The AI in Business Podcast Managing Third-Party Risk at Scale Without Drowning in Surveys - with Carey Smith
7 snips
Mar 26, 2026 Carey Smith, former CIO and technology innovation leader in healthcare, now advising on AI-driven third-party risk. He explains why static surveys fail at scale. He describes continuous, AI-enabled monitoring with deterministic explainability. He outlines shifting from detection to automated remediation and segmenting vendors by materiality.
AI Snips
Chapters
Transcript
Episode notes
Static Surveys Create Illusion Of Control
- Static, survey-based third-party risk programs fail at scale and create an illusion of control.
- Carey Smith says questionnaires become stale immediately, leaving orgs survey-rich but insight-poor and blind to tiered supplier breaches.
Tier Four Suppliers Can Trigger Board Crises
- Carey Smith recounts how the model collapses at scale and hidden tier-four suppliers can trigger board-level crises.
- She warns a tier-four supplier you didn't know about causing a breach converts supply chain risk into boardroom risk.
Continuous Monitoring Replaces Annual Reviews
- Continuous risk-based monitoring replaces annual paperwork to provide real-time risk posture.
- Smith describes AI ingesting threat feeds, financial signals, sanctions and cyber telemetry to dynamically update scores near real time.