Name: AI in risk management and governance: Driving efficiency while preserving trust
Start: 2026-03-04T18:00:00Z
End: 2026-03-04T18:01:00.000Z
Location: BrightTALK

AuditBoard’s mission is to be the category-defining global platform for connected risk, elevating our customers through innovation. More than 50% of the Fortune 500 trust AuditBoard to transform their audit, risk, and compliance management. AuditBoard is top-rated by customers on G2, Capterra, and Gartner Peer Insights, and was recently ranked for the sixth year in a row as one of the fastest-growing technology companies in North America by Deloitte.

The rapid proliferation of artificial intelligence (AI) across industries presents unprecedented
opportunities alongside complex ethical, legal, and operational challenges. Historically, organizations have managed AI-related risks through nascent AI governance frameworks, while data privacy has been addressed by established privacy operations like the International Association of Privacy Professionals’ (IAPP’s) Certified Information Privacy Manager (CIPM) certification. However, the intertwined nature of AI and data privacy — where AI systems often process vast amounts of personal data, and privacy breaches can severely impact AI trust and compliance — underscores the inefficiencies and potential gaps of siloed approaches.

Learning objectives for this session: 
 - Improve regulatory compliance.
 - Enhance public trust.
 - Improve resource utilization by leveraging shared principles, tools, and expertise.
 - Use best practices for streamlining risk management operations.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Converging horizons: Towards an integrated AI governance and privacy framework

Pre-IPO and newly public companies often face significant challenges in establishing their first internal control framework to meet Sarbanes-Oxley (SOX) Section 404 requirements. Without a clear plan, organizations risk financial restatements, regulatory scrutiny, and diminished investor confidence.

Our expert panel will outline a strategic roadmap for SOX readiness, providing guidance on optimal timing and practical steps for a successful transition. You’ll learn how to design and implement your first Internal Control over Financial Reporting (ICFR) framework, align early with auditors, and leverage technology like SOXHUB to simplify compliance. Drawing from real-world pain points and best practices, we’ll cover the differences between management and auditor responsibilities, filer requirements, and a phased maturity model that helps organizations prepare effectively for compliance while building a sustainable control culture.

By the end of this webinar, participants will be able to:
 - Prepare organizational leaders with an understanding of when and how internal controls are needed during the IPO journey, and how technology (including SOXHUB) supports this process.
 - Describe which companies must comply and when, based on filer type, revenue thresholds, and IPO timing.
 - Apply a 5-phase roadmap to prepare for SOX compliance, from planning and scoping to audit readiness and sustainment.
 - Discuss common pitfalls and material weaknesses in internal controls, and strategies to remediate them.
 - Explore how an initial SOX program can be designed to scale and grow to meet broader compliance and risk needs as a company matures.


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Your IPO readiness roadmap: Navigating SOX compliance

Macro shocks are a feature of today’s risk climate — one that has become more nonlinear, accelerated, volatile, and interconnected. This environment demands a transformation of how you approach risk management — from a compliance and often backward-looking orientation to one that is strategic and future-facing. Amid this transformation, new research from EY finds that two archetypes of risk leaders have emerged: Strategists and Traditionalists. Learn what separates the two, including the behaviors driving better performance and enterprise value.

From this session, viewers will be able to: 
 - Recognize the drivers changing the risk landscape.
 - Differentiate between Risk Strategists and Risk Traditionalists.
 - Describe the behaviors linked to superior performance.
 - Apply practical steps to elevate your own risk function.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

The rise of the risk strategist: Building resilience in an uncertain world

Join us to learn about AuditBoard’s "Connected Risk Maturity Model," a four-stage framework designed to help GRC leaders transform their risk programs. This webinar will explore how to move from a traditional, reactive approach to a strategic, data-driven, and collaborative one. We'll take a real-life assessment and use real-world examples to show you how a connected risk approach drives resilience and growth.

From this session, you will be able to: 
 - Describe the four stages of connected risk maturity: Starting, Foundational, Advanced, and State-of-the-art.
 - Leverage executive sponsorship and improve collaboration among risk, audit, and compliance teams to accelerate GRC initiatives.
 - Identify how a unified data and technology foundation can enable automation, analytics, and AI to help your organization proactively manage risk.


