Risk Grustlers

Welcome to 'Risk Grustlers,' where we celebrate the extraordinary journeys of modern-day Risk Leaders who embrace the art of 'Grustle'—a powerful fusion of Grind and Hustle. Our podcast dives into the innovative strategies and bold decisions taken by these risk-takers, shaping the future of cybersecurity and risk management. Join us as we explore their inspiring stories, insightful advice, and cutting-edge technologies that define the alternative GRC landscape.

All Episodes

Risk Grustlers

Do Auditors Have Horns?

August 28, 2023 • Scrut Automation • Season 1 • Episode 2

Welcome to Episode 2 of Risk Grustlers! In this episode, we walk through the journey of Vignesh Kumar, who leads the internal audit teams at Microsoft. He talks about his unorthodox journey to the GRC world, what makes GRC sexy, and why relationships are pivotal in the GRC world.

He offers a peek into the world of audits, explaining how internal and external audits vary and emphasizes the need for regular internal audits.

There are also some sneaky tips on how GRC teams can establish a rapport with other teams to make the whole process, much easier.

Whether you’re a GRC professional or an employee who is vary of it, Vignesh will make you gain a new respect for it. Get ready to see GRC in a new light!

Tune in as he recounts amusing anecdotes of his experiences as an internal auditor and learn whether auditors do have horns or are just an angel in disguise.

About Vignesh

Vignesh Kumar is the Senior Manager of Security and Privacy at Microsoft and an undeniable GRC genius.

Having started out as a project manager at one of the largest equipment manufacturers in the world, Vignesh developed an unexpected passion for GRC. Today, this passion still burns bright, as he sets about making it more palatable and appealing to the uninitiated or to those who dread it. He is the perfect advocate for all things GRC.

Highlights from the episode

Discussing the importance of GRC for an organization’s security
Differentiating between internal audits and external audits
Emphasizing the importance of regular internal audits

Quotes

“So, the key difference is the sense of ownership. Internal auditors have that, while external auditors usually stick to compliance. It's about being risk-based versus compliance-focused.

“What I came to really appreciate about GRC was how it could positively impact my applications. Its ripple effects spread across the organization and ensure that hundreds of applications are compliant.”

About Scrut Automation

Scrut Automation is a risk observability and compliance automation platform built to simplify information security monitoring for cloud-native companies. We help early-stage and growth-stage companies across the globe, establish enterprise-grade information security processes through an easy-to-use GRC platform.

To watch more of our episodes and learn more about us, visit us at https://www.scrut.io/podcasts

About Scrut Automation:
Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring.

Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.

To watch more of our episodes and learn more about us, visit us at :
https://www.scrut.io/podcasts