Managing Compliance Complexity with Mac Bartine

Mac Bartine is the CEO of SmartRIA, a market-leading compliance software platform. Tom Fox welcomes him to this week’s show to talk about his company's services and contributions to the compliance sector, what SmartRIA offers clients in terms of cybersecurity, and the future of technology solutions.  

The Minimum Viable Product

The Minimum Viable Product (MVP) is the first part of the startup process for platforms. It is recognizing the problems within your platforms and also believing that you can solve them. Mac explains to Tom that the problem SmartRIA solution identified in terms of the MVP is the compliance obligations. So many individuals are not experienced in managing compliance in their given industries, and so need a source of structure that understands where they are. SmartRIA offers them that, as well as the tools and frameworks needed. 

Vendor Due Diligence & Data Governance

Vendor due diligence and vendor management are key to managing cybersecurity risk. "You have to understand who you're working with and what precautions they're taking as a business to protect you from cyber risk," Mac tells Tom. Having access to the proper documentation that reflects this is also important. SmartRIA has a plethora of different policies and procedures to protect clients' data and takes the lists of vendors their clients have and itemizes each risk. Data governance falls under the same bracket as due diligence, that is, who has access to the vendors and what devices they use to access the data from those vendors.

SmartRIA as an SEC Solution

The solutions that you use for compliance obligations have to be done in a way that documents everything as it happens. "If it isn't documented, it didn't happen," Mac says. Internal auditors aren't in the position of giving the benefit of the doubt because they have no evidence of due diligence. SmartRIA has the tools to help its clients through this by way of PDF files, workflows, and documents. 

To The Future

Tom asks Mac what the future will be like for technology solutions. Regulations in every industry are going to increase. "Across every industry, there is an increasing need for cybersecurity-related evidence, and tracking of what's happening in that space," Mac says. Data governance and vendor due diligence are big parts of that, but compliance management is going to also become more important.

Resources

Mac Bartine | LinkedIn | Twitter 

SmartRIA