Recorded live at Risk-!n Conference 2026, this episode of Risk Is Our Business begins with a warning from Adrian Clements. Before agreeing to come aboard, he made it clear that he intended to "shake the tree." Captain Michael Rasmussen's response was simple: engage.

What follows is a conversation that challenges some of the profession's most deeply held assumptions. Adrian argues that many organizations are still navigating with outdated star charts, relying on inherited frameworks and conventional wisdom that no longer match the realities of today's environment. Rather than tweaking existing approaches, he makes the case for stepping back, questioning first principles, and rebuilding from the ground up.

They explore what that looks like in practice. How do organizations break free from legacy thinking? How do leaders create the conditions for better decision-making? And what practical steps can be taken to transform risk from a compliance exercise into a driver of performance and value creation?

The discussion also examines the role of technology. Not as the destination, but as an enabler that helps organizations operationalize better thinking, improve visibility, and support more intelligent decisions.

Along the way, Adrian and Michael reflect on their key takeaways from Risk-!n Conference 2026, discussing the ideas and trends that suggest the profession may be entering a new phase of evolution.

Recorded live at the Risk-!n Conference 2026, this episode of Risk Is Our Business features Hermann Suter, Head of Group Enterprise Risk Management at Barry Callebaut Group, in a conversation on how risk management must evolve in an environment where the speed of change is accelerating faster than many organizations can absorb.

Hermann and Captain Michael Rasmussen begin with a deceptively simple question. If organizations claim to have an enterprise-wide view of risk, shouldn’t they also have an enterprise-wide view of controls? From there, the discussion turns to what actually keeps risk leaders awake at night. Not just specific threats, but the sheer pace and velocity of risk itself.

They unpack what bad risk and control management looks like. In contrast, they argue that effective risk management starts with understanding that every meaningful decision already contains a form of risk analysis, whether organizations recognize it or not.

The conversation also explores how to align risk with business culture rather than impose it from the outside, how Swiss and broader European perspectives influence approaches to governance and controls, and where technology is genuinely helping modern ERM programs.

They close by discussing what excited them most at the conference itself, including the growing focus on interconnected risk, operational resilience, and the future direction of enterprise risk management.

In this episode of Risk Is Our Business, Captain Michael Rasmussen welcomes Darren Smith for a deep dive into third-party risk management in the age of the extended enterprise.

The conversation explores how modern organizations now operate through vast and increasingly interconnected networks of suppliers, partners, outsourcers, and service providers, creating a web of dependencies that stretches far beyond traditional organizational boundaries. Darren explains why TPRM can no longer sit within a single function, and how procurement, security, compliance, legal, operations, sustainability, and business leadership all play critical roles in managing third-party exposure.

They also unpack what separates bad TPRM (fragmented, compliance-driven, reactive) from good TPRM that is integrated, collaborative, and aligned with business objectives. They also examine how organizations define “critical suppliers,” why that definition is often more complex than it appears, and how businesses can better coordinate across departments to create a unified view of third-party risk.

The discussion then turns to technology and AI. Darren shares his perspective on where current TPRM tooling adds value, where maturity is still lacking, and how organizations can move beyond treating TPRM as a checkbox exercise toward something more strategic and forward-looking.

This episode is about managing risk in a world where the enterprise no longer ends at the company boundary and where resilience depends on understanding the entire ecosystem connected to the ship.