Tom Garrubba

Tom Garrubba's picture
About: 

Shared Assessments Senior Director and CISO, Tom Garrubba, is an internationally recognized subject matter expert, consultant, lecturer, author, and instructor for the Certified Third Party Risk Professional (CTPRP) program. Previously, Tom was Senior Privacy Manager at a Fortune 10 healthcare company where he implemented and managed their vendor risk program. He’s an experienced professional with over 20 years of experience in IT security, privacy, audit, and risk and compliance in various industries and public consulting.  You can connect with Tom Garrubba on LinkedIn.

From this author

Sep 20, 2018    0
Third Parties, Contracts and Brown M&Ms
While walking outside on my way to an early meeting, between sips of coffee I was jarred awake by a passing car with the music of Van Halen blaring through the speakers. As a fan of “early” Van Halen I snickered to myself recalling the legend of the “Brown M&Ms” in their contract that was often joked about amongst...
Read more   
Jun 28, 2018    0
The Importance of Risk Culture in an Organization (Hint: It’s Everything!)

At a recent conference on risk in London, I was pleasantly...

Read more   
Actively participate in anticipatory compliance activities to monitor risk.
May 26, 2018    0
The Importance of Participatory Compliance with Your Critical Vendors

In a recent interview for a technical blog, I mentioned that I heard keynote speaker former U.S. Attorney General John Ashcroft (at the 2016 Securities Industry and Financial Markets Association’s (SIFMA) Internal Auditors Society conference) reference that organizations should prepare to adopt what he called “anticipatory compliance.” This concept involves outsourcers being able to demonstrate that they are actively anticipating, studying and acting on perceived threats (...

Read more