Taking place at RAI Amsterdam on September 27 and 28, #RISK Amsterdam examines the trends and best practices organisations are employing to navigate today’s rapidly evolving risk landscape.
Sudha Madhusudhan is an Information Security Senior Consultant at FedEx. She has multi-geographic experience with regulatory Exposures from EU Commission Requirements on cybersecurity in Civil Aviation, FFIEC, Dutch National Bank, Reserve Bank of India, and Bank of England.
Sudha will be at #RISK Amsterdam to discuss the limitations of traditional compliance programmes and why organisations should adopt a more comprehensive approach to ensuring a compliant workplace.
- Skeletons in the Closet? Going Beyond the Checklist & Rethinking Compliance - Wednesday 27th September, 10:00 - 11:00pm (CEST) - GRC & Financial Risk Theatre
We spoke with Sudha about her professional journey and for an introduction into the themes on the table at her #RISK Amsterdam session.
Could you outline your career pathway so far?
I began working as a network engineer after earning my degree in 2006, and I’ve since gone on to providing IT infrastructure services.
As my career has progressed, I have had the opportunity to work on several quality and security assessments. In 2012, I learned about ISO 27K, and I shifted my work towards information security auditing and consulting.
As I’ve moved forward in my profession, I’ve been exposed to numerous regulatory requirements for different sectors, including banking, IT, and aviation, as well as industry best practices, like NIST, ITIL, CSI controls, COBIT, ISO27K, and PCI.
What does a more “proactive” approach to compliance mean, and what are the benefits?
Compliance requirements are assessed by the organisation against their policy, standard and regulatory requirements for their business. A proactive compliance approach can be taken by setting up a strategy and practices to prevent regulatory violations and ensure adherence to the law and organisation policy and standards.
A proactive compliance approach includes, but is not limited to, education and training; risk assessment; continuous monitoring, and improvement to adapt to changing regulations and evolving business conditions. By doing so we can reduce the legal and finance risk, early detection of issues, enhancing reputation and improving the operational efficiency.
What primary hurdles do organisations face as they bid to improve compliance culture and processes?
In my opinion, the greatest hurdle is “Resistance to Change”. This includes employees and leadership when it comes to technology enhancement and compliance maturity etc. In addition:
1. Lack of awareness hinders the compliance efforts
2. Complexity of evolving regulations, e.g: Aviation cybersecurity requirements
3. Resistance in reporting non-compliance
4. 3rd Party risks – Never-ending compliance issues with vendors against organisations’ policies and standards.
We need to have a holistic approach to improve the above hurdles, an approach that includes leadership commitment, ongoing training and communication, a focus on ethical behaviour, robust monitoring and reporting mechanisms, and a willingness to adapt to evolving regulations and industry standards.
Hear Sudha Madhusudhan debating these issues in depth in the #RISK Amsterdam panel: “Skeletons in the Closet? Going Beyond the Checklist & Rethinking Compliance”.
The experts discuss their experiences, insights, and strategies for moving beyond checklist mentalities and implementing effective compliance strategies tailored to an organisation’s needs.
Attendees will learn about the benefits of a more proactive approach to compliance, as well as practical steps they can take to improve their own compliance culture and processes.
Also on the panel:
- Magdalena Rzaca, GDPR & IPR Legal Advisor, GÉANT
- Victoria Van Roosmalen, CISO & DPO, Coosto
- Baiba Zvejniece, Compliance Officer, Societe Generale
- Martin Delange, VP Business Development Europe, Pathlock
#RISK Amsterdam unites thought leaders and subject matter experts for a deep-dive into organisational approaches to handling risk. Content is delivered through keynotes, presentations and panel discussions.
- Session: Day 1, Skeletons in the Closet? Going Beyond the Checklist & Rethinking Compliance
- Theatre: GRC & Financial Risk Theatre
- Time: 10:00 – 11:00pm (CEST)
- Date: Wednesday 27 September 2023
#RISK Amsterdam is also available on-demand for global viewing.