Authorities on Risk Assurance

The Shared Assessments Blog

Shared Assessments in 2014: A Good Year with So Much Ahead

Published on December 18, 2014 By | Posted in: News

It has been an exciting time to participate in the Shared Assessments Program. Looking back at 2014, it has been a good, active year, with the rollout of our Certified Third Party Risk Professional (CTPRP) certification, our kick-off of the annual Vendor Risk Management Benchmark Study, the successful facilitation of financial services collaborative onsite assessments, […]

Top 5 Things Your Board and CEO Should Know About Third-Party Risk Management

Published on December 15, 2014 By | Posted in: Board's, Third Party Risk

As an executive manager or member of your company’s board of directors, third-party risk management should be top of mind. Here are five things you need to know: 1. Contracts are no longer enough to protect the business. Contracts are incredibly important, however, they do not provide the visibility you need to reduce the risks […]

Heightened Expectations Raise the Bar for All

Published on December 12, 2014 By | Posted in: Compliance, Cybersecurity, Guidance, OCC, Regulatory Compliance, Risk, Risk Management

The Office of the Comptroller of the Currency (OCC) published final guidelines that establish minimum standards for risk governance frameworks for OCC regulated institutions with over $50 billion in assets. While that asset threshold would seem to specifically exclude most community banks, the OCC has reserved the right to apply the guidelines to other organizations […]

When it Comes to Third Parties, Don’t Forget About Your Non-PII Data

Published on December 8, 2014 By | Posted in: PII, Third Party Risk, Third Party Risk Management

Many moons ago when I was in internal audit a friend of mine who was an application manager within the same company brought me an interesting request; he wanted me to audit his application. I was a bit befuddled, and when I asked “why” he informed me that his application contained the formulations of all […]

Visual Hacking: Who’s Looking Over Your Shoulder?

Published on November 24, 2014 By | Posted in: Cybersecurity, Data Breach, Hacking, Privacy, Visual Hacking

I recently attended the Ponemon Institute’s Responsible Information Management (RIM) Renaissance Privacy Event. While headlines and discussion continue to focus on cybersecurity; privacy professionals also had good conversations about the basics of visual privacy. Protecting confidential information is a basic privacy principle – and it is easy to overlook the reminders with our mobile and […]

Third Party Risk Certification