- This event has passed.
Ready or not: Get ahead of third-party AI risk in your organization
September 17, 2025 @ 2:00 pm – 3:00 pm EDT
Description:
Most AI in your organization isn’t built in-house; it’s purchased, integrated, or quietly adopted by business teams. That’s where much of today’s risk lives. In this session, we’ll break down what third-party AI risk actually means and how to manage it across the full lifecycle, from intake to decommissioning. Using real-world examples and industry research, we’ll explore scenarios like shadow AI, vendor-hosted SaaS, open-source models, and API-based services. We’ll look at common failure modes like data leakage, model drift, weak logging, and supply chain gaps and explain why traditional third-party risk management (TPRM) often falls short in this environment.
You’ll learn how to apply OWASP guidance (LLM Top 10 and AI/ML supply chain risks) as practical review checklists, and how to align your controls to familiar frameworks like ISO/IEC 42001, COBIT, and the NIST AI RMF. Finally, we’ll discuss emerging regulatory themes including shared accountability across the AI value chain, documentation requirements, and procurement guardrails, so you can strengthen due diligence and ensure your audits are third-party AI ready.
Learning Objectives:
Participants will walk away able to:
- Identify key scenarios where and third-party AI enters their organization through shadow tools, vendor SaaS, open-source models, or APIs, and the unique risks each presents.
- Discuss why traditional TPRM struggles in the AI era and what needs to change to stay ahead.
- Implement a practical AI lifecycle, including intake → risk tiering → due diligence → contracting → onboarding → monitoring/change control → decommissioning.
- Incorporate compliance into contracts and monitoring using current guidance on transparency, accountability, and third-party assurance.
CPE Credit(s): 1
Field of Study: Information Technology
Instructional Delivery Method: Group Internet Based
Level: Basic
Prerequisite: None
Advanced Preparation: None
*Click here for more CPE Information.
AuditBoard Webinar Series: Tune into the AuditBoard Webinar Series to hear from industry experts who will discuss the latest trends in audit, risk, and compliance, and to gain actionable insights to help elevate your organization’s performance. Register Now to earn free CPE credits!
