- Jason Venner is urging federal agencies to replace manual GRC processes with automation
- The Diligent executive is recommending an automation-first strategy built on automation, analytics and AI
- Automated GRC can shorten compliance timelines, reduce audit workloads and lower operating costs
Jason Venner, solutions sales director at Diligent, is urging federal agencies to replace manual governance, risk and compliance, or GRC, processes with automation.
Why Is GRC Modernization Needed?
Venner said many agencies continue to rely on spreadsheets, disconnected systems and manual workflows to meet requirements such as the Federal Information Security Modernization Act, Risk Management Framework automation and zero trust. According to Venner, those manual practices create inefficiencies, limit visibility into risk and hinder agencies’ ability to maintain continuous compliance.
He recommends an automation-first approach built on three pillars: automation, analytics and artificial intelligence. Venner said automation should serve as the foundation by continuously collecting control evidence, initiating remediation workflows and updating compliance records without manual intervention.
What Are the Benefits of Automation?
Venner said automated GRC platforms can shorten authorization timelines and reduce audit support workloads, enabling government personnel and contractors to spend less time on manual compliance tasks and more time on mission priorities. Venner also noted that organizations managing portfolios of 15 to 20 or more systems have reported annual savings exceeding $1 million.
He added that cloud-based, Federal Risk and Authorization Management Program-authorized platforms can generate Open Security Controls Assessment Language-compliant documentation from live operational data while remaining compatible with legacy systems.
How Does Automation Support Mission Readiness?
Automating compliance enables federal personnel to shift from manual reporting and data management, allowing them to focus on threat-informed security controls, zero trust initiatives and other more important tasks. Venner further argued that treating compliance as a continuous operational capability can help agencies improve cybersecurity posture while supporting broader mission objectives.
Diligent’s Broader Modernization Efforts
Diligent’s call for automation aligns with broader efforts to boost federal modernization. In 2018, Diligent Consulting received a U.S. Air Force contract to develop a web-based maintenance, repair and overhaul platform designed to standardize depot operations and modernize sustainment processes. The company was also awarded a contract to support the implementation of an Air Force module within the Army’s existing Information Security Systems Program Application.


