GRC as a Growth Engine: From Checklists to Continuous Assurance ft Vivek Madan - Director of Security, Risk, and Compliance @ Fortinet cover art

GRC as a Growth Engine: From Checklists to Continuous Assurance ft Vivek Madan - Director of Security, Risk, and Compliance @ Fortinet

GRC as a Growth Engine: From Checklists to Continuous Assurance ft Vivek Madan - Director of Security, Risk, and Compliance @ Fortinet

Listen for free

View show details

Summary

In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Vivek Madan to unpack what it really means to run a modern GRC program inside a global cybersecurity company. Drawing from his journey across networking, security engineering, risk, and compliance, Vivek shares how GRC can function as a true business enabler—opening markets, accelerating revenue, and strengthening trust. This conversation stands out for its practical frameworks, real-world stories, and honest discussion about friction between engineering, security, auditors, and compliance teams, giving listeners a grounded view of how GRC works when it’s done right.

Key Takeaways:

  • GRC works best when it is positioned as a growth enabler that unlocks new markets, not just a compliance checkbox.
  • Strong governance establishes foundational rules that allow security and risk decisions to scale consistently across the business.
  • Storytelling is a critical GRC skill—people align with compliance when they understand the “why,” not just the requirement.
  • Common controls frameworks reduce complexity when designed intentionally across global, application-specific, and product-specific needs.
  • Automation matters, but process automation is just as important as technical automation to reduce compliance friction.

What You’ll Learn:

  • How GRC enables business expansion into regulated and global markets
  • Why compliance resistance exists—and how to overcome it
  • A practical 50–35–15 model for common controls frameworks
  • How to balance continuous assurance with annual audits
  • What modern GRC leaders look for when hiring talent

This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: https://www.compliancecow.com

Watch more episodes: https://www.compliancecow.com/podcast

Connect With Our Guest:
Vivek Madan | Director of Security, Risk, and Compliance | Fortinet
Connect on LinkedIn: https://www.linkedin.com/in/vivek-madan-cissp-ccsp/

Rate, review, and share if you enjoyed the show!

Subscribe to Security & GRC Decoded wherever you get your podcasts:

Spotify: https://open.spotify.com/show/5pigcMwOrYIA6d9OOOsxqr?si=416b82ab5c474683

Apple Podcasts:https://podcasts.apple.com/us/podcast/security-grc-decoded/id1795144450
adbl_web_anon_alc_button_suppression_c
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.