Tony Bradley in AdobePodcasts

Adobe Shares Creative Approach to Managing GRC

TechSpective Podcast Episode 054

Navigating the web of regulatory compliance mandates and mitigating risk from a constantly evolving and expanding threat landscape is challenging. For a company like Adobe–a large enterprise with a global footprint that was also an early adopter of cloud technologies–managing governance, risk, and compliance (GRC) is even more complex. A leader from the Adobe Tech Governance, Risk, and Compliance (TechGRC) team at Adobe joins me on this episode of the TechSpective podcast to talk about the creative and innovative ways Adobe tackles GRC.

Adobe had to develop its own approaches to help ensure security controls are uniformly implemented across its diverse technology stack. They also wanted a system that enables proactive action to mitigate issues quickly if there is any deviation from the preferred state. The technology governance, risk, and compliance (TechGRC) team at Adobe developed the Strategic Technology Iniatives program to help meet these goals. A blog post from Adobe describes some of the key features of STI:

Driving strategic initiatives across Adobe to better ensure that our assets have the desired security configurations in place per industry best practices
Efficiently using data collected from our Operations security stack, Application security stack, and technical compliance requirements to create these initiatives to further drive our desired security governance
Driving the adoption of these initiatives/best practices into Adobe-wide sprints through our corporate standards and policies
Implementing automated controls around continuous adoption, monitoring, and tracking of potential deviations

Listen to the podcast for more insights about the challenges of GRC and the importance of managing governance, risk, and compliance effectively.

Please ask questions and share your thoughts on the topic in the comments below. I appreciate your help to share the podcast and grow the audience. Also, please subscribe to the TechSpective podcast through your favorite podcast platform, and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes, or wherever you listen.

About
Latest Posts

Tony Bradley

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram and LinkedIn.

View Comments (0)

Tackling Swivel Chair Syndrome
TechSpective Podcast Episode 142 Ajit Sancheti, General Manager of NG-SIEM at CrowdStrike recently joined…
Unlocking Proactive Compliance with Adobe’s Common Controls Framework
TechSpective Podcast Episode 141 I had the pleasure of speaking with Devansh Sharma, Senior…
Unlocking the Power of Continuous Threat Exposure Management
TechSpective Podcast Episode 140 I recently sat down with Jason Fruge, CISO-in-residence at XM…