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Forging your path to connected risk maturity: A blueprint for GRC leaders

Most AI in your organization isn’t built in-house; it’s purchased, integrated, or quietly adopted by business teams. That’s where much of today’s risk lives. In this session, we’ll break down what third-party AI risk actually means and how to manage it across the full lifecycle, from intake to decommissioning. Using real-world examples and industry research, we’ll explore scenarios like shadow AI, vendor-hosted SaaS, open-source models, and API-based services. We’ll look at common failure modes like data leakage, model drift, weak logging, and supply chain gaps and explain why traditional third-party risk management (TPRM) often falls short in this environment.

You’ll learn how to apply OWASP guidance (LLM Top 10 and AI/ML supply chain risks) as practical review checklists, and how to align your controls to familiar frameworks like ISO/IEC 42001, COBIT, and the NIST AI RMF. Finally, we’ll discuss emerging regulatory themes including shared accountability across the AI value chain, documentation requirements, and procurement guardrails, so you can strengthen due diligence and ensure your audits are third-party AI ready.

Participants will walk away able to:
• Identify key scenarios where and third-party AI enters their organization through shadow tools, vendor SaaS, open-source models, or APIs, and the unique risks each presents.
• Discuss why traditional TPRM struggles in the AI era and what needs to change to stay ahead.

• Implement a practical AI lifecycle, including intake → risk tiering → due diligence → contracting → onboarding → monitoring/change control → decommissioning.

• Incorporate compliance into contracts and monitoring using current guidance on transparency, accountability, and third-party assurance.


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Ready or not: Get ahead of third-party AI risk in your organization

Delivering timely, accurate, and compelling audit reports is essential to an internal audit department’s success. Unfortunately, most auditors dislike — and some even detest — the report development process. For audit staff and managers, writing is arduous, the editing process is frustrating, and the next audit is already calling. For audit executives, the constant review and revision of report content is both time-consuming and burdensome.  

To help internal auditors solve these challenges, Margie will share what she has learned from teaching thousands of auditors to think critically and write clearly. Furthermore, she will discuss best practices from her 2023, IIA-published book Clarity, Impact, Speed: Delivering Audit Reports that Matter, 2nd Edition. 

At the end of this session, attendees will be able to:
 - Outline reader expectations for report structure, content, and readability.
 - Apply four principles for writing compelling reports.
 - Use practical strategies to speed up report development.
 - Build their team’s writing skills and confidence.


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Delivering audit reports that matter

Generative AI and ML promise to change the way all business functions operate, including GRC. While the potential for productivity gains is clear, the risks associated with their use and ways to address them are still being understood. As technology advances, risk management grows in importance, and requirements continue to increase in number and visibility. In order to encourage the secure use of AI, we need to develop new ways of governing AI risk. 

This session will explore the evolution of traditional governance processes like policies, training and awareness, third-party risk, data governance, access control, and monitoring. We’ll also explore several novel and emerging techniques for mitigating AI risks, such as enforcing security-centric prompts and model guidance, and the opportunity for prompt libraries and enterprise controls that lead to secure AI use within the enterprise. 

Let’s explore the future of this trend and the guardrails to help your organization navigate this next major evolution of technology. 

Learning objectives for this session:
 - Assess the risks that come with generative AI and AIML-based technologies.
 - Explore how to extend your existing governance processes to cover AI risks.
 - Discuss emerging practices for effectively integrating security into AI-enabled use cases.


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

How good governance enables AI innovation

Organizational culture shapes how risks, decisions, and behaviors are managed, yet it is often viewed as an ideal rather than a tangible asset. In this webinar, Richard Chambers, AuditBoard’s Senior Advisor, Risk and Audit will share the findings of AuditBoard’s “2025 Organizational Culture and Ethics Report.” The research disclosed that organizations must deploy a shared culture risk model that aligns the efforts of management, internal auditors, and the risk management and compliance teams for success. Finally, Richard will explore six six core recommendations to help organizations operationalize culture risk within the GRC ecosystem.

Learning objectives for this session:
 - Discuss the roles of audit, risk, and compliance in organizational culture.
 - Identify key culture-related risks and common barriers to effective assessment and management of these risks.
 - Incorporate culture KRIs and guiding principles into their processes to assess and monitor culture at their organizations. 


