IERP® Monthly Newsletter Issue 3/ August 2018 | Page 15

Just as in any industry, automated cognition and machine learning are in the future of GRC, said Philip Rao, a Partner at Ernst and Young. Internal audit in the future will encompass more cybersecurity reviews to secure the network so that processes can run efficiently.

Alex Tan, Partner at PwC, noted that the accelerated pace of innovation means that for GRC professionals, it would be unrealistic to become experts at emerging technologies. What is necessary, however, is to surround themselves with people who are (most likely from the younger generation).

Given the geopolitical shifts as of late, the discussion revolved around obstacles to escalating issues to senior management and the board.

Other Key Takeaways

For Rao, the traditional lines of defense are increasingly blurring. With the surprise win of Pakatan Harapan at the Malaysian election, GRC professionals saw how the risk profile around government policy changed overnight.

Boards have to start understanding that cybersecurity issues are not just “IT issues” -- they are business issues. From a risk perspective, it is, without exception, necessary to map out where your data resides and where it goes.

Panel Discussion: The Future of Governance, Risk, and Compliance

Moderator:

Daniel Atkin, Director of ERM, Country Fire Authority

Panelists:

Philip Rao, Partner, Ernst and Young

Alex Tan, Partner, PwC

The IERP®Monthly Newsletter August 2018 14