Pay No Attention to the GRC AI Behind the Curtain

Michael RasmussenWritten by
Published onUpdated onDiscussionLeave a Comment on Pay No Attention to the GRC AI Behind the Curtain

Why I am drawing a line in the sand on “agentic AI” in GRC

Below is a blog based on my soon to be published (next week) market research paper which is a Strategy Perspective called “Agentic AI in GRC: Pulling Back the Curtain.” Clients of GRC 20/20 Research can request to get an early copy of the draft before it is published to review.

There is a famous moment in The Wizard of Oz when Dorothy and her companions finally discover that the great and powerful Oz is not quite what he claims to be. The voice is booming. The fire is dramatic. The room is filled with spectacle, authority, and fear. Then Toto pulls back the curtain and there he is: a man at the controls, pulling levers, creating the illusion of something far more powerful than what is actually there.

That, increasingly, is how I feel about much of the “agentic AI” conversation in GRC.

The market is full of smoke, mirrors, flames, booming voices, and green-tinted lighting. Every vendor now seems to have agents, copilots, autonomous workflows, AI orchestration, intelligent automation, next-generation reasoning, and some magical path to automated assurance. The demos are polished. The language is confident. The roadmaps sound like they were written somewhere between Silicon Valley and the Emerald City. But when you pull back the curtain, too often what you find is not real agency. It is a chatbot. It is prompt-based assistance. It is retrieval-augmented generation. It is a workflow rule with a large language model draped over it like a theatrical costume.

That is not agentic AI. That is theater. And in some . . . many . . . cases, it is dangerously close to a lie.

I want to be clear: I am not anti-AI. Quite the opposite. I believe AI has tremendous potential in governance, risk management, and compliance. It can help summarize complex information, review documents, classify risks, analyze third-party evidence, draft policies, support investigations, and make scarce GRC expertise more scalable. It can help reduce the administrative sludge that too often buries talented risk and compliance professionals under a mountain of forms, attestations, spreadsheets, and follow-up emails. Used properly, AI can help GRC move closer to its true purpose: helping organizations set and achieve objectives, make better decisions amid uncertainty, and act with integrity.

But that is exactly why the language matters. If everything is called agentic, then nothing is. If every chatbot is an agent, every automated workflow is orchestration, and every AI-generated paragraph is intelligence, then buyers are being led down a yellow brick road that ends in disappointment. There is nothing wrong with assistive AI. In many cases, assistive AI is precisely what organizations need. The problem is calling assistance agency.

The yellow brick road to agentic confusion

Here is my line in the sand: if a system cannot understand context, choose tools, manage state, take governed action, and explain what it did, it is not truly agentic.

That does not mean it has no value. A policy drafting assistant can be valuable. A control summary tool can be valuable. A regulatory Q&A interface can be valuable. A third-party document review assistant can be very valuable. But value does not automatically equal agency. A calculator is valuable. A filing cabinet is valuable. A search engine is valuable. We do not call them agents simply because they help us do work.

Real agency requires something more demanding. An agent operates toward an objective in an environment. It must understand enough of the environment to know what matters, what tools are available, what constraints apply, what actions are permitted, and what steps should come next. In GRC, this becomes even more demanding because the environment is not a video game or a consumer app. It is a regulated, permissioned, audited, accountability-heavy operating model involving policies, risks, controls, obligations, issues, evidence, third parties, incidents, assets, business services, and objectives.

A real agent in GRC cannot simply produce a plausible answer. It has to work within the governance of the organization. It has to know when to act, when to ask, when to escalate, and when to stop. It has to respect permissions, segregation of duties, approvals, audit trails, human oversight, and the boundaries of policy. In other words, the great and powerful AI must itself be governed.

The 13 questions that pull back the curtain

I am publishing the deeper Strategy Perspective on this topic, but the practical buyer test starts here. When a vendor claims to have agentic AI in GRC, do not simply admire the Emerald City. Pull back the curtain. Ask the questions that reveal whether there is real machinery, real architecture, real governance, and real action behind the show.

