Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week, Matt and Tom take up the Log4j imbroglio. Some of the issues we consider:
· Why is this matter of such importance to compliance and audit?
· Is your IT security out-sourced? If so how do you perform 3rd party due diligence on these companies?
· What is the intersection of 3rd party, cyber and operational risk?
· How can you implement at 3rd party risk management program in cyber?
· Have you audited a 3rd party in the cyber realm?
Resources
Matt in Radical Compliance