Streamlining Control Assessments
The service provider control evaluation process has long been inefficient and costly. Each outsourcing organization produces and distributes its own proprietary questionnaire to each of its service providers. Service providers strain their resources to respond to diverse client information requests. Inconsistencies from questionnaire to questionnaire cause delays for all parties. Time and resource intensive onsite visits further burden both the outsourcer and the service provider.
Shared Assessments was created by leading financial institutions, the Big 4 accounting firms, and key service providers to inject standardization, consistency, speed, efficiency and cost savings into the vendor risk assessment process. Through membership in the Shared Assessments Member Forum and use of the Shared Assessments Tools (the Agreed Upon Procedures and the Standard Information Gathering questionnaire), Shared Assessments eliminates redundancies and creates efficiencies, giving all parties a faster, more efficient and less costly means of conducting rigorous and comprehensive risk, security, privacy and business continuity assessments.
A Global Community
Shared Assessments members are national and international organizations of all sizes that understand the importance of comprehensive standards for managing risk. They are financial institutions, healthcare organizations, energy/utility, retailers and telecommunications companies. They are service providers of all sizes, consulting companies, and assessment firms. They are the best in their class, members of a global community of risk vendor risk management experts who understand the value of implementing efficient and effective industry-standard practices.
The Santa Fe Group manages the Shared Assessments Program. Together, Shared Assessments’ diverse membership works to increase awareness and adoption of the Program Tools across industry sectors and around the globe.
Shared Assessments Tools
To promote adoption of its standards, the Shared Assessments Tools — the Standard Information Gathering Questionnaire and Agreed Upon Procedures — are reviewed annually by Shared Assessments members and updated for consistency with evolving risk, security, privacy and business continuity standards.
History of the Program
The Shared Assessments Program was originally developed by Bank of America Corporation, The Bank of New York Mellon Corporation, Citi Group, Inc, JPMorgan Chase & Company, U.S. Bankcorp, and Wells Fargo & Co., Inc. in collaboration with leading service providers and the Big 4 accounting firms.
These founding organizations saw the need for a standardized and objective vendor management assessment methodology that would help outsourcers meet regulatory and vendor risk management requirements while significantly reducing costs for all stakeholders. The Shared Assessments Program pilot was completed in 2005, and Version 1 of the Shared Assessments Program Tools was launched in February 2006.
The Santa Fe Group’s Role
The Santa Fe Group is dedicated to supporting the development of the Shared Assessments Program. They provide a trusted forum for dialogue and collaboration among all stakeholders on issues that matter to outsourcers, their service providers, assessment firms, regulators and others. Contact us for more information.