  1. How do you define agentic AI in your platform? This is the first test because many vendors use the phrase as if assistants, copilots, bots, workflow automation, orchestration, and agents are all interchangeable. They are not. I want to know where the system is assistive, where it is deterministic, where it has discretion, where it can act, and where the human remains in control. If the vendor cannot define the term clearly, then the term is probably doing more marketing work than technical work.
  2. What autonomous actions can the system actually take? Can the system initiate a process, request evidence, create a finding, update a record, assign a task, route an issue, trigger a review, or follow up on an exception? Or does it simply generate recommendations and wait for a human to do the work? Recommendations are useful, but there is a world of difference between a system that helps a user think and a system that operates as a governed participant in a process.
  3. How does the agent decide what to do next? This question reveals whether there is a real planning layer. Can the system decompose a goal into steps, evaluate intermediate outcomes, re-plan when information is missing, and determine when it has enough evidence to proceed? Or is it simply walking through a pre-designed workflow with a little language generation attached? If the path is fixed and the AI is only narrating the journey, then the wizard is back there pulling the same old levers.
  4. How does tool use actually work? Everyone now says their AI uses tools. Fine. Which tools? Selected how? Sequenced how? Governed how? A real agent should be able to choose among internal functions, APIs, knowledge sources, external systems, and platform actions based on the context of the work. If tool use is just a hard-coded demo path, then it is not much different from an old workflow script wearing a shiny hat.
  5. What is your approach to MCP? MCP may be useful infrastructure, especially for interoperability. But MCP is not proof of agency. A better pipe does not make the water clean. Buyers should ask whether MCP is being used to support governed tool discovery and action, or whether it is just a fashionable wrapper over weak APIs and disconnected legacy architecture. The issue is not whether a vendor can say “MCP.” The issue is whether the platform has the context, permissions, auditability, and action fabric underneath it.
  6. What memory model does the system use? GRC work unfolds over time. Issues remain open. Remediation stalls. Evidence arrives late. Obligations change. Incidents branch into investigations. Vendors move through lifecycle stages. Controls fail, get retested, and sometimes fail again. If the AI cannot maintain state across that messy reality, then it is not operating in enterprise GRC. It is simply re-running inference against the latest prompt and pretending it remembers the journey.
  7. Does the AI understand the connected data model? This may be the most important architectural question. GRC is not a pile of disconnected records. It is a web of relationships among objectives, risks, controls, policies, obligations, assets, processes, third parties, evidence, incidents, findings, and actions. A real agent must be able to reason across those relationships. If it cannot trace how a regulatory change affects an obligation, how that obligation maps to policy, how policy maps to control, how control failure affects a business service, and how that impacts objectives, then it is hovering above fragments rather than understanding the enterprise.
  8. Where does deterministic workflow end and AI-driven orchestration begin? Traditional GRC platforms have long had workflow engines, triggers, routing, approvals, and rules. There is no need to rebrand those capabilities as agentic when they are doing what they have always done. Buyers should ask what is fixed, what is adaptive, what is rules-based, what is inferred, what is governed by policy, and what is genuinely orchestrated across context. If nearly everything remains pre-scripted, the AI is probably decorative rather than foundational.
  9. What governance guardrails exist for action-taking AI? This is non-negotiable. In GRC, the goal is not uncontrolled autonomy. The goal is governed agency. That means permissions, approvals, review thresholds, exception handling, audit logs, rollback, segregation of duties, policy enforcement, and explicit boundaries on what the agent can and cannot do. An AI system that can take action without serious governance is not innovation. It is risk wrapped in marketing language.
  10. How are decisions explained, monitored, and audited? If the AI recommends action, takes action, or influences a control environment, the organization needs to know what happened. What context did it use? What data did it rely on? What tools did it invoke? Why did it make the recommendation? Who approved it? What changed? A black box in GRC is not a breakthrough. It is a future audit issue waiting patiently for someone to discover it.
  11. What is the underlying AI and orchestration architecture? At some point, buyers have to move past the stage show and look at the machinery. What models are being used? How is context selected? How is state stored? How are tools registered and governed? How are permissions enforced? What is production today, and what is roadmap poetry? A vendor that has truly built agentic architecture should be willing and able to explain the controls behind the curtain.
  12. Can customers configure agents, or only consume canned AI features? Every organization has its own objectives, risk appetite, policies, controls, terminology, operating model, and accountability structure. Can the customer define goals, permissions, escalation points, action scopes, review thresholds, memory boundaries, and success criteria? Or is the buyer merely getting a few pre-packaged tricks with a conversational interface? Real value comes when AI can be shaped around the organization’s own context, not forced into generic wizardry.
  13. What production use cases prove this is real? This is where the curtain comes down. Show me where the agent has worked through a multi-step GRC process in production. Show me how it gathered information, interpreted context, used tools, managed dependencies, handled exceptions, escalated appropriately, maintained auditability, and delivered measurable value. Do not show me summarization and call it agency. Do not show me drafting and call it autonomy. Do not show me search with a pleasant interface and call it orchestration . . . Show me the work!

The future is not a louder wizard

The next generation of GRC will not be defined by whoever has the loudest AI claims or the most theatrical demo. It will be defined by platforms that can connect context, intelligence, action, and accountability in a way that helps organizations make better decisions. That requires more than an LLM. Large language models are powerful interaction and productivity engines, but GRC also needs validation, comparison, deterministic checks, control evidence, behavioral observation, human judgment, risk quantification, optimization, and governed execution.

The future is not one magical model answering every question from behind a curtain. The future is an architecture where different capabilities do different jobs: language models for interaction and explanation, machine learning for pattern detection, knowledge graphs for connected context, deterministic rules for policy enforcement, telemetry for ground truth, optimization for improving action, and human oversight for accountability.

That may not be as theatrical as the booming voice of Oz, but it is far more useful.

GRC at its best is not about paperwork, dashboards, or risk registers. It is about helping the organization set and achieve objectives, navigate uncertainty, make better decisions, and act with integrity. AI can help us get there, but only if we stop confusing the performance of intelligence with the architecture of intelligence.

The market has had enough theater. It is time to pull back the curtain.

And when we do, the question is simple: has the vendor built a new brain for GRC, or merely placed a more eloquent face on an aging workflow machine? Because a lot of what is being sold today as agentic AI is not the future. It is the old machine, painted green, booming through a microphone, hoping no one notices the person behind the curtain.

Leave a Reply