Key Takeaways AI skepticism remains a hurdle: While interest in AI is high, doubts about accuracy, safety, and trust persist. This emphasizes the need for accurate, transparent, explainable AI models with validation and governance. Focus on time savings for overworked teams: A major draw of AI is automating repetitive tasks and finding pain points. This …
by Scott King 
Recently, AT&T issued a concise statement, spanning 183 words, acknowledging a data breach. The breach exposed 65 million records containing sensitive personal information. You can find the statement on AT&T’s website: AT&T Addresses Recent Data Set Released on the Dark Web (att.com). As a risk manager, two phrases caught my attention: “…it is not yet …
by Sam Abadir 
In Third-Party Risk Management (TPRM), adopting Artificial Intelligence (AI) presents both an opportunity and a dilemma. One, if you should use AI, and second, for what tasks. I talked with TPRM experts Sam Abadir and Tom Garrubba about responses from a recent poll among approximately 1,000 risk management professionals. We reviewed the questions and responses …
by Scott King 
Most third-party risk lifecycles adhere to a similar pattern: planning, due diligence, contract negotiations, ongoing monitoring, and termination. However, the management and responsibility of these processes differ significantly across organizations. Traditionally, the information security department carried this burden, but recent events like Covid, regional wars, political changes, and socially-focused laws have broadened organizations’ risk perception …
by Scott King 
We’ve received a lot of questions and inquiries regarding the recent AI executive order enacted by President Biden. Sam summarized his opinions and what they mean here. He recommends you follow the NIST AI Risk Management Framework for now as the agencies complete their reports per the 90, 180, 270, and 365-day deadlines in the order. …
by Scott King 
The Executive Order issued by the White House on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence marks a significant step towards establishing a robust framework for AI governance.¹ As a compliance expert, I recognize the critical importance of this directive in setting clear guidelines and expectations for the responsible development and …
by Sam Abadir 
OCC Interagency Guidance on Third-Party Risk Management Amidst government inefficiencies, it’s worth commending US banking regulators for their ongoing efforts to simplify and consolidate guidance and regulations related to third-party risk management. Earlier this year (June 2023) The Office of the Comptroller of the Currency (OCC) issued its final Interagency Guidance on Third-Party Relationships: Risk Management. …
by Sam Abadir 
A global CPA firm is redefining audit processes by integrating AI-powered automation with Krista’s Audit Assistant Solution. Discover how the firm improves efficiency, precision, and transparency in auditing, resulting in increased revenue, customer satisfaction and enhanced risk management.
by Scott King 
The Securities and Exchange Commission (SEC) recently released a proposed rule that would require public companies to implement new cybersecurity risk management and disclosure measures.¹ The proposed SEC cybersecurity disclosure rules aim to modernize and standardize the SEC’s approach to cybersecurity risk management by updating and expanding its guidance to companies regarding their disclosure obligations and …
by Sam Abadir 
In today’s global economy, companies rely on complex supply chains to bring their products to market. With so many suppliers involved, it can be challenging for businesses to keep track of potential risks in their supply chain. Third-party supply chain risk is a significant concern for many organizations, and they are constantly looking for ways …
by Scott King © Krista Software | Privacy Policy | Terms of Service
