Diligent
Blog
Stay ahead of the news and trends impacting GRC for leaders, organizations and the public sector. Find resources and insights covering everything from governance best practices to ESG to strategic risk, compliance and audit management.
5 insights shaping the future of GRC from the AI Innovations Virtual Summit
Whether you joined us live or are exploring the insights for the first time, here’s what stood out and why it matters for the future of GRC. Artificial intelligence (AI) is no longer a future-facing trend — it’s a current-day accelerator for governance, risk, and compliance (GRC) functions. That was the clear message from Diligent’s AI Innovations Virtual Summit, where leaders from across industries gathered to explore how AI is reshaping the way organizations operate. Whether you joined the sessions live or are catching up now, these five insights — one from each inspiring session — reveal how AI is being used today to power stronger, faster and more resilient GRC. 1. AI is the bridge between boardrooms and the business Session: Keynote | How Diligent is Powering the Future of GRC with AI At the summit’s kickoff, Diligent CEO Brian Stafford laid out a bold vision: AI isn’t just a new tool — it’s the connective tissue between strategy and operations. By embedding AI across its platform, Diligent is helping GRC teams eliminate time-consuming tasks like board book creation, minute-taking and compliance reporting. The result? Teams gain time for higher-impact work and deliver sharper, real-time insights to the boardroom. Top tip: Meet with your board or executive team to identify “below-the-surface” blind spots (complex areas like risk, compliance or legal workflows) and explore how AI could bring more visibility, speed or insight to those teams. 2. Build AI with security and compliance from day one Session: The Big Picture | How AI is Reshaping Governance, Risk, and Compliance One of the strongest messages from the summit was the need to shift compliance and security “left” — baking them into AI development from the beginning. Waiting until systems are already in production can expose organizations to unnecessary risk, from model drift and bias to regulatory breaches and reputational harm. Instead, organizations should adopt a multidisciplinary approach, bringing together privacy, legal, security and technical teams to evaluate AI use cases before they launch. This ensures ethical alignment, safeguards against misuse and creates a foundation for continuous monitoring and accountability. Top tip: Establish a cross-functional AI review process that includes legal, privacy and security from the start — especially for high-impact use cases — to ensure responsible design and deployment. 3. Boards must build AI literacy to lead with confidence Session: AI for Corporate Governance | What Boards Need to Know Now CEO Pauline Norstrom emphasized that AI is no longer just an IT or innovation topic — it’s a board-level issue. With AI impacting everything from risk posture to business ethics, directors must engage with the topic strategically. That doesn’t mean learning how to code, but it does mean understanding the types of AI technologies in use, their potential risks and how they align (or conflict) with corporate values. Top tip: Start with a board-level AI briefing focused on practical concepts — such as machine learning, automation and ethical risk — so directors can ask informed questions and provide meaningful oversight. 4. AI in GRC frees teams to focus on what matters most Session: AI in Action | How Customers Are Turning Possibilities into Practice Organizations are already applying AI to streamline compliance processes — automating documentation, monitoring controls and surfacing issues before they escalate. The impact? Less time spent on routine reporting and more time allocated to analysis, judgment and strategy. This shift isn't just operational; it reflects the growing need for board-level engagement. As compliance functions evolve with AI, leadership must understand how these tools work, what risks they introduce and how to oversee their responsible use. A strong connection between the board and business functions is critical for long-term success. Top tip: Work with leadership teams to identify daily tasks that are ripe for automation, then ensure oversight processes evolve alongside these tools to maintain transparency and trust. 5. AI transformation isn’t a “big bang” — it’s a blueprint Session: Closing | Your AI-Powered Blueprint for GRC Success The final session drove home a powerful message: AI implementation doesn’t need to be overwhelming. Instead, successful organizations are layering AI in strategically — piloting, iterating and expanding based on what works. AI transformation isn’t a one-time event; it’s an ongoing journey that starts with smart, targeted steps aligned with your most pressing GRC needs. Top tip: Choose one AI use case to pilot over the next quarter. Set clear goals, measure outcomes and use that success to inform future rollouts. The future of GRC is now AI isn’t just helping GRC teams work smarter — it’s empowering them to lead. As Stafford said in his keynote, “The future of GRC isn’t five years away, it’s already here.” With AI solutions available now, forward-looking leaders are shifting from exploration to execution — and reaping the benefits. Take the next step toward smarter governance with purpose-built AI If you’re looking to turn insight into action, download our free guide: Integrating AI with confidence: A guide for future-focused GRC leaders. This nine-page resource is designed to help you: Ask the right questions when evaluating AI tools Choose technology that balances innovation with security Boost efficiency for boards along with compliance, audit and risk teams Whether you're modernizing governance practices or scaling your compliance efforts, this guide will show you how AI can power smarter decisions and stronger oversight — today and into the future. Download the guide now and uncover the full potential of AI in board, entity and risk management.
