On a recent episode of GRC Uncensored, host Troy Fine and producer Elliot Volkman were joined by guest Stanley Krochik, a now seasoned GRC professional and former city security program manager, to discuss the realities of third-party risk Management (TPRM). The conversation focused on the growing issue of low-quality audits, the challenge of assessing vendor security postures, and the dilemma risk managers face when reviewing third-party documentation.04:43 The Importance of Third Party Risk Management05:45 Challenges with Low Quality Audits07:45 Evaluating SOC 2 Reports12:55 Issues with Sales-Focused GRC Tools14:44 The Need for Better Compliance Programs27:50 High-Risk Vendor Architecture Review29:07 SOC 2 Reports and Vendor Risk Management31:50 Challenges with SOC 2 and Auditor Quality36:49 Financial Impact of Data Breaches38:10 Differences in Security Between Old and New Systems47:43 Proactive vs. Reactive Security Measures Hosted on Acast. See acast.com/privacy for more information.

Ver todos los episodios