Please prabh dont stop asking questions ..all the questions you asked were point on..these are realistic questions not wriiten or documented anywhere ..we are in your channel to get answers to all unsolved cookies..please continue with what you are doing..its helping people like us who are not from IT background to survive in IT risk profile
To the point explanation about the process. Another key area Harshita could have included was about Effective Stakeholder Communication In this process where in the first case you are meeting with the stakeholders to understand use case of third-party that business line is seeking to procure and secondly in certain circumstances you might have to engage third party over a discussion where there is no clarity about controls they have explained or any gaps you have observed. Let’s say vulnerability and patch management, business continuity exercise and sometimes management hasn’t included any statement about treatment plan for exceptions noted in audit reports. I completely agree that this is huge and ongoing process which cannot be explained in a specified time frame and lastly it varies upon use case with different considerations so hats off..
I couldn't express my gratitude enough for all you do for free here! Your teachings have really helped me a great deal! Thanks to Harshita as well, she did an awesome job explaining most of the processes! I truly appreciate both of you and may God continually protect and uphold you all. Thanks for improving on the audio sound as well! Looking forward to the vendor risk assessment. ❤
"If Prabh can do it, then anyone else can do it" I disagree with her. Prabh is on another level, Praph is consistent and passionate about all security topics. Prabh is the encyclopedia of Information security. Praph is an inspiration to the security field and the community overall.
Regarding ISO issuance, who is responsible? It is the Certificate issuers like Deloitte, BSI etc. I am seeing that companies, got the certificate never renew its and uses the same to lure the customers after expiration. I am not sure why issuers doesn't maintain the records for certificate issuance like issuance and expiry date and re-ask to do so. And if companies fails and again using the same certificate for business purpose. Legal action can be taken.
Many thanks to Prabh and Harshitha..These days I always wait for your new upcoming videos and I also write down the notes on the topics u discuss ,as am planning to shift my career.Would like to know how the security and privacy questionarre looks like in real time. Please conduct a mock inetrviews on GRC,GDPR,CYBER ESSENTIALS AND PLUS,THREAT MODELLING ,stride.
A quick feedback - I did watch most of your interviews, you seem to interrupt the guest a lot of times , not good , no doubt the content is good but if you go back and look host spoke more than the guest . Let the guest speak !
Sorry to say that I disagree with this comment as I see most of the questions prabh was asking are in most of our minds... He is driving the speaker in a more productive way so that we can apply that to real time scenarios.. Bookish knowledge we will get from anywhere. But understanding the real application is something we need to appreciate which most of the videos don't provide... I really like this session....@
Please prabh dont stop asking questions ..all the questions you asked were point on..these are realistic questions not wriiten or documented anywhere ..we are in your channel to get answers to all unsolved cookies..please continue with what you are doing..its helping people like us who are not from IT background to survive in IT risk profile
To the point explanation about the process. Another key area Harshita could have included was about Effective Stakeholder Communication In this process where in the first case you are meeting with the stakeholders to understand use case of third-party that business line is seeking to procure and secondly in certain circumstances you might have to engage third party over a discussion where there is no clarity about controls they have explained or any gaps you have observed. Let’s say vulnerability and patch management, business continuity exercise and sometimes management hasn’t included any statement about treatment plan for exceptions noted in audit reports. I completely agree that this is huge and ongoing process which cannot be explained in a specified time frame and lastly it varies upon use case with different considerations so hats off..
I couldn't express my gratitude enough for all you do for free here! Your teachings have really helped me a great deal! Thanks to Harshita as well, she did an awesome job explaining most of the processes! I truly appreciate both of you and may God continually protect and uphold you all. Thanks for improving on the audio sound as well! Looking forward to the vendor risk assessment. ❤
Finally I got a clear vision now to switch from Non IT (Mechanical) to Security management ❤... Thanks a lot entire team....
Explaining difficult things in an easy way is an art. Love the content and thanks for your efforts.
Thanks Prabh for this amazing setup. Request you to please not interrupt the speaker while they are still speaking.
Thanks very much Prabh & Harshita, Great Content.
This is really helpful. I have a background in risk management and really enjoyed the content.
Thanks Prab. I should be taking notes while listening to your videos.
Your videos are valuable.
Great thanks Prabh and Harshita for this wondefful session of TPRM.
Great session 👏 the validation part was interesting, and I would love to hear more about it.
to the point and very clear explanation. Thank you!
Thank you so much
Thank you for the detailed session, super helpful.
Thank you for the knowledge session.. its a great learning and hope to see other videos on GRC
@Prabh , I had one question, how can we identify if the ISO cert is fake ?
Thank you Prab and Harshita 👍
"If Prabh can do it, then anyone else can do it"
I disagree with her. Prabh is on another level, Praph is consistent and passionate about all security topics. Prabh is the encyclopedia of Information security. Praph is an inspiration to the security field and the community overall.
appreciate for sharing good content👏🏻
Great Content Prabh...You are the real eye-opener.
Liked the spider man context😊
Regarding ISO issuance, who is responsible? It is the Certificate issuers like Deloitte, BSI etc. I am seeing that companies, got the certificate never renew its and uses the same to lure the customers after expiration. I am not sure why issuers doesn't maintain the records for certificate issuance like issuance and expiry date and re-ask to do so. And if companies fails and again using the same certificate for business purpose. Legal action can be taken.
Great information 👍 we need more series on TPRM.
Great Content. Keep it up!!
Many thanks to Prabh and Harshitha..These days I always wait for your new upcoming videos and I also write down the notes on the topics u discuss ,as am planning to shift my career.Would like to know how the security and privacy questionarre looks like in real time. Please conduct a mock inetrviews on GRC,GDPR,CYBER ESSENTIALS AND PLUS,THREAT MODELLING ,stride.
hi great content
pls whats the website she talked about in updating ones knowlegde in GRC,couldnt get the spelling?
Excellent session 🙏
Very clearly explained. Thq
Please what is the website for keping up todate that the presenter shared by Harshita?
Awesome 👏🏽 I
😊thank you very much
What are the KPIs that need to be considered
Excellent
A quick feedback - I did watch most of your interviews, you seem to interrupt the guest a lot of times , not good , no doubt the content is good but if you go back and look host spoke more than the guest . Let the guest speak !
Thanks for the feedback:) I just wanted to make sure content to remain engaged:) .I do respect my speaker and I will try to improve this :)
Sorry to say that I disagree with this comment as I see most of the questions prabh was asking are in most of our minds... He is driving the speaker in a more productive way so that we can apply that to real time scenarios.. Bookish knowledge we will get from anywhere. But understanding the real application is something we need to appreciate which most of the videos don't provide... I really like this session....@