Risk Tide Core · Self-paced · Foundational

Managing AI Risk in Third-Party Relationships

You can’t manage what you can’t see.

AI is already in your vendor ecosystem, and most third-party risk programs were not built to catch it. The risk does not begin when a vendor sets out to build a model. It begins when AI quietly shows up inside tools you already use, and no one is asking the right questions. This practical, foundational course gives you the frameworks to find, assess, and monitor AI across your vendors through a third-party risk lens. Built around AIMED, Risk Tide’s framework for evaluating AI vendor risk. No data-science background required.

Audit & assuranceTPRM & vendor riskRisk & complianceLegal & privacyProcurementInternal auditCPAs
Enroll now, $29 See what’s inside
1 NASBA-eligible CPE Shareable certificate ~1 hour · 4 modules
The course at a glance
1 hourDuration
Self-pacedFormat
1 CPENASBA eligible
$29Was $49 · one-time
What’s included

Everything you need to get ahead of AI vendor risk

4 Modules

Full coverage of the AI vendor risk lifecycle, from discovery to ongoing monitoring.

Actionable Takeaways

Practical questions and checklists you can apply starting Monday morning.

Shareable Certificate

Earn a certificate of completion you can post on LinkedIn and add to your resume.

1 CPE Credit

Meets CPE requirements for qualifying professionals, including CPAs.

Resume Booster

Show employers and clients you can spot and manage AI vendor risk.

Lifetime Access

Come back to the material anytime after enrollment.

Course modules

Four modules, one AI vendor risk lifecycle

From spotting AI you did not know was there to monitoring it over time, built on AIMED, Risk Tide’s framework for evaluating AI vendor risk.

01

AI 101

Foundations
  • Evaluate the riskiness of AI within a vendor relationship, and identify what makes AI-related third-party risk different from traditional vendor risk.
  • Identify the common categories and model types of AI found in vendor relationships, and explain why existing vendor inventories often fail to capture them.
02

AI Governance Framework

Governance
  • Define the core components of an AI governance framework, and explain how policy, process, and procedures work together within it.
  • Differentiate what makes AI governance different from existing third-party frameworks.
03

AI Assessment in Action

Assessment
  • Identify AI influences along the TPRM lifecycle.
  • Recognize how each component of AIMED maps to the appropriate stage of the TPRM lifecycle.
04

Monitor, Report, Repeat

Monitoring
  • Recognize why continuous, event-driven monitoring is required for AI vendors, and identify the key signals for reassessment.
  • Identify how the governance framework dictates what to monitor and report, and assess where your current program stands.
The framework

Meet AIMED

Five letters, one lens you apply across the TPRM lifecycle. You do not have to be an AI expert. You just need to know what to ask, and when to bring in the people who are.

A
AI PresenceIs AI being used at all? Make discovery part of your intake.
I
ImpactWhat does the model do, and what decisions or outcomes does it affect?
M
Model QualificationDoes it meet your definition of a model? Should a specialist weigh in?
E
Evidence of ValidationHas it been tested and validated, and can the vendor explain it plainly?
D
Data Use & MonitoringWhat data does it use, and how will you know if that changes?
FAQ

Questions, answered

Do I need a data-science or technical background?

No. The course is built for risk, audit, and business professionals. It is foundational level: some familiarity with basic TPRM concepts helps, but no data-science or technical background is required.

How long is the course, and what is the format?

About one hour across four self-paced online modules. Start anytime, learn at your own pace, and come back to the material whenever you need it with lifetime access.

Do I earn CPE credit?

Yes. The course awards 1 NASBA-eligible CPE credit, meeting CPE requirements for qualifying professionals, including CPAs.

Who is this course for?

Audit, accounting, and assurance professionals, TPRM and vendor risk managers, procurement, compliance, and CPAs. Anyone responsible for understanding AI risk in their vendor relationships.

What is AIMED?

AIMED is Risk Tide’s framework for evaluating AI vendor risk. The course is built around it and shows how each component maps to the stages of the third-party risk management lifecycle.

Do I get a certificate?

Yes. You earn a shareable certificate of completion you can post on LinkedIn and add to your resume.

Garit Gemeinhardt, Co-Founder and Head of Learning Experiences at Risk Tide
Meet your course creator

Garit Gemeinhardt

Co-Founder & Head of Learning Experiences

Garit brings more than 15 years of industry experience into every training. He combines real-world insight with practical application to create engaging sessions that challenge perspectives and prepare professionals to lead with confidence.

“Most risk training teaches you what risk is. We teach you what to do with it.”

More about the Risk Tide team
Enroll today

Ready to get ahead of AI vendor risk?

Start applying a practical, framework-driven approach to AI risk in your third-party relationships. One hour, 1 CPE, and a certificate, for $29.

Enroll now, $29

Training a team on AI vendor risk? Book a time with our team →

Team Training? We've Got You Covered.