"AI should not replace judgment. It should give practitioners more opportunities to creatively apply it," writes Maril Vernon, framing a practical case for agentic tools in governance, risk, and compliance (GRC).
What "agentic" actually means for GRC
Vernon distinguishes agents from existing automation by three concrete characteristics: autonomy, context, and multi-step execution. Autonomy means an agent acts when a condition is met instead of waiting for a human-triggered task. Context means the agent evaluates the live state of a program rather than static, point-in-time artifacts. Multi-step execution means the agent can analyze, decide, and act in sequence instead of producing only a report row for later human follow-up. Those three changes, she argues, are what turn intermittent compliance checks into continuous monitoring aligned with the systems being governed.
Three operational shifts Vernon identifies
Vernon lays out three practical consequences of moving to agentic GRC:
- The analyst's role moves from collecting evidence to managing agents and applying judgment to the results. Agents handle high-volume, repeatable tasks so practitioners can focus on decisions.
- Compliance assessment becomes continuous rather than periodic. Event-driven triggers allow controls to be evaluated the moment they change, making "are we compliant right now" an answerable question instead of a defended snapshot from a past assessment.
- Trust and governance become the bottleneck. When effort to collect evidence is cheap, the harder problem is whether you trust what the agent did and can prove it — a governance question that requires controls around access, auditable logs, and human gates for consequential actions.
How an agent is built — a step-by-step example
Vernon demonstrates the mechanics using Anecdotes Agent Studio, described as a no-code builder currently in early access. Agent development, she says, reduces to three decisions:
- Pick a trigger: schedule-based or event-based; she prefers event triggers to enable continuous monitoring.
- Describe the work in plain English: write the instruction as you would brief a junior analyst; she gives an ISO example using ISO 27001:2022 control A.8.5 (secure authentication).
- Deploy and observe: watch the execution log as the agent reads live data, compares it to the defined baseline, and creates findings and remediation tasks where needed.
Vernon walks through a specific scenario: an instruction to check whether MFA evidence for A.8.5 is older than 24 hours, query an identity provider for current MFA enforcement, compare it to the organization's baseline, and open a finding if a group has fallen out of enforcement. The agent reads the live MFA policy through a connected plugin (examples cited include Okta and Entra ID), pulls enforcement state by group, attaches a policy snapshot as evidence, links it back to A.8.5, and assigns remediation to the IAM owner — all recorded in an execution log.
Security controls, logs, and the human gate
Vernon emphasizes two scoping rules to keep agentic GRC defensible. First, apply least privilege: agents should have read-only access to evaluated systems and write access only to permitted GRC objects (findings, tasks). Second, gate consequential actions behind humans: detecting drift and opening findings can run unattended, but closing a risk or marking a control effective should require sign-off. She underscores that the execution log — timestamping the trigger, inputs, rule evaluated, decision rationale, action, and evidence touched — is the artifact that lets organizations reconstruct and verify any agent decision.
What this means for technologists, procurement leaders, and compliance teams
Technologists and security teams: Vernon frames agentic tools as a match for modern systems that are elastic, fluid, ephemeral, and non-deterministic; agents let monitoring keep pace by reading live state and reacting to events through integrations with identity providers and other systems.
Procurement and enterprise leaders: she advises starting with high-toil, low-judgment tasks — the repetitive items teams do weekly and dislike — to prove the pattern, examine logs, and build trust before expanding agents into more sensitive controls.
Compliance practitioners and control owners: Vernon stresses observable work and reversibility. If an agent produces a false positive, the log shows what it read and why, enabling instruction fixes rather than guesswork; consequential decisions remain routed to humans.
Vernon closes with a practical injunction: "Build the boring one first. Then tell me what changed." That line captures the article's central test: use agents where they reduce toil and create auditable, reversible actions, then expand once logs and governance deliver the confidence to scale.
