COBIT 5 – Governance, Risk, & Compliance

[Before] Third-Party Risk Management

Posted on November 10, 2019November 10, 2019 by Shobhit Mehta

I was going through ISO 27001 and COBIT to understand the Third-Party (or vendors) Risk Management process in detail. And though both the frameworks provide enough guidance on ensuring the proper due diligence on the vendors, I could not find any material on what happens before the vendors are onboard – how does the Information…

Why do we need Governance Frameworks, SOC 2 Audits, & Compliance?

Posted on February 25, 2019November 10, 2019 by Shobhit Mehta

Yesterday I met my previous roommate who’s a Computer Science nerd and recently completed his internship at one of the best tech companies in the Valley. We met after a long time and soon after discussing how we’ve been, he asked about my work. I told him – “I am currently working on the Governance…