Listen

Description

In this episode of InfoSec Insider, George Ryan and Jack Woods, both Consultants at URM, answer some of the niche and unusual questions around governance, risk and compliance (GRC).  Jack and George leverage their extensive experience supporting organisations to strengthen their information security and risk management to discuss: 
• The key questions clients rarely ask despite being extremely important
• Whether a policy is enough on its own
• The security policies that are most frequently not followed in practice
• How to avoid prioritising compliance over genuine security
• The easiest ways to establish whether a control is effective
• How to achieve buy-in from executives on managing and mitigating risks before they materialise. 
Ask Jack and George a question:  https://urmconsulting.com/podcasts/unusual-grc-questions
            

If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider            

You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts          

Brought to you by URM, the UK’s leading information and cyber security specialists.