Best approaches for managing risk in your school district
The Sidelake School Board gathered for their monthly meeting. On the table were several important items: expanding a one-to-one laptop program, reviewing a teacher recruitment plan and responding to safety concerns following a school bus accident in a neighboring district. As the board was preparing for deliberation, Board Chair Ms. Lopez offered a reminder: “Every decision we make tonight involves risk.” Keeping risk top of mind is a good habit for effective board members. School board decisions impact the health and well-being of their students and staff. The board’s choices shape the future of their students and also have immediate repercussions to the school community. With growing complexity in school operations — ranging from cybersecurity threats to student safety, legal liability and financial pressure — risk management must be proactive, strategic and, as the example above shows, embedded in district-wide decision-making. Risk management is essential for safeguarding your students, staff and community. Recognizing risks School board members have a sworn duty to be responsible stewards of taxpayer money. However, boards can get wrapped up in their day-to-day duties and neglect to consider and prepare for what may be ahead. Potential risks faced by school districts include: Student and staff safety Finance and funding Legal and regulatory compliance Cybersecurity and data privacy Community relations and public perception Human resources, including teacher shortages and low staff morale Tips for school boards to minimize risks 1. Emphasize risk awareness Creating a risk-aware culture starts at the top. Boards and superintendents must encourage open discussions around potential risks and promote transparency in reporting issues. They look at past incidents opportunities to discuss how to handle them better next time. When leaders acknowledge and openly discuss risk, staff at every level feel comfortable doing so, as well. Policies that reward early reporting of concerns will establish a climate of trust and responsiveness. Dr Chad Bledsoe, President, Montgomery Community College points out, “Ultimately the board has the responsibility of ensuring that the institution is meeting its mission, i.e. serving the educational needs of the community. And that can't be done if there's not adequate oversight of financial resources, of the risk that we all take on, whenever we talk about providing services, equipment, training, employing teachers, all of that. They're overseeing public funds. So these are tax dollars that go to support education and by default they are overseeing the funds that citizens are paying in to receive that education. So, it's very important that we make sure that we're spending our money in a very efficient manner, that we're spending it on the things that support education.” 2. Establish a risk management plan An effective risk management plan should be a living document, regularly reviewed and updated. It should include procedures for responding to crises, and strategies for identifying and mitigating risks before they escalate. Components of a risk management plan include: Risk identification and assessment protocols Crisis communication plans Roles and responsibilities in an emergency Regular training and simulations This plan should be reviewed regularly and tested through drills or tabletop exercises to ensure it remains actionable and relevant. 3. Strengthen cybersecurity School districts are increasingly targeted by cyberattacks, including ransomware, phishing and data breaches. Protecting student and staff data should be a top priority. Consider these potential solutions to see what works best for your district: Multifactor authentication for all users Routine network audits and testing for potential weaknesses. Staff training on phishing and data privacy Create protocols specific to digital threats Partnering with IT professionals or third-party experts can bolster your district’s defenses and ensure compliance with evolving state and federal data privacy regulations. 4. Evaluate physical and operational safety Regular safety audits of school facilities are important. Ensure building access controls, surveillance systems, and emergency exits meet current standards. Include threat assessments for violence, severe weather events and other natural disasters. Transportation safety, food service compliance and playground equipment inspections are often overlooked but crucial for risk prevention. 5. Monitor potential financial and legal issues Budget shortfalls, misappropriations, and contract disputes can lead to significant liabilities. Strong financial oversight—including internal audits and board-level financial literacy—reduces the likelihood of financial issues. Legal risks, including those related to student discipline, special education compliance, and employee grievances, require ongoing review of policies and procedures. Regularly consult with your board’s with legal counsel. Staff training on legal responsibilities is also an important prevention measure. 6. Ensure clear communication and transparency Clear and consistent communication with parents, staff, students and the broader community helps build trust and prevent misinformation during a crisis. Use multiple communication channels and maintain up-to-date contact information across the district. Transparency means sharing the “what” and the “why” behind decisions and updates, especially when they relate to risk mitigation efforts or safety procedures. Risk management in education is an essential duty of board members. It must be embedded in strategic planning and daily operations. For school districts, the best approach is comprehensive and inclusive. The goal is to protect people and manage taxpayer money and resources wisely. Andrea Messina, CEO, Florida School Boards Association says, “It is always the responsibility of board members to mitigate and manage risk. Sometimes, that comes in form or reporting to legal or HR something that may have been heard in passing or even deliberately shared with a board member. I like to remind board members that if they heard something and fail to report it and it happens again, they, too, now are culpable. Board members need to set the example for risk mitigation if they ever expect others to manage risk effectively.” Diligent Community helps school boards address risk management Diligent Community is the next-generation governance solution designed to enhance effectiveness and efficiency for school boards. Tailored to cater to the unique needs of school board governance, Diligent Community empowers streamlined decision-making, ensuring transparent and effective governance. Diligent Community is your essential tool for driving impactful governance, fostering better communication and achieving shared success for your students and community. When it comes to managing risks, school boards face tough decisions. Whether it’s managing cyber risk, ensuring compliance of state and federal laws, preparing for audits or staying ahead of new regulations, the risks are constant. That’s where Diligent Community steps in. It streamlines meeting preparation, making sure agendas and board packets are centralized, secure, accessible and easy to update. Board information and documents are kept securely stored with granular permissions to give access only to those who should view them. Diligent Community helps improve public trust by giving the board a way to show the community they are making thoughtful, responsible decisions. The solution makes it easy to share meeting minutes, voting records and financial updates online. With everything out in the open, parents and community members can feel reassured, and board members feel empowered to keep making smart choices. Diligent Community is built for local governments like school boards, with features designed to tackle your biggest challenges. It helps your stay organized, prepared and transparent — all while you as a board member can focus on managing risks so your students can achieve at the highest levels.