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

From burning platform to strategic priority: Tackling culture risk in the GRC ecosystem

AI isn’t limited to just large internal audit teams. Even a team of one can do a lot of value-added work with it. In this series, we’ll break down how large and small internal audit teams are using tools such as ChatGPT, Copilot, and purpose-built audit models in their workflows. We’ll also provide a “state of the union” on GenAI in internal audit, talk through the reality vs. the hype, and provide an easy-to-understand, non-technical description of how large language models (LLMs) like ChatGPT work.

In this session, you will learn how to:
 - Explain in plain language how large language models (LLMs) work.
 - Identify at least three high-impact AI use cases.
 - Assess common concerns about AI and AGI (ethics, data privacy, and job displacement).


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

How internal audit uses AI: From the Fortune 100 to the five-person audit team

In the era of AI, are the “8 Ways to Practice the Human Touch of Audit” still valid? Dive into what’s necessary for internal auditors to apply their soft skills today and obtain true trusted advisor status, including psychological safety: the ability to speak up and take risks without fear. We’ll also explore how Domain III of the new Global Internal Audit Standards emphasizes partnership and communication between the CAE, the board, and senior management — requiring essential soft skills to enable the internal audit function to perform its duties effectively.     

Learning objectives for this session:
 - Discuss the soft skills needed today for a successful internal audit function.
 - Describe what psychological safety is — and isn’t.
 - Apply soft skills to fulfill key elements of the updated Standards.


    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

The human touch of audit: Cultivating soft skills

Despite billions invested, 95% of organizations see limited returns from generative AI. Our new research shows why: without elite risk management, firms cannot deploy this technology confidently or take the strategic risks that unlock true business value.

Join us for the unveiling of the second edition of our flagship report, Generative AI in Risk & Compliance 2025. Drawing on a global survey of senior risk and compliance leaders, analysis of 600+ use cases, and expert contributions from leading RiskTech vendors, this session delivers clarity on how GenAI is reshaping enterprise risk profiles and where it can genuinely deliver value.

Key questions we’ll address include:
- Which GenAI risks are now dominating the enterprise agenda?
- In what ways is GenAI being leveraged to strengthen compliance programs?
- What areas of risk and compliance are most affected by generative AI?
- Which vendors are emerging with differentiated expertise and tools worth watching?

Walk away with a clear view of the ROI paradox, and how risk and compliance leaders, together with the right technology partners, are closing the gap.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Generative AI in Risk and Compliance: Insights from the 2025 Industry Report

Generative AI and ML promise to change the way all business functions operate, including GRC. While the potential for productivity gains is clear, the risks associated with their use and ways to address them are still being understood. As technology advances, risk management grows in importance, and requirements continue to increase in number and visibility. In order to encourage the secure use of AI, we need to develop new ways of governing AI risk. 

This session will explore the evolution of traditional governance processes like policies, training and awareness, third-party risk, data governance, access control, and monitoring. We’ll also explore several novel and emerging techniques for mitigating AI risks, such as enforcing security-centric prompts and model guidance, and the opportunity for prompt libraries and enterprise controls that lead to secure AI use within the enterprise. 

Let’s explore the future of this trend and the guardrails to help your organization navigate this next major evolution of technology. 

Learning objectives for this webinar: 
 - Assess the risks that come with generative AI and AIML-based technologies.
 - Explore how to extend your existing governance processes to cover AI risks.
 - Discuss emerging practices for effectively integrating security into AI-enabled use cases.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Organizational culture shapes how risks, decisions, and behaviors are managed, yet it is often viewed as an ideal rather than a tangible asset. In this webinar, Richard Chambers, AuditBoard’s Senior Advisor, Risk and Audit will share the findings of AuditBoard’s “2025 Organizational Culture and Ethics Report.” The research disclosed that organizations must deploy a shared culture risk model that aligns the efforts of management, internal auditors, and the risk management and compliance teams for success. Finally, Richard will explore six six core recommendations to help organizations operationalize culture risk within the GRC ecosystem.

Key topics for this session:
 - Discuss the roles of audit, risk, and compliance in organizational culture.
 - Identify key culture-related risks and common barriers to effective assessment and management of these risks.
 - Incorporate culture KRIs and guiding principles into their processes to assess and monitor culture at their organizations. 

