The Trusted Source in
Third Party Risk Assurance

  • Resources to effectively manage the critical
    components of the vendor risk management lifecycle
  • Adopted globally across a broad range of industries
    by both service providers and their customers
  • Kept current with regulations, industry standards
    and guidelines, and the current threat environment
  • Creating efficiencies and lowering costs for all participants

Membership & tools

Join our global community of risk management professionals and access our Tools and resources
Learn more about becoming a member of the Shared Assessments Program
Learn More »

Become a member of the Shared Assessments Program

"The Shared Assessments Program’s rigorous standards are equal to or better than all other standards. We are very satisfied with the acceptance by our clients."
— Timothy J. O’Brien, Senior Vice President, Yodlee
  • Participate in a global community of information security, privacy, and third party risk management leaders
  • Gain access to members-only resource
  • Collaborate with industry peers on challenging issues in information and data security, privacy and business continuity
  • Gain opportunities for brand visibility & collaboration
  • Network with information security officers, privacy officers, and other subject matter experts

Just the tools

Purchase icon
Purchase our ready-to-use Tools to develop and manage your third party vendor assurance program.
Learn more about purchasing the world’s most comprehensive third party risk management tools
Learn More »

The world’s most comprehensive third party risk management tools

"Implemented correctly, the Shared Assessments Program serves two critical purposes: satisfying requisite regulatory requirements, and, honoring one's fiduciary responsibility to maximize the overall cost efficiency of their third-party vendor risk management program."
— Ken Peterson, President and CEO, Churchill & Harriman, Inc., Shared Assessments Program Advisory Board Member
  • Obtain efficiencies and cost savings by using just one document to establish and define your risk control environment
  • Reduce FTE costs by using one document to satisfy multiple client requests, rather than responding to multiple proprietary questionnaires
  • Used globally by financial institutions, healthcare organizations, energy/utility, retailers, telecommunications and others
  • Kept current with regulatory and industry standards
"The Tools and relationships we've gained from Shared Assessments offer real value to CVS Caremark, ensuring rigor in our evaluations of vendors that touch private data."
— Tom Garrubba, Senior Manager, Technical Assessments Group, CVS Caremark, Shared Assessments Steering Committee Member

There’s Plenty of Support for Smaller Banks to Address Third Party Risk

Published on April 18, 2014 By | Posted in: Risk Assessment, Third Party Risk

The need for community banks to be particularly attentive to third party risks was underscored yesterday in a speech by the Controller of the Currency’s

Heartbleed Bug Sparking Concern But Have Patience

Published on April 11, 2014 By | Posted in: Risk Management, Security

A newly discovered bug found in widely used web encryption technology was uncovered by researchers, prompting an announcement from Homeland Security and other regulatory agencies

FFIEC Issues OpenSSL “Heartbleed” Vulnerability Alert

Published on April 11, 2014 By | Posted in: News, Security

The Federal Financial Institutions Examination Council (FFIEC) has issued an advisory to its member institutions advising a material security vulnerability in the OpenSSL cryptographic library

Hear Us Speak!

HIPAA Omnibus Online Panel Discussion hosted by Prevalent Networks


SVP and Program Director, Brad Keller, and Shared Assessments Vice Chair Jonathan Dambrot participated in an online expert panel on HIPAA Omnibus and BA Risk Management.

Watch Now »

Expert Panel Discussion Hosted by Prevalent Networks and Symantec


Senior Vice President and Program Director, Brad Keller, recently participated on a Third Party Risk & Cybersecurity Expert Panel Discussion hosted by Prevalent Networks and Symantec.

Watch Now »


2014 Shared Assessments Program Tools Released

New 2014 Shared Assessment Program Tools Deliver Comprehensive Assessment of
IT, Privacy and Data Security Controls to Manage Threats

Read Press Release »

2014 Shared Assessments Summit!

Mark your calendar for the 2014 Shared Assessments Summit - Royal Sonesta Hotel - Boston

  • May 19: Pre-Conference Workshop(s)
  • May 20: Shared Assessments Summit (full day)
  • May 21: Shared Assessments Summit (morning)
Social Media Hashtag for event: #SASummit2014

Members receive an additional 20% discount

Get your discount code

Contact Kelly Wagner at for the discount code.

Learn More and Register »

Sponsorship opportunities are available for the 2014 Shared Assessments Summit

Learn More »

Newsletter Archive

In-House One Day Workshops

Shared Assessments Program Fundamentals: Navigating the SIG and AUP

Learn how to deploy the Shared Assessments Program Standardized Information Gathering (SIG) questionnaire and the SIG Management Tool (SMT) as a vendor risk assessment and a self-assessment tool.

Learn how to make the most of the Shared Assessments Program Agreed Upon Procedures (AUP) onsite assessment tool and AUP Report Template.

For more information, send an email to

About One Day Workshops (PDF) »

Shared Assessments Licensee LTD Financial Services
Shared Assessments Licensee Prevalent Networks
Shared Assessments Logo jpmorgan
Shared Assessments Licensee Pro Teck
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Logo Deluxe Corp
Ellie Mae Logo
Shared Assessments Licensee Pivot Point Security
Shared Assessments Logo sei
Shared Assessments Logo tsys
Shared Assessments Licensee redtail
Shared Assessments Licensee ZS logo
Shared Assessments Program licensee Enode logo
Shared Assessments Licensee ControlCase
Viewpoint Logo
Online Business Systems logo
Shared Assessments Logo Iron Mountain
Shared Assessments Licensee RSA
Shared Assessments Licensee Bank of the West
Shared Assessments Licensee Modulo
Continuity Logic Logo
Shared Assessments Logo Electric Company
Shared Assessments Licensee-Brainshark
Early Warning Logo
Shared Assessments Logo usbank
Shared Assessments Licensee Rsam
Shared Assessments Licensee BWise
Shared Assessments Program licensee Nice logo
Shared Assessments Licensee-Copytalk
Shared Assessments Licensee ctg
Shared Assessments Licensee Telerex
Shared Assessments Logo Lerner Sampson & Rothfuss
Shared Assessments Licensee Protiviti
Shared Assessments Logo dtcc
Shared Assessments Licensee Lockpath
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Logo Deloitte
Shared Assessments Logo cvs
Shared Assessments Logo yodlee
Shared Assessments Logo zywave
Shared Assessments Logo Goldman Sachs
Shared Assessments Logo Ernst & Young
Shared Assessments Logo pwc
Shared Assessments Licensee TD Ameritrade
Shared Assessments Program licensee Indecomm logo
Shared Assessments Licensee Caanes
Shared Assessments Logo Drive Savers
MetricStream logo
Shared Assessments Logo jb&r
Shared Assessments Licensee BSI
Shared Assessments Logo radian
Shared Assessments Licensee AON
Shared Assessments Licensee Power Advocate
Shared Assessments Logo first data
Shared Assessments Licensee Identity Theft 911
Shared Assessments Licensee CIT
Shared Assessments Logo ez shield
Shared Assessments Logo kpmg
Shared Assessments Licensee White Hat