Traditional GRC cycles were never designed to keep pace with the speed of modern business, and that gap is quietly creating risk exposure across organizations everywhere. Steve Schlarman of Archer shares how the Archer Evolv platform is reshaping governance, risk, and compliance into a continuous, adaptive program that moves with the business rather than trailing behind it.
Archer is redefining what it means to manage governance, risk, and compliance in an environment defined by constant change. Steve Schlarman, Senior Director at Archer, has spent nearly two decades helping organizations understand why their traditional GRC approaches are falling short and what it takes to close the gap.
The forces challenging organizations today are well known: velocity of change, volume of change, and the uncertainty that compounds both. What makes the problem acute is timing. Annual audit cycles and quarterly risk assessments produce reports that reflect a reality that has already shifted by the time decision makers see them. The result is drift between what GRC functions can see and what leadership actually needs to know, and every gap in that visibility carries potential exposure.
Schlarman explains that this reactive posture is exactly what Archer is working to change. Rather than treating risk and compliance as periodic checkboxes, the goal is to build a program that runs continuously, projecting forward as the business expands into new jurisdictions, launches new products, or encounters emerging risks. What are the compliance obligations? How does exposure shift? Archer Evolv is designed to answer those questions in real time, keeping GRC moving alongside the business rather than scrambling to catch up.
Central to Archer's strategy is AI applied with intention. Rather than deploying generic agents, Archer is building what Schlarman calls AI operators: focused, guardrailed tools designed specifically to solve GRC problems. That distinction matters because the complexity of risk and compliance work demands precision, not just automation.
This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight
GUEST
Steve Schlarman, Senior Director, Archer | https://www.linkedin.com/in/steveschlarman/
RESOURCES
Learn more about Archer and the Archer Evolv platform: https://www.archerirm.com
Are you interested in telling your story?
▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight
KEYWORDS
Steve Schlarman, Archer, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, GRC, governance risk and compliance, adaptive GRC, integrated risk management, Archer Evolv, AI in GRC, risk management, compliance automation, enterprise risk, risk and compliance strategy
Adapting to the Speed of Risk: Why GRC Programs Must Move with the Business | A Brand Highlight Conversation with Steve Schlarman, Senior Director of Archer
[00:00:20]
[00:00:20]
Sean Martin: Hello everybody. You're very welcome to a new brand highlight and we are thrilled to welcome Steve Schlarman from Archer. How are you Steve?
[00:00:29]
Steve Schlarman: Good. Good.
[00:00:31]
Sean Martin: We're gonna be talking about governance, risk and compliance, AKA GRC, adaptive GRC, and of course, the Archer Evolv suite that helps organizations get a handle on all this stuff. Quick word from you about your role at Archer and what you're up to these days.
[00:00:46]
Steve Schlarman: Sure, sure. So I'm Steve Schlarman. I've been with Archer for quite a few years. Started my 19th, 18th year, something of that nature. So I generally work with helping define what the overall industry with the GRC direction is, the strategy and help guide some of our direction from a product perspective. So I leverage my experience in the industry and my working with clients on what their challenges are, and then help translate that into our product organization.
[00:01:21]
Sean Martin: So let's look at that quickly. Kind of the trends you're seeing, customers having challenges with GRC and the trends you're kind of helping organizations get ahead of as you build new products and capabilities.
[00:01:35]
Steve Schlarman: Yeah, I think the forces that are affecting organizations are kind of well known. It's the velocity of change. It's the volume of change. It is the uncertainty that all of that change creates, and it's compounded by the complexity of business today. So those forces have remained consistent.
[00:02:20]
Steve Schlarman: But I think one of the things that the GRC functions are seeing is that the business is moving really fast and by the time common traditional cycles of GRC activities, like the annual audit planning or the quarterly risk and control self-assessment, by the time those activities get done and the reports and the data kind of flow back to the decision makers, things have changed already. So it not only is lagging behind the business, but it's creating a drift between the perspectives that the decision makers are looking for and the perspectives that GRC functions can provide. There's this drift, there's this gap, if you will, and every gap is gonna create some type of exposure, because you're making decisions potentially on old data.
[00:03:20]
Steve Schlarman: The other thing is that requires then a lot of rework. So there's a lot of extra costs associated with these gaps and trying to close them very quickly. So GRC functions end up many times in a reactive mode, and that's really what we're focused on at Archer, is how do we help GRC functions adapt and manage the risk of change, not just manage risk and compliance as a check the box exercise or really as a rear view mirror type of thing. We really wanna help our clients project out. What are some of the implications of business changes like moving into new jurisdictions or launching products. What are the compliance obligations? What are those requirements that can help the business make other decisions, or as emerging risks start affecting the business, how does the exposure change? And so that's really what we're focused on, is how do we accelerate those processes? How do we get current data? And we create this program that's in motion all the time. It's not waiting for approvals, it's not waiting for an assessment to get finished. It's moving along with the business.
[00:04:20]
Sean Martin: Yeah, so I'm sure everybody recognizes you have to look back to see where you came from. You have to know where you are at the moment, and you have to have a view for the future. So it's kind of moving from reactive to proactive, but you're taking it to the next level with the adaptive, which is kind of a full cycle.
[00:04:37]
Steve Schlarman: Exactly, and one of the things that is really propelling this from a technology perspective is the use of AI, but in a much focused, meaningful manner. Our AI strategy is really how do we leverage this new technology with guardrails, so that you're not just building generic agents, you're building AI operators to solve GRC problems. And that's really where our strategy lies.
[00:05:12]
Sean Martin: So tell us where folks can learn more about the Evolv suite.
[00:05:17]
Steve Schlarman: Visit our website, archerirm.com and you'll see more and more materials coming out as we expand our efforts around Archer Evolv. Anytime if you're an existing Archer customer and you haven't seen our technology lately or what we're up to, please engage with your client success teams that we have in place. Because this, I've been with Archer for a long time. It's not the same Archer that it was even five years ago. The technology has accelerated and so reach out to us. Be happy to explore how we can help take your GRC program to the next level.
[00:05:58]
Sean Martin: Perfect. Well, thanks Steve. Appreciate you sharing this highlight with us and I hope everybody joins it.
[00:06:03]
Steve Schlarman: Great. Thank you.