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

AI isn’t limited to just large internal audit teams. Even a team of one can do a lot of value-added work with it. In this series, we’ll break down how large and small internal audit teams are using tools such as ChatGPT, Copilot, and purpose-built audit models in their workflows. We’ll also provide a “state of the union” on GenAI in internal audit, talk through the reality vs. the hype, and provide an easy-to-understand, non-technical description of how large language models (LLMs) like ChatGPT work.

Learning objectives for this session:
 - Explain in plain language how large language models (LLMs) work.
 - Identify at least three high-impact AI use cases.
 - Assess common concerns about AI and AGI (ethics, data privacy, and job displacement).

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

As cyber risks continue to evolve in complexity and scale, so too must the standards and practices of internal audit. To remain effective and deliver meaningful value to the business, internal audit teams must adapt — enhancing their approach to risk, controls, and assurance. This transformation is being driven by updates to the Global Internal Audit Standards released by the Institute of Internal Auditors (IIA) in 2024, along with the new IIA Cybersecurity Topical Requirement in 2025. These changes provide a framework for internal audit functions to strengthen their role in cybersecurity oversight and align with emerging expectations. 

In this webinar, we will:
 - Explore the latest developments in the cybersecurity landscape and their implications for internal audit.
 - Examine how audit teams are evolving their strategies to deliver greater impact.
 - Break down key updates from the 2024 IIA Standards revision.
 - Discuss the 2025 IIA Cybersecurity Requirement and what it means for your audit function.
 - Explain how to integrate these requirements into your audit planning process.
 - Share real-world examples of how these standards can be applied effectively.

Join us to gain practical insights and actionable guidance that will help your internal audit team stay ahead of the curve in a rapidly changing risk environment.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Internal audit at a crossroads: Adapting to cyber threats and new standards

AI is not on the horizon. It is here. It has been here. Generative AI (GenAI) and large language models (LLM) entered the cybersecurity zeitgeist nearly three years ago when ChatGPT became available to the public. Business leaders are clearly interested in using GenAI. They are scrambling to incorporate it in any way that makes sense—and many ways that might not make sense.

This webcast is built on insights from one of our most anticipated cybersecurity surveys of the year—offering an in-depth look at how the community is adopting, adapting to, and defending against artificial intelligence in all its forms.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

SANS 2025 AI Survey: Measuring AI’s Impact on Security Three Years Later

Join our live product webinar to discover how AuditBoard’s SOXHUB and OpsAudit solutions empower organizations of all sizes to audit with ease.

Attend this session to see how our platform uses AI, customizable forms, and real-time dashboards to centralize your findings, improve collaboration, and ensure faster resolution.

In this webinar, we’ll showcase the core functionality of our Audit Management and Internal Controls Management solutions, along with an overview of our purpose-built capabilities designed to streamline testing and fieldwork

Learning objectives for this session:
 - Discover how to manage audit projects and conduct all of your risk analysis in one single platform.
 - Learn how AI-powered tools can automate manual testing tasks and streamline documentation.
 - Explore how to efficiently track, resolve, and follow up on audit findings and action plans.

Audit Demo Webinar: Efficient fieldwork: How to simplify documentation and testing

Artificial intelligence is rapidly reshaping how organizations approach risk. Leading teams are using AI to automate reviews, surface insights, and monitor risks continuously. At the same time, trust, governance, and oversight are lagging, leaving organizations exposed. In this session, CrossCountry practitioners will share a two part playbook: first, exploring how AI is already transforming risk management with practical use cases, such as accelerating controls testing, anomaly detection, and reporting; and second, learning how to establish AI governance that builds confidence, aligns with frameworks like NIST’s AI RMF, and meets regulatory expectations. You’ll walk away with clear next steps to harness AI responsibly, balancing innovation with oversight.

After this webinar, attendees will be able to:
 - Recognize practical use cases of AI in risk management that drive efficiency and insights.
 - Differentiate risks introduced by AI adoption and identify where governance is most critical.
 - Apply principles from the NIST AI RMF, ISO standards, and other frameworks to structure AI governance.
 - Plan a phased approach that balances AI experimentation with accountability and oversight.

    * CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

AI in risk management and governance: Driving efficiency while preserving trust

Risk Management

Risk Framework

Risk Analysis

Risk Assessment

NIST

Governance

Compliance

Artificial Intelligence

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Research and Development

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

AI in risk management and governance: Driving efficiency while preserving trust

Presented by

About this talk

AuditBoard