You are currently focusing on the certification. Go to program dashboard.
Join us for a friendly debate on why compliance is so misunderstood and the critical role it plays in determining overall security posture.
PLEASE NOTE. Certificates of Completion for CPE credit are not available for viewing of archived webinars. For all OCEG certification holders, viewing of archived webinars will be automatically tracked and recorded in your Certification Dashboard on your Profile on the OCEG site and will count toward OCEG certification CPE requirements only.
We’ve all heard the argument that compliance doesn’t equate to security. It’s rooted in the fact that security leaders must go beyond “checking the compliance box” by broadly examining the risk surface and the various bad actors and threats we encounter. Regulations and frameworks just cannot keep up.
So, no, just being compliant does not make a company secure. But here is where the paradox sets in, without compliance you also cannot be secure. This paradox is created because in discussions peers, pundits and others in the community do not discuss which type of compliance they are referring to when they discuss this topic. In compliance there are actually 3 types! Two little “c” and the BIG C.
Here are the 3:
Regulatory Compliance - really is just another risk as it relates to the potential of being fined for being non compliance
Framework Compliance - This is part of the Big C compliance. Organizations select frameworks that help guide their compliance programs
And finally the BIG C. The C in GRC, the organization’s entire compliance program
Chris and Praj will debate and discuss this “paradox” of compliance vs security and the importance of the BIG C and why without Compliance you also cannot truly be secure. Attendees will be able to apply this understanding to their own programs and how to find the right balance between compliance and security in their organizations.
Information & Billing:
+1 (602) 234-9278
Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.
Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP are trademarks of OCEG.