Securitea Time / Episode #3

Compliance Beyond the Checkbox: A Fresh Perspective on Auditors and Risk

featuring Beau Butaud

Beau Butaud, Risk and Compliance Manager at Moss Adams and an all-around infosec pro, joins us on the third episode of SecuriTea Time to approach risk and compliance from a calculated angle.

Don’t miss out on his formula for infosec success as he unlocks a vault of invaluable tips to supercharge your risk assessment and compliance efforts.This episode promises to be refreshing, so tune in to reinvigorate your GRC senses!

“What truly matters is understanding why you are obtaining a compliance report in the first place and whether the tests conducted against those claims align with your intended purpose.”

“Having a common control framework does make a lot of sense when you have a big enough security org and you have enough resources. You don't need a thousand people, but you also can't do it with like, you know, because it goes back to that question of like, well, what is your program and owning your controls, owning your compliance program? And to really be successful, the unified control framework, you really have to have a good point of view because it's the getting started part.”

Read full transcript here

Listen on YouTube

Read full transcript here

Listen on
Your favourite platforms

Description

Get ready to take notes! Beau Butaud reveals the key to an effective compliance program and explains why treating compliance reports as mere checkboxes is not the best idea.

Discover the art of customizinhg compliance based on your organization’s unique requirements. Beau will guide you through the essential questions to consider when crafting your organization’s compliance program.

Uncover how conducting an objective comparison between the complexities of Generally Accepted Accounting Principles (GAAP) and frameworks like NIST could shed light on the challenges within each domain.

All this and a treasure trove of knowledge await you in this riveting episode! Don’t miss out – tune in now!

Highlights from the episode

  • The benefits of customizing compliance for your organization
  • Drawing a comparison between GAAP and NIST
  • The need for balancing automation and human insight
  • The importance of taking ownership of your compliance program

More Episodes

Watch All
Derek Kalles & Glen Willis
Kalles Group
Episode #1
Strategies to Master Cloud Security
Davis Hake
Co-Founder of Resilience
Episode #1
Fancy some acronym soup, mate?
Vignesh Kumar
Manager of Security and Privacy at Microsoft
Episode #2
Do Auditors Have Horns?
Walter Haydock
CEO of StackAware
Episode #3
AI With a Pinch of Responsibility
Gary Hunter
Cybersecurity at The Walt Disney Company
Episode #4
Back to Basics: A Crash Course for Experts!
Ross Haleliuk
Head of Product at LimaCharlie
Episode #5
De*Romanticizing the Cybersecurity Complexity
Satya Nayak
Head of Security Engineering & Operations at Outreach
Episode #6
Are You YAFing, Bud?
Renae Martin
Senior Technical Program Manager
Episode #7
The Process of Setting Up A Process To Set Up A Process
Jason Leuenberger
Team Coach
Episode #8
A Scoop of Risk, Squishy Not Crunchy!
Akshay Ahuja
Principal - Information Security
Episode #9
The Art of Breaking Into the Security Space
Shashank Karincheti
Senior Manager - Razorpay
Episode #10
The Perks of Automating Audits
Joshua Zweig
Zip Security
Episode #2
Cracking the Cyber Code with Evolving Perspectives of Cybersecurity
Farshad Abasi
Founder and CEO of Forward Security
Episode #4
Cyber Roulette: Playing with Digital Risks
Aaron Wurthmann
CIO & CSO at Spire One
Episode #12
Security: Building a Business Within a business
Todd Dekkinga
CISO at Scrut Automation and Zluri
Episode #11
The Upshot of (Un)continous Compliance
Kevin Qiu
Security Expert at Tech Startups
Episode #13
Security on a shoestring budget

See Scrut in action!

Schedule a Demo