EPISODE · Dec 4, 2025 · 1H
From Checklists to True Compliance-as-a-Service (EP 947)
from Uncle Marv's IT Business Podcast (Real Talk for IT Pros & MSPs) · host Tim Golden, Shanna Utgard
MSPs are being dragged into compliance whether they’re ready or not, and this episode gives you a practical roadmap from people who’ve already done it. Tim and Shanna break down how to launch compliance-as-a-service, reduce your legal exposure, and finally get paid for work you’re already doing for free.Why Listen:Learn how Compliance Scorecard evolved from a simple checklist into a multi-module GRC platform built by an MSP for MSPs.Hear real stories about CMMC, HIPAA, New York DFS, SOC 2 and cyber insurance requirements driving new revenue and risk.Understand how to document client decisions so “we told you no” is provable when lawyers and insurers get involved.Discover how to reposition your QBRs/TBRs from “ticket counts” to executive-level risk and business impact conversations.See why assigning a dedicated compliance champion inside your MSP is the crucial first step before tools.Get a preview of Compliance Scorecard’s AI-driven policy experience that explains policies “like I’m five” and tests user understanding.*** Cast your vote for the 2025 Podcast Awards: https://www.itbusinesspodcast.com/p/2025-podcast-awards/Links from the Show:Compliance Scorecard: https://www.compliancescorecard.comCMMC (Cybersecurity Maturity Model Certification): https://dodcio.defense.gov/cmmc/About/HIPAA (Health Insurance Portability and Accountability Act): https://www.hhs.gov/hipaaNew York DFS (Department of Financial Services Cybersecurity Regulation): https://www.dfs.ny.govFedRAMP: https://www.fedramp.govCIS IG1 (Center for Internet Security Implementation Group 1): https://www.cisecurity.orgSOC 2 (Service Organization Control 2): https://linkly.link/2SBSQSPONSORS:Livestream Partner, ThreatLocker: https://www.itbusinesspodcast.com/threatlockerLegacy Partner, NetAlly: https://www.itbusinesspodcast.com/netally/Internet Provider, Rythmz: https://www.itbusinesspodcast.com/rythmzProduction Gear Partner, Liongard: https://www.itbusinesspodcast.com/liongardTravel Partner: Bvoip: https://www.itbusinesspodcast.com/bvoipTravel Partner: TruGrid: https://www.itbusinesspodcast.com/trugridDigital Partner, Designer Ready: http://itbusinesspodcast.com/designerreadySHOW MUSIC: Item Title: Upbeat & Fun Sports Rock LogoItem URL: https://elements.envato.com/upbeat-fun-sports-rock-logo-CSR3UETAuthor Username: AlexanderRufireItem License Code: 7X9F52DNML === Connect with Uncle Marv🌐 Website: https://www.itbusinesspodcast.com/🎙 Host: Marvin Bee🛒 Uncle Marv’s Amazon Store (gear & tools I recommend): https://amzn.to/3EiyKoZ☕ Support the show: https://ko-fi.com/itbusinesspodcastIf you found value in this episode, share it with another MSP, IT provider, or tech entrepreneur. Your support helps keep practical, no-nonsense IT business conversations coming every week.
What this episode covers
Uncle Marv sits down with Compliance Scorecard’s founder Tim Golden and channel veteran Shanna Utgard to unpack how MSPs can turn compliance from a painful checkbox exercise into a profitable, defensible service offering. They dive into risk conversations, cyber insurance, frameworks like CMMC and HIPAA, and why documenting client decisions is now essential for avoiding lawsuits.
NOW PLAYING
From Checklists to True Compliance-as-a-Service (EP 947)
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m