Trust Talks with Aaron Kirkpatrick, CISO at Venminder

Sravish sits down with Aaron Kirkpatrick to discuss the latest security and GRC trends.

Here is what they discuss:
🏆 Showcasing GRC's value to your organization
🤔 Handling last-minute security questionnaires
🚩 Common vendor evaluation red flags
🚀 The future of GRC in 10-20 years

Chapters:

0:41 Why do you lean towards evidence and controls over documents and policies in the realm of GRC?

2:54 How do we make GRC more accessible, more current, and more fundable in organizations?

3:44 What are some practical tips you have to showcase the value of GRC to the rest of the organization?

7:08 When a salesperson shares a lengthy security questionnaire on a Friday morning with a deadline the same day, what goes through your mind?

8:28 What advice do you have for startups with a small team to answer security questionnaires effectively?

11:04 Are there any red flags that you commonly see when you evaluate vendors?

13:36 Despite possessing a SOC 2 certification, organizations continue to receive security questionnaires. Don’t we trust auditors?

16:12 Do you have any best practices to share for young companies pursuing their first SOC 2?

18:15 How can you get the budget for SOC 2 Type II?

19:15 Who have you worked with in the GRC industry that is a Trust Champion?

22:07 What do you think we will be doing differently 10 or 20 years from now in GRC?

Stay tuned for more!

Follow Sravish on LinkedIn 👉 https://www.linkedin.com/in/sravishsridhar/
Follow Aaron on LinkedIn 👉https://www.linkedin.com/in/aaronkirkpatrick/
Follow TrustCloud on LinkedIn 👉 https://www.linkedin.com/company/trustcloudai/
Want to learn about TrustCloud or Trust Assurance? 👉 https://www.trustcloud.ai/
Want to find more compliance materials? 👉https://www.trustcloud.ai/blog/
Want Free SOC2? 👉 https://www.freesoc2.com