Mastering Compliance: Own Your Data, Own Your Success - Episode 196

Mastering Compliance: Own Your Data, Own Your Success - Episode 196

On this episode of "Compliance Unfiltered," The CU Guys dive into the intricacies of compliance management programs. They explore various implementation approaches, from manual spreadsheets to sophisticated systems, and discuss the importance of organizations owning their data. Adam shares insights on the potential pitfalls of relying solely on assessor systems and emphasizes the efficiencies gained by leveraging internal systems. Check out this episode to discover how to streamline your compliance processes and make your organization's compliance journey more efficient and effective.


Episode Transcript:

Well, I mean, in some cases, they're using their own compliance management solutions. And in other cases, there's many that just opt for the good old-fashioned spreadsheet and using some type of a completely manual approach with network drops or share points as a typical inclusion, et cetera.


You know, some people are kind of cobbling together their own series of internal tools and manual processes that they've kind of put together, depending on who's running the program over the years and whatnot. Well, you know, you've got other organizations that, you know, they'll simply just use their assessor-provided systems with the notion that, well, we need to get all the stuff in there anyway, so we'll just use their system, you know, type of a thing. So it's kind of a mixed bag would be a good way to go about putting it.


Sounds that way now you like to say that an organization that an organization needs to own their own data What do you mean by that? And why is it important?


Well, you know, you've got these folks that, you know, that do use their assessor systems, right? And the downside of that is that, you know, it's on the organization to make their own program efficient, effective, work for them, you know, things along those lines.


And, you know, the reality is that, you know, depending on various circumstances, things change over time, you know, you may have, you may have, you know, there was a particular firm that you were leveraging and a particular person at that firm that you used, and they moved on, they retired, they got promoted, you know, I've seen it all. They got bought out, they went out of business, you know, things along those lines, maybe the relationship with whoever is your currently assigned point person this year isn't as good as they were in years gone by. It could be the same person they've just changed. It could be that you've had some type of personnel shift, you know, things along those lines. You know, one of the things that we'll see a fair amount is, you know, organizations that are basically getting bought out, right, and organizations getting scooped up and folded into another gigantic barhemoth, you know, type of thing. And so the relationship you used to have and the pricing you used to have isn't the same as it used to be. So, you know, the reality is that things change, you know, all over the board. And so, you know, when you've got these modifications to, you know, to the players that are involved in your compliance program, you know, overall, then, you know, if your systems, quote, unquote, if your, quote, unquote, systems were dependent on, you know, this other third party and now something's happened with said third party, well, now what are you left with? You know, you're not left with anything. So, you know, it's part of the reason why, you know, I say that, you know, the organization subject to compliance at the end of the day, you know, it's on them to, you know, have the repository for their own information, for their own data, so they, you know, got it in a way that works for them. That's the most important, you know, element for, you know, for these companies. They need to be able to kind of depend on having their own way of doing things and then, you know, figuring out a way to interface with, you know, with the various third parties that they've got to go and interact with.


Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(223)

Building AI Agents Securely - Episode 223

Building AI Agents Securely - Episode 223

AI agents are driving efficiency, but also introducing serious, often unseen security risks. As adoption accelerates, unvetted access, prompt injection, and poorly controlled environments can expose s...

2 Jul 24min

AI-Powered Attacks: Is Your Compliance Program Already Obsolete? - Episode 222

AI-Powered Attacks: Is Your Compliance Program Already Obsolete? - Episode 222

In an era of evolving AI-driven cyberattacks, traditional compliance programs are falling dangerously behind. Static controls create a false sense of security while attackers leverage AI to move faste...

25 Jun 18min

Compliance Theater: Are You Actually Secure or Just Checking Boxes? - Episode 221

Compliance Theater: Are You Actually Secure or Just Checking Boxes? - Episode 221

Most organizations are just performing compliance – ticking boxes, not building real security. What happens when the curtain is pulled back on these check-the-box programs? You might be under the illu...

18 Jun 20min

Audit Fatigue and How to Effectively Navigate It - Episode 220

Audit Fatigue and How to Effectively Navigate It - Episode 220

Caught in a cycle of audit requests, evidence chaos, and burnout? Discover a way out in this episode. Compliance Expert Adam Goslin joins Todd Coshow to reveal the hidden causes of audit fatigue and s...

11 Jun 21min

Identity is the New Perimeter (Zero Trust) - Episode 219

Identity is the New Perimeter (Zero Trust) - Episode 219

On this week's Compliance Unfiltered, discover why identity is the new perimeter in cybersecurity. This episode reveals how zero trust principles can protect your systems by continuously verifying use...

4 Jun 28min

Regulatory Explosion & Board-Level Accountability - Episode 218

Regulatory Explosion & Board-Level Accountability - Episode 218

Discover why compliance is now a boardroom priority, not just an IT task. In this episode, Todd Coshow and Adam Goslin reveal how outdated practices put organizations at risk. Learn about the shift to...

29 Mai 22min

Will Your Compliance Software Vendor Protect Your Data? - Episode 217

Will Your Compliance Software Vendor Protect Your Data? - Episode 217

Most companies overlook vendor vulnerabilities in compliance. On this episode, the CU Guys reveal hidden risks in vendor relationships, from breaches to vetting gaps. Discover tactics for evaluating v...

21 Mai 21min

Data Has Borders: The New Rules of Compliance - Episode 216

Data Has Borders: The New Rules of Compliance - Episode 216

Data compliance isn't just about protecting information anymore — it's about understanding where your data lives, how it moves, and how to stay compliant across borders. On this Episode of Compliance ...

14 Mai 20min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
shifter
rss-kunstig-intelligens-med-elisabeth-maren-og-morten
teknologi-og-mennesker
smart-forklart
rss-ai-forklart
rss-ki-praten
energi-og-klima
elektropodden
rss-alt-som-gar-pa-strom
hans-petter-og-co
kortslutning
fornybaren
rss-heis
rss-digitaliseringspadden
rss-vippserne
rss-bitcoinpolitisk-institutt-norge