{"version":"1.0","type":"rich","provider_name":"Acast","provider_url":"https://acast.com","height":250,"width":700,"html":"<iframe src=\"https://embed.acast.com/$/6702dcb9c88f09c3e0b9a10a/688ab3d5be8bca0ca2c692d7?\" frameBorder=\"0\" width=\"700\" height=\"250\"></iframe>","title":"The TPRM Tug-of-War: Trust, Tools, and the AI Tradeoff","description":"<p>This week, the crew sits down with Henry Stanley—founder of Fabrik and engineer-turned-GRC troublemaker-to dig into the messy reality of third-party risk management (TPRM). With experience across fintech, startups, and security consulting, Henry brings a pragmatic but optimistic view of how the industry can move forward.</p><p><br></p><p>From the limits of SOC 2 and the myth of standardization to the risks and rewards of AI-powered questionnaires, the group unpacks why TPRM is so fragmented—and why that’s not necessarily a bad thing. They also get real about AI in audits, the future role of assurance professionals, and why human connection still matters.</p><p><br></p><p>06:30 – Why TPRM Is Fragmented by Nature</p><p>09:00 – SOC 2 Isn’t Enough (And Never Was)</p><p>13:30 – Does Anyone Really Trust Audit Reports?</p><p>17:30 – Blacklists, Quality Checks &amp; the SOC 2 Vibe Check</p><p>20:00 – The Rise of AI in Vendor Assessments</p><p>25:30 – AI Answers vs. AI Confidence</p><p>28:30 – Auditing the Auditors (and Their AI)</p><p>32:00 – Reasonable Assurance in an AI World</p><p>35:30 – Skepticism, Trust, and Human-in-the-Loop Auditing</p><p>38:00 – Does AI Kill Creativity? A Side Quest</p><p>44:00 – Will TPRM Be Agent-to-Agent in the Future?</p><p><br></p><p>Guest: Henry Stanley, Founder of Security Program.io</p><p>Hosts: Troy Fine, Kendra Cooley</p><p>Producer: Elliot Volkman</p><p>Runtime: ~56 minutes</p>","author_name":"Chaos"}