When GRC Stops Watching and Starts Working with Ryan Schoeller скачать в хорошем качестве

When GRC Stops Watching and Starts Working with Ryan Schoeller

In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Ryan Schoeller, Director of Security & GRC at Treasure Data, to challenge one of the most deeply rooted assumptions in the industry: that GRC should stay passive and “independent.” Drawing from his experience across startups, mid-market tech companies, and large enterprises, Ryan argues that the most effective GRC teams are the ones that actively participate in control monitoring, risk management, and operational decision-making. This conversation goes beyond audits and checklists, exploring how GRC can truly drive business value by protecting revenue, enabling growth, and embedding risk thinking into everyday operations. Key Takeaways: GRC delivers the most value when it actively participates in monitoring controls, not just validating them after the fact. Risk is the most critical — and most neglected — pillar of GRC, often confused with gaps or vulnerabilities. Strong relationships with engineering and business teams are essential for GRC to gain meaningful access to data. GRC engineering is not just about writing code; it’s about applying an engineering mindset to workflows, tooling, and processes. Automation alone is not a business case — value comes from how freed-up time is reinvested. What You’ll Learn: Why the “three lines of defense” model often breaks down in real organizations How GRC teams can reduce compliance theater by becoming more operational The difference between a vulnerability, a gap, and an actual risk How to build a business case for GRC automation that leadership will support Why front-ending GRC work (sales assurance, customer trust) often matters more than backend audit prep This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: https://www.compliancecow.com Watch more episodes: https://www.compliancecow.com/podcast Connect With Our Guest: Ryan Schoeller | Director of Security & GRC | Treasure Data Connect on LinkedIn:   / ryanschoeller   Rate, review, and share if you enjoyed the show! Subscribe to Security & GRC Decoded wherever you get your podcasts: Spotify: https://open.spotify.com/show/5pigcMw... Apple Podcasts: https://podcasts.apple.com/us/podcast...