Protecht has announced Cognita, an AI assistant embedded in Protecht ERM and purpose-built for governance, risk and compliance (GRC). It’s a useful case study for leaders evaluating AI in risk: keep it explainable, auditable, and inside day-to-day workflows—not a disconnected chatbot.
Key points from the announcement
- Embedded in ERM: Guidance surfaces where people actually work—policies, controls, incidents, obligations.
- Explainable & auditable: Transparent outputs and governance guardrails support oversight and challenge.
- Availability: Early demos around the Gartner Enterprise Risk, Audit & Compliance Conference; general availability planned for November 2025 as part of the Protecht ERM release. (press release)
Quick checklist: evaluating AI for GRC
- Explainability & traceability: Can you see why the output was generated and which data it used?
- Governance guardrails: Role-based access, approvals, and human-in-the-loop by default.
- Auditability: Complete logs so results can be challenged and defended.
- Context awareness: Understands your policies, controls, obligations, risk taxonomy.
- Data protection: Aligns with residency, retention and segregation requirements.
- Operational fit: Lives in your ERM workflows rather than a separate chat window.
Why it matters
AI in GRC creates value when it’s embedded, governed and explainable. Cognita’s approach—designed by risk experts and integrated with ERM—signals a practical path to speed up control testing, obligations management and reporting without sacrificing accountability. For teams exploring AI, use the checklist above and compare vendors against these fundamentals.
Read the full announcement: Protecht announces Cognita: AI built for GRC.
Comments