On demand webinars

Most AI in your organization isn’t built in-house; it’s purchased, integrated, or quietly adopted by business teams. That’s where much of today’s risk lives. In this session, we’ll break down what third-party AI risk actually means and how to manage it across the full lifecycle, from intake to decommissioning. Using real-world examples and industry research, we’ll explore scenarios like shadow AI, vendor-hosted SaaS, open-source models, and API-based services. We’ll look at common failure modes like data leakage, model drift, weak logging, and supply chain gaps and explain why traditional third-party risk management (TPRM) often falls short in this environment.

You’ll learn how to apply OWASP guidance (LLM Top 10 and AI/ML supply chain risks) as practical review checklists, and how to align your controls to familiar frameworks like ISO/IEC 42001, COBIT, and the NIST AI RMF. Finally, we’ll discuss emerging regulatory themes including shared accountability across the AI value chain, documentation requirements, and procurement guardrails, so you can strengthen due diligence and ensure your audits are third-party AI ready.