Last week Frank Vukovits, Director of Strategic Partnerships here at Fastpath, met with Boris Agranovich of Global Risk Community, for an interview to share insights into some of the most critical security issues keeping auditors up at night.
All of the Things Auditors Have Been Asking About
During the interview they discussed important topics such as with cybersecurity now in the evolution of all the tools out there, it is a different approach to what auditors are asking for and what they're looking for.
In the past auditors used to be very, very focused on the ITGC or IT General Controls. Now with cyber, the threat landscape is much broader and they have to worry about security and the controls on the outside or the external threats, but still worried about security on the inside, the internal threats, that fraud that could exist in areas where traditionally they asked the ITGC questions.
And when you move applications to the cloud, they're asking questions about the key vendors you work with, that you integrate with.
Everyone now has software solutions. Auditors have to ask questions about how you do vendor management and what questions are you asking those key vendors you're now doing business with electronically? Do you know the controls are in place to develop their product? If your solution is hosted in the cloud, like Microsoft hosted on Microsoft Azure, do you ask questions about the host during the controls? They have to keep your data safe.
Those are all questions that auditors never had asked in the past.
Watch below and visit the Global Risk Community website for this and other interviews with professionals in the GRC community.
If you enjoyed this interview, watch the previous interview of Aidan Parisian, Vice President of Customer Strategy at Fastpath, by Boris on how Covid-19 has impacted businesses, and security and risk management in particular.