2024-06-08, 15:30–16:15, Track 3 (Moody Rm 102)
When assessing AI-related risk, do we include our vendors' use of AI? We don't have to reinvent the VRM wheel: we just have to consider some new factors. How in the world do we assess AI risk, and where do we start? We will discuss these questions, new tools, and creative approaches such as (and not limited to)the NIST AI RMF, ISO standards 23053 and 42001, contractual considerations, and legislation like the EU-AI Act to help reduce AI risk in the VRM process.
Managing AI-related risk is a new factor to consider as companies race to deliver AI-integrated services. This introduces a breadth of AI risks from many sources, including our supply chains. Do you have a plan to assess third-party AI risk? Furthermore, do you know what tools you can use to make this assessment less painful for you, your team, and your vendors? Together, we will discuss considerations and tools to effectively assess and manage AI risk within your VRM program without breaking the bank or souring healthy business relationships.
Principal Spreader of Smiles | Teriyaki Chicken Connoisseur | Professional Goober-in-Training | Head Janitor and Cook for the Honda Household | Sometimes does Security for Whistic | Bad at Making Jokes and Writing Bios