When Manual Processes Undermine Risk Oversight: Lessons in Automation for SLED and Federal Leaders
Authored by: Jeff Ladner, Chief Product Officer, Onspring

State, local and education (SLED) organizations, including public universities, state departments and local governments, face the daunting challenge of managing risk and compliance policies with fewer resources. Regulatory requirements are expanding, expectations for data protection are intensifying and lean teams are stretched across a growing list of responsibilities.

In many agencies, manual processes are still the norm. Teams are reliant on spreadsheets or even paper records. While these methods may feel familiar, they often come at the cost of visibility, consistency and timely execution – each of which introduces risk.

The first step is to recognize the signs of strain. The next is to learn from peers who’ve taken action. In this article, we’ll outline the experience of one organization that reexamined its audit and oversight processes to reduce inefficiencies and improve visibility.

Is Your Agency Ready for Automation?

A few recurring challenges often signal that it’s time to re-evaluate manual risk and policy management practices:

• Routine delays due to spreadsheets, file-sharing or version control issues
• Staff uncertainty around which policy versions are current or properly distributed
• Limited insight into tracking whether policies have been acknowledged or reviewed
• Gaps in visibility into where a policy stands in its lifecycle, from drafting to retirement
• Difficulty keeping up with hundreds of policies across departments

These issues aren’t unique, but the good news is they’re solvable. Below are five lessons from SLED organizations that have embraced automation to strengthen oversight and free up their teams for more strategic work.

Lesson 1: Manual Work Is Costing You More Than Time

 Manual policy and audit processes often seem manageable until they quietly absorb hours every week. Malika Ouenza, an Audit Analytics Program Leader at a leading university in the United States noted that staff was juggling tools like Excel and Word to manage dozens of academic audits, tracking progress manually and compiling reports by hand. By shifting to a centralized system, her team cut administrative time significantly, giving teams back valuable time.

“An automated solution saved us time, which we can use to do more analysis rather than checking information in Excel sheets,” Ouenza explained. “It allows us to focus on doing field work and writing the right things in reports, instead of worrying about which tool to use for managing 15 projects.” 

Whether it’s policy updates, audit tracking or approvals, reducing manual handoffs is essential for reducing bottlenecks and burnout.

Lesson 2: Visibility Is Foundational to Risk Management

Many SLED agencies operate without a centralized view of their policies or audit programs. That lack of visibility can lead to outdated policies in circulation or missed review dates, increasing both risk exposure and internal confusion.

The university addressed this by building dashboards that track policy and audit progress in real time. These tools helped leadership see how many audits were complete or in progress, allowing for proactive planning and clearer communication across teams. For policy teams, similar functionality can ensure policies are updated, acknowledged and retired on schedule.

Lesson 3: Consistency Reduces Compliance Gaps

 Inconsistent policy distribution or version control issues are more than administrative annoyances. In all reality, they’re liabilities. When staff members don’t know which policy to follow or haven’t received the latest update, the risk of noncompliance grows.

Agencies that automate distribution and tracking are better positioned to maintain alignment. Transitioning from emailing documents and tracking edits in silos to using a shared system that ensures everyone is working from the same source. For agencies managing cybersecurity protocols, HR policies or procurement rules, this kind of consistency can make the difference between passing or failing an audit.

Lesson 4: Change Management Is Easier When Tools Work the Way People Do

New tools often face pushback—not because they lack value, but because they disrupt well-worn workflows. SLED agencies have found success when platforms integrate with familiar systems and show clear time savings.

The university’s audit team initially hesitated to adopt new tools. However, once they saw how quickly tasks could be completed – and how easily systems integrated with everyday applications and platforms like Microsoft 365 – adoption followed. Staff was able to stay in familiar environments while improving speed and visibility, minimizing the learning curve and boosting confidence in the process.

Lesson 5: Centralizing Oversight Builds Capacity for Growth

SLED agencies aren’t just managing risk. They’re planning for future expansion, adapting to new compliance standards and working across departments. The more decentralized their systems, the harder it is to scale those efforts.

By bringing audits, corrective action plans and other oversight functions into a single platform, the university positioned itself for cross-departmental collaboration. The audit team is already planning to extend use to other units like compliance and finance, an approach that many public-sector agencies are beginning to explore.

When staff can access current data, track progress and communicate in real time, they’re better equipped to focus on outcomes, not just checkboxes.

Modern Risk Oversight Starts with Smarter Foundations

 It’s important to note that automation doesn’t replace oversight. Rather, it supports it. For SLED agencies navigating growing demands with limited capacity, the right technology can shift risk management from reactive to strategic.
Public-sector leaders don’t need to start from scratch. By learning from early adopters, agencies can streamline workflows, improve accountability and gain clearer visibility into the risks that matter most.