Scaling GRC Engineering: The Definitive Guide w/ Akhila Chitiprolu from Sierra | S2E3

If you enjoy the podcast, feel free to subscribe to the GRC Engineer newsletter: grcengineer.com/subscribe In this episode of The GRC Engineering Podcast, host Ayoub Fandi speaks with Akhila Chitiprolu, head of GRC at Sierra and former GRC leader at Stripe, Expedia, and T-Mobile. Akhila shares her journey from engineering to GRC leadership and offers deep insights on transforming traditional compliance into engineering-driven programs that scale with modern technology companies. Drawing from over a decade of experience across tech, fintech, telecom, and AI, she provides practical strategies for building GRC Engineering capabilities from the ground up. Whether you're just starting your GRC Engineering journey or looking to scale existing efforts, this episode provides tactical advice on: - Transforming control design for automation and scalability - Convincing traditional auditors to accept API-driven evidence - Building the business case for GRC Engineering investments - Developing effective collaborations between technical and non-technical GRC staff - Measuring and demonstrating the value of engineering-driven compliance - Creating a roadmap for continuous control monitoring Key topics covered: 00:00 Introduction and guest background 02:58 Evolution of GRC: From spreadsheets to engineering-driven approaches 04:05 The biggest pain point: Evidence collection at scale across multiple frameworks 05:38 Why control design matters more than evidence automation alone 11:20 The tipping point for GRC Engineering adoption in organizations 13:30 Breaking down GRC process phases and where engineering adds value 26:52 How to work with auditors on engineering evidence and build trust 31:53 Build vs. Buy: Finding the right approach for your organization size 37:10 Building relationships with engineering teams through shared pain points 39:33 How compliance can become an engineering roadmap for platform teams 42:04 Key principles for scaling GRC Engineering programs beyond initial wins 48:19 GRC Engineers & Analysts: Working together effectively across skill sets 53:41 The magic wand question: Asset to control view and community education