Here's Where We're Speaking This Month
Podcast
All Things Internal Audit Podcast: The Rise of Fourth-Party Threats

In this episode, Mike Levy and Shontelle Mixon discuss the growing risks tied to fourth-party relationships. They discuss how internal auditors can leverage technology, enhanced contracts, and cross-functional collaboration to pinpoint, track, and reduce those downstream risks. They break down how internal audit's role is evolving in a world shaped by cybersecurity, AI, and shifting regulations.

View Content Now

Description

Key points

  • Introduction [00:00–00:00:38]
  • What Is Fourth-Party Risk? [00:00:38–00:01:52]
  • Evolution of Risk and Offshoring Trends [00:01:52–00:02:32]
  • Mitigating Fourth-Party Risks [00:02:32–00:03:47]
  • Steps for Maturing a Vendor Risk Program [00:03:47–00:04:50]
  • The Challenge of Shadow IT [00:04:50–00:05:54]
  • Data Mining and Continuous Monitoring [00:05:54–00:06:59]
  • Beyond the SOC Report [00:06:59–00:08:27]
  • Getting Started Without Tech [00:08:27–00:09:32]
  • Cybersecurity as a Starting Point [00:09:32–00:10:44]
  • Educating the Audit Committee [00:10:44–00:12:00]
  • Real-Time Monitoring and Vendor Audits [00:12:00–00:13:09]
  • Misconceptions About Outsourcing Risk [00:13:09–00:13:56]
  • Preparing for the Future [00:13:56–00:15:32]
  • Pitfalls in Contracting [00:15:32–00:16:38]
  • First Step for New Audit Functions [00:16:38–00:17:12]
  • Aligning with Organizational Risk Priorities [00:17:12–00:18:36]
  • Getting Executive Buy-In [00:18:36–00:20:06]
  • Supporting Smaller Audit Shops [00:20:06–00:21:14]
  • Final Advice [00:21:14–00:21:58]

To view our on-demand content now, fill out the form below:

By accessing this content, you agree to subscribe to our newsletter. We respect your privacy and will not spam you.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

By accessing this content, you agree to subscribe to our newsletter. We respect your privacy and will not spam you.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
previous webinar

All Things Internal Audit Podcast: The Rise of Fourth-Party Threats

Join an Upcoming Event

Tuesday, May 19, 2026
12:00 PM - 1:00 PM EDT

AI Part 4: Auditing AI-Enabled Processes

Location: Virtual
Thursday, May 21, 2026
12:00 PM - 4:00 PM EDT

Bots, Bias, and Bad Decisions: The New Fraud and Ethics Risk in AI

Location: Virtual
Friday, May 22, 2026
12:00 PM ET, 60 minutes

Fieldwork Fridays: The Prompt — AI + Internal Audit Office Hours

Virtual

Meet With Speaker,
Mike Levy

Mike Levy is a recognized leader in the internal audit profession with more than two decades of experience across internal audit, cybersecurity oversight, and enterprise risk management.

Before founding Cherry Hill Advisory, Mike served as a Chief Audit Executive and worked within Deloitte’s Risk Advisory practice. He has also held leadership roles within the Institute of Internal Auditors, including serving as Chairman of the IIA North American Board.

Mike regularly speaks at global conferences and has delivered keynote presentations to thousands of internal audit and risk professionals worldwide.

Schedule a call

Bring Cherry Hill Advisory
to Your Next Event

If you are planning a conference, executive workshop, or professional training program, Cherry Hill Advisory can help deliver engaging sessions that strengthen how organizations approach governance, risk, and internal audit.

Book a speaking engagement