Ask me anything (AMA) →
Wondering how your AI program looks in an audit? Ask an auditor.
11th December
01:00 PM - 02:00 PM EST
• Online
This AMA is relevant for anyone responsible for AI risk and audit outcomes in a mid-market, cloud-first company, including leaders expecting AI, identity, or vendor-AI topics in upcoming SOC 2, ISO 27001, or SOX audits; teams using copilots, agents, or MCP-connected tools in production; and teams where shadow or embedded AI is outpacing controls and need to understand what auditors actually focus on.
Colin will open with what he’s seeing in recent audits—shadow AI, vendor AI buried in SaaS, non-human identities, missing AI-specific tests, and “continuous” checks that aren’t—and then we’ll spend the rest of the hour on your questions and examples.
Colin Larson
CPA, Sensiba
Colin is a CPA, licensed in Washington and California, with seven years’ experience across business operations, IT security, and risk compliance. He began his career at a Big Four firm, working on SOC 1, SOC 2, SOX, ISO, NIST, GDPR, and WebTrust engagements for technology companies. At Sensiba, he partners with the Sales, Customer Success, and Audit Delivery teams to help organizations transform day-to-day operations into controls and evidence that withstands audit scrutiny.
Swapnil Tripathi
Associate Director (Solutions Engineering), Sprinto
Swapnil is a seasoned GRC consultant specialising in ISO 27001 lead audits, PCI DSS QSA assessments, and SOC 2/GDPR compliance for SaaS, finance and healthcare clients across India, the EU, USA and Australia. With strong hands-on experience bridging policy, procedure and automation, Swapnil helps organisations build robust continuous-compliance capabilities and embedded governance by design.
You’ll receive early access to an AI-in-compliance whitepaper built from conversations with compliance and risk leaders—covering practical AI use cases, key challenges teams are facing, and a 30/60/90-day rollout plan you can adapt.
