Risk Management
Description
True enterprise risk lies beyond third parties, hidden deep within complex supply chain dependencies, like subcontractors and shared cloud services, demanding a complete shift in focus for TPRM programs. This practical session will equip you with the strategies to move past static onboarding, helping you uncover critical fourth-party exposures and implement necessary continuous monitoring practices. We will provide real world insights on balancing program priorities, making the case for security ROI, and ensuring your business continuity planning is robustly challenged to withstand a failure anywhere in your extended vendor ecosystem.
About the speakers
Mary Carmichael, CPA, CISA, CISM, CRISC is a governance, risk, and cybersecurity leader with deep expertise in helping organizations manage emerging technology risk. As principal at Momentum Technology, she advises both public and private sector clients on AI governance, third-party risk, and modernizing GRC practices. Mary is a Catalyst Fellow at Toronto Metropolitan University’s Rogers Cybersecure Catalyst, where she focuses on AI supply chain and third-party risk research. She is the immediate past President of ISACA Vancouver (Canada). She has presented at major industry events such as RSAC, ISACA North America, ISACA Europe, and IIA/ISACA GRC. In 2025, she was recognized as one of Security Magazine’s Women in Security and received the ‘Lift As You Climb’ Mentorship Award from Canadian Women in Cybersecurity.
Loading form...
Related resources
Internal Audit
Culture eats strategy for breakfast: The internal audit “so what?”
Compliance
InfoSec
Strengthening IT and cyber resilience for modern enterprises
Risk Management
TPRM in motion: Governance, ownership, and execution
Internal Audit
Culture eats strategy for breakfast: The internal audit “so what?”
Compliance
Strengthening IT and cyber resilience for modern enterprises
Discover why industry leaders choose Optro
SCHEDULE A DEMO
