The Third Party Risk Institute Podcast
Go beyond the headlines with The Third Party Risk Institute Podcast, the official podcast of Third Party Risk Institute.
Each episode brings you into the room with top experts in third-party risk, cybersecurity, procurement, governance, and compliance. Hear how risk leaders tackle real-world challenges, share lessons learned, and stay ahead of evolving threats.
We explore the strategies that work, the mistakes that teach, and the insights you won’t hear anywhere else.
Perfect for risk professionals, procurement leaders, auditors, and decision-makers who want to lead with confidence.
🎧 Subscribe now, new episodes drop monthly on Spotify, Apple Podcasts, YouTube Music, and Amazon Music.
The Third Party Risk Institute Podcast
The Future of Third-Party Risk Management: AI, Resilience, Cyber Risk, and What Comes Next with Matthew Moog
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Third-party risk management is changing fast. For years, many organizations have relied on questionnaires, point-in-time assessments, manual workflows, and fragmented ownership across procurement, cyber, compliance, resilience, privacy, model risk, and business teams. But with AI, cyber ratings, data ecosystems, shared assessments, trust centers, regulatory pressure, and operational resilience expectations becoming more important, the future of TPRM is moving beyond traditional vendor due diligence.
In this episode of the Third Party Risk Institute Podcast, Linda Tuck Chapman speaks with Matthew Moog, Principal of Risk Managed Services at EY, about where third-party risk management is heading and what risk professionals need to understand now. Matt shares lessons from his career across EY, TrueSight, and OneTrust, including the challenges of standardizing assessments, building shared third-party risk utilities, using data before sending questionnaires, and rethinking how organizations assess, monitor, and respond to supplier risk.
This conversation explores some of the biggest issues facing risk, procurement, cybersecurity, compliance, and operational resilience teams today, including:
- Why traditional third-party risk assessments are no longer enough
- How AI and automation may change vendor risk management workflows
- Why the future of TPRM depends on better data, not more questionnaires
- The role of cyber ratings, trust centers, attestations, certifications, and standardized data
- How organizations can reduce fragmented third-party risk processes
- Why operational resilience, fourth-party risk, and dependency mapping are becoming critical
- How DORA, regulatory expectations, and global financial services guidance are shaping TPRM
- Why human judgment still matters in an AI-enabled risk environment
- What risk professionals should focus on to build a stronger career in TPRM
Matt also shares practical career advice for professionals entering or growing in third-party risk management, operational risk, cyber risk, vendor risk, and governance roles.
This episode is essential listening for anyone working in third-party risk management, vendor risk management, supplier risk, operational resilience, cybersecurity risk, regulatory compliance, procurement, financial services risk, AI governance, fourth-party risk, or enterprise risk management.
🎧 Enjoying the podcast?
Explore more resources, expert insights, and certification programs at www.thirdpartyriskinstitute.com
📱 Follow us on LinkedIn for real-world conversations and industry trends: Third Party Risk Institute Ltd.
📬 Have a question or topic you'd like us to cover?
Email us at: info@thirdpartyriskinstitute.com
