For years, GRC has often been viewed as a filing cabinet—a repository of static evidence gathered periodically. However, as **Maril Vernon**, GRC Engineering Evangelist at **Anecdotes**, highlights, the systems we govern are inherently fluid: cloud is elastic, identity is dynamic, and CI/CD never ceases. Attackers have long exploited this real-time reality, while many compliance programs remain tethered to point-in-time assumptions. ### What 'Agentic' Actually Means Here The concept of 'agentic' AI in GRC is not merely about automation; it represents a fundamental shift. Unlike traditional scripting or Robotic Process Automation (RPA) that often just accelerates busywork, an agent operates with three distinct characteristics: * **Autonomy:** Agents act when specific conditions are met, rather than waiting for human initiation. * **Context:** They work against the actual, current state of a program, not outdated snapshots. * **Multi-step Execution:** Agents can analyze, decide, and act in sequence, providing comprehensive responses instead of merely generating reports. While AI provides reasoning, summarization, and orchestration, the critical human element of defining controls, thresholds, and policy decisions remains. GRC, with its high-volume, repeatable tasks against known baselines, presents an ideal use case for AI, enabling practitioners to focus on creative judgment rather than tedious collection. ### Three Things That Actually Change This agentic approach promises three profound changes for GRC operations: 1. **Analyst's Role Shifts from Collecting to Managing:** The mundane tasks of evidence collection and spreadsheet updates are offloaded to agents, freeing analysts to apply their judgment to critical issues. 2. **Compliance Moves from Periodic to Continuous:** The historical reliance on annual or quarterly cycles, necessitated by human limitations, gives way to continuous assessment. This allows organizations to answer the question, "Are we compliant right now?" with real-time accuracy. 3. **Trust Becomes the Bottleneck:** As the effort for compliance becomes cheaper, the challenge shifts to verifying and trusting the agent's actions. This necessitates robust governance to ensure that the automation doesn't simply transfer manual work to a verification tax. ### What It Looks Like to Build One Building an agent involves three key decisions: * **Pick a Trigger:** This could be a schedule (e.g., "run every Monday") or, more effectively, an event (e.g., "a risk level changes" or "evidence for a control goes stale"). Event triggers enable continuous monitoring by reacting instantly to changes. * **Describe the Work in Plain English:** Instructions are written as if briefing a junior analyst. For example, for **ISO 27001:2022** control A.8.5 (secure authentication), an instruction might be: "When the MFA evidence for A.8.5 is older than 24 hours, query the identity provider for the current MFA enforcement policy, compare it against the organization's required MFA baseline, and if any group has fallen out of enforcement, open a finding and assign a remediation task to the control owner." * **Deploy and Watch:** Once deployed, the agent executes these instructions. For instance, it could read a live MFA policy from an identity provider like **Okta** or **Entra ID**, compare it to the defined baseline, identify a newly provisioned admin group lacking an MFA policy, and then open a finding, attach evidence, and assign remediation to the IAM owner. Each step is logged, providing a traceable record of the trigger, inputs, evaluation, decision, and action. This execution log is crucial for demonstrating that "A.8.5 is enforced right now," backed by timestamped evidence.  ### The Part Security People Will Push On (Correctly) The natural skepticism of handing compliance decisions to a "black box" is valid and encouraged. The defensibility of agentic GRC lies in its observability. A comprehensive execution log captures every detail: the trigger, exact inputs, evaluation rules, decisions, actions taken, and evidence touched—all timestamped. This record allows for full reconstruction and auditing of any decision. Crucially, two scoping rules ensure safety: * **Least Privilege:** Agents should have read-only access to evaluated systems and write access only to GRC objects they are authorized to create (e.g., findings, tasks). * **Human Gating:** Consequential actions, such as closing a risk or marking a control effective, should always require human sign-off. It's also vital to plan for the agent being wrong. If a false positive occurs, the detailed log helps pinpoint the issue, allowing for instruction refinement rather than guesswork. The log, therefore, is more critical than the model itself, as a traceable action is a reversible action. ### Where to Start For organizations looking to adopt agentic GRC, the recommendation is to start small. Begin with high-toil, low-judgment tasks that teams perform routinely and dislike—such as evidence gap detection, extracting findings from audit reports, or generating analysis rules for untested evidence. Proving the pattern, reviewing logs, and building trust in these areas will pave the way for broader adoption. This evolution marks a significant step towards matching GRC tooling with the speed and complexity of modern IT environments. The future of GRC is not about replacing human judgment but empowering it with continuous, real-time insights.