Managing Third-Party Risk at Scale Without Drowning in Surveys - with Carey Smith (14 min)
ai-bias-fairness ai-driven-innovation-economy ai-governance-laws ai-in-cybersecurity ai-in-workforce-disruption
- Release date: 2026-03-26
- Listen on Spotify: Open episode
- Episode description:
The collapse of traditional, static survey models at scale creates a systemic visibility gap that transforms multi-tier supply chain dependencies into boardroom-level risks. In this Aravo-sponsored episode, Carey Smith, former CIO and Chief Technology Innovation Officer of Blue Cross Blue Shield of Minnesota and President and CIO of XcelerateHealth, outlines how enterprises must transition to continuous, AI-enabled monitoring to achieve deterministic explainability in risk scoring. The discussion focuses on shifting from simple risk detection to operational resilience by automating remediation playbooks and segmenting vendor scrutiny based on business materiality Want to share your AI adoption story with executive peers? Learn how brands work with Emerj and other Emerj Media options at go.emerj.com/partner
Summary
- 🔍 Visibility First: Enterprises lose sight of cascading risks in vast supplier networks; AI restores it via continuous monitoring over static surveys.
- 📊 Explainable AI: Black boxes kill trust—deterministic scoring, data provenance, and traceable actions make AI outputs reliable for oversight.
- ⚙️ Automate Remediation: Shift from detection to action with AI-triggered playbooks, reducing alert fatigue and enabling instant mitigations.
- 🎯 Segment by Materiality: Not all vendors are equal; deep AI focus on high-risk ones linked to revenue, data, and operations maximizes impact.
- 🤝 Human-AI Partnership: AI handles repetition and noise; humans drive strategic risk decisions, unlocking peace of mind and resilience.
Insights
Why do traditional third-party risk management methods fail at enterprise scale with thousands of suppliers?
Time: 2:57 – 3:52
Category: AI-Driven Innovation Economy, AI Governance & LawsAnswer: Static questionnaires and annual certifications create an illusion of control but deliver stale insights, leading to lost visibility into risk cascades from unknown Tier 4 suppliers that can trigger major breaches or violations. This becomes a board-level crisis when unseen risks materialize. (Start at 2:57)
What ensures AI risk scoring avoids the dreaded black box in enterprise operations?
Time: 4:51 – 8:05
Category: AI Governance & Laws, AI Bias & FairnessAnswer: Deterministic explainability, strict data provenance, and full traceability of actions allow risk teams to review, understand, and override scores. Without this, AI fails to build resilience and erodes trust among human stakeholders. (Start at 4:51)
How can AI restore visibility in complex, multi-tier supplier networks?
Time: 5:34 – 6:42
Category: AI in CybersecurityAnswer: AI enables continuous risk-based monitoring by ingesting external threat feeds, financial signals, and telemetry to dynamically update risk scores in real-time. This shifts organizations from survey-rich but insight-poor states to transparent, actionable risk postures. (Start at 5:34)
What is the ideal balance between AI automation and human oversight in risk management?
Time: 7:29 – 7:56
Category: AI in Workforce DisruptionAnswer: AI reduces noise, prioritizes material risks, and handles repetitive assessments, providing peace of mind through transparency. Humans retain control over strategic decisions like risk acceptance and mitigation, ensuring AI enhances rather than replaces judgment. (Start at 7:29)
How does AI evolve risk management from mere detection to true resilience?
Time: 8:47 – 10:31
Category: AI-Driven Innovation Economy, AI in Workforce DisruptionAnswer: By automating remediation workflows, triggering pre-approved playbooks like contract reviews or supplier switches, and segmenting vendors by materiality to focus on high-risk ones tied to revenue and data. This prevents alert fatigue and ensures action follows identification. (Start at 8:47)