.

The simple truth is that while GRC is the focal point providing oversight and management of the compliance landscape, the work of funding and implementing the controls needed to achieve that compliance falls on the business and technology leaders.

So, to focus only on content relevant to GRC professionals would be a tremendous mistake. The site needs to also speak to and resonate with all those with whom we collaborate to provide effective and holistic governance, risk, and compliance value to the organizations we serve.

Okay. So, what topic touches virtually every one of our constituents and clients? What risks cut across the lion’s share of the immense spectrum of the GRC landscape?

Well…yeah…artificial intelligence (AI).

As much as I cringe at how cliché that feels and sounds, at this point. I mean, AI isn’t as new as it feels to a great many people. It has been around since circa 2017, with the advent of transformer model architecture, massive data availability, and GPU acceleration. The big shift we’re experiencing today is largely owed to the launch of ChatGPT in 2022.

So, it’s been around a while and it continues to be our shared reality.

Even a blacksmith, who perhaps does not directly use AI to swing the hammer and shape the metal, the back office that manages the blacksmith’s business finances, marketing, logistics, insurance…and so on is very much likely to be using AI-enabled tools. So, even the local blacksmith is impacted by AI, even if not directly hands-on with it.

So, the first series of articles I’m planning to publish here on GRCSpot.com will focus on various aspects of AI governance, which touches nearly every established GRC domain:

  • Risk management
  • Privacy
  • Security
  • Resilience
  • Third-party risk
  • Audit
  • Compliance
  • Legal
  • Policy
  • Executive reporting

…and I will be diving into other related topics, such as:

  • The Impact of Technical Debt on Enterprise Risk
  • Why the CVSS Rating is Not Enough
  • Is Agentic AI the Answer or the Enemy?

…and so on.

AND…as much as I love to read my own writing, I will end this post with a simple request…

If you like the content of this site as it unfolds going forward, please share it with others who might gain some insight and benefit from a visit to GRC Spot.

Best regards,

Bill

Trending

Discover more from GRC Spot

Subscribe now to keep reading and get access to the full archive.

Continue reading