TrustTalks

Trust Talks with Dan Andrea, Partner at KLR

Dec 10, 2024

Click here to listen on Spotify

Sravish sits down with Dan Andrea to discuss the latest security and GRC trends.

Here is what they discuss:
⚠️ Pitfalls to avoid for successful audits
🕵️‍♂️ Finding the right auditor & what to ask
💰 Industry pricing insights
🔮 The future of GRC

Timeline:
0:46 What changes are you seeing in the GRC industry, and what areas do you think we can do better?
5:38 How do you implement an entire SOC 2 Type II compliance program and pass your Type I audit without education?
7:51 What are some of the pitfalls that you see young startups taking and what can they learn for a successful audit?
11:38 How does a company find the right auditor? What are some of the questions they should ask?
15:39 What are your views on how this industry is pricing this process? What should a startup expect?
23:07 Why do enterprises require us to complete extensive questionnaires instead of accepting the SOC 2 Type II report provided by our auditor?
28:27 Who in your mind are Trust Champions in this industry?
31:16 What do you think we will be doing differently in GRC 20 years from now?

Learn about auditor’s findings, and how to avoid them

As one of the leading tools in the space, our TrustCloud team will take you through all that you need to know about Security and GRC in a series of podcasts. Driven by three terms, GRC stands for Governance, Risk management, and Compliance – it is a compass that guides organizations through the complexities of modern business, ensuring they stay on course, mitigate risks, and operate ethically for fundamental and long-term success.