I recently read an opinion piece from Cloudflare CEO Matthew Prince in the Wall St. Journal, discussing how AI is changing the workforce.
His argument was simple: organizations consist of builders, sellers, and measurers. Builders create products. Sellers create revenue. Measurers oversee governance, compliance, audit, finance, operations, and other functions that assess and monitor organizational performance.
His conclusion? AI is coming for the measurers.
While I agree with much of his premise, I think there is a more important discussion happening beneath the surface, especially for those of us in Third-Party Risk Management, External Assurance, and Governance, Risk, and Compliance.
The real story isn’t that AI is replacing people – it’s that AI is replacing friction.
For years, organizations have accepted a massive operational burden as simply & the cost of doing business.
Need to prove your security controls? Complete a questionnaire.
Need to demonstrate compliance? Gather evidence.
Need to respond to a customer due diligence request? Pull together documentation.
Need to satisfy a regulator, auditor, or procurement team? Repeat the process all over
again.
Most organizations perform these activities hundreds (sometimes thousands) of times each year.
And every time they do, smart people spend valuable hours searching for evidence, validating responses, coordinating approvals, and recreating work that has already been completed before.
The problem isn’t assurance – it’s how assurance is performed.
Trust has become operationally expensive, and that’s why I believe AI will have its greatest impact not by replacing assurance professionals but by elevating them.
Think about how much time risk, compliance, privacy, security, audit, procurement, and governance teams spend on administrative work.
These activities are necessary, but they don’t represent the highest value these professionals can provide.
Their real value comes from interpreting risk, advising leadership, strengthening resilience, building trust, supporting growth, and making informed decisions when the answer isn’t obvious. Those responsibilities aren’t disappearing. In fact, they are becoming more important.
What is disappearing is the need to orchestrate the mechanics of assurance manually.
Organizations that embrace this shift won’t just improve efficiency – they’ll create a competitive advantage through faster procurement cycles, continuous assurance readiness, accelerated revenue opportunities, and reduced operational friction. Most importantly, they will free their experts to focus on strategy rather than administration.
This is why I believe the future of assurance is not automation for automation’s sake – it’s orchestration; the ability to continuously demonstrate trust using governed, evidence-based, AI-enabled processes.
For decades, organizations have treated assurance as a defensive exercise; a cost center, a compliance requirement, a necessary burden.
I believe we’re entering a different era, one where trust becomes a business capability, where assurance becomes a revenue enabler, and where organizations stop reacting to requests for proof and instead operate in a state of continuous trust readiness.
AI isn’t replacing trust – it’s making trust scalable.
And that’s a future worth building toward.
