Audits Vs. Assessments: What's the Difference and Which Is Right For You? With Jim Goldman and Ben Phillips
Listen now
Description
"The thing about security also is the threats are always changing. So you can't just keep doing what you've been doing and think you're going to be fine. You have to adapt to the changing threat landscape." In the world of Cybersecurity, things are everchanging. This week Cybersecurity expert and CEO & Co-Founder of Trava Security Jim Goldman and Ben Phillips CPA and Director at KSM, discuss the differences between an audit and an assessment when it comes to information security internal risk assessments.  Understanding the difference between a cybersecurity audit and assessment is crucial whether you are a business owner, IT professional, or auditor. Jim and Ben shed light on the motivation behind each - whether they are customer-driven or regulatory - and offer thoughts on which is right for you. If you are seeking cybersecurity certifications like SOC2 or ISO, knowing the difference is an important part of the process - along with patience, lots of patience! What you’ll learn in this episode: The differences between audits and assessments and why they should be conducted. How audits and assessments work together, and how often they should be conducted.Why are both internal and external audits important in the journey to getting certified? Things to listen for: [02:47] Various certifications and audits for data security. [07:53] The main difference between an audit and an assessment  [09:40] Internal audit vs External audit. [15:54] Information security assessment and preparation advice given. [21:07] Differences between type 1 and type 2 SOC 2 reports. Connect with the Guests: Jim Goldman’s LinkedIn - https://www.linkedin.com/in/jigoldman/ Ben Phillips' LinkedIn - https://www.linkedin.com/in/ben-phillips-cpa-cisa-citp-ccsfp-chqp-093b0111/ Connect with the host: Jara Rowe’s LinkedIn - https://www.linkedin.com/in/jararowe/ Connect with Trava: Website www.travasecurity.com  Blog www.travasecurity.com/blog LinkedIn @travasecurity YouTube @travasecurity
More Episodes
We’ve come to the end of another Season of The Tea on Cybersecurity and you know what that means. Join host Jara Rowe in her ultimate receipts from season 3. She highlights the most important things she has learned from her guests this season including why MFA is key to keeping yourself safe...
Published 07/02/24
Published 07/02/24
"Multi-factor authentication? You better get it today. Don't wait till tomorrow." – Jim Goldman We talk a lot about SaaS companies in this show, but today, we’re bringing you something a little different. Jim Goldman, CEO of Trava and one of our favorite cybersecurity experts, joins host Jara...
Published 06/18/24