Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week, Matt and Tom take up the Log4j imbroglio. Some of the issues we consider:

·      Why is this matter of such importance to compliance and audit?

·      Is your IT security out-sourced? If so how do you perform 3^rd party due diligence on these companies?

·       What is the intersection of 3^rd party, cyber and operational risk?

·      How can you implement at 3^rd party risk management program in cyber?

·      Have you audited a 3^rd party in the cyber realm?

Resources
Matt in Radical Compliance