Do Ethical GRC auditors really exist?

In this episode, the crew digs into a messy but necessary topic: what does ethical auditing even mean in a market overrun with automation shortcuts, low-effort SOC 2 audits, and firms that self-declare “quality” without proving it?With Troy actively auditing today and Kendra working with auditors in real time, the team breaks down where rigor actually shows up, where the system is broken, and why SOC 2’s value is slipping as fast as demand for speed is rising.03:00 – “Quality theater” and firms self-labeling as high quality04:10 – Who defines quality—auditors or customers?05:00 – The four-hour SOC 2 audit example06:00 – The danger of “better than the worst” logic07:00 – What thorough auditing actually looks like (Kendra’s experience)09:30 – SOC 2 inconsistency across auditors and firms11:00 – Should audit firms be objectively measured?15:00 – Kendra’s “secret shopper auditor” idea19:20 – Automation platforms producing shallow “green checkmark” results22:00 – Drive-by auditors rubber-stamping automated data26:00 – Peer review and “enhanced oversight” gaps33:00 – Why the industry isn’t incentivized to fix the quality problem39:00 – Ethical auditors exist—but the system doesn’t reward them Hosted on Acast. See acast.com/privacy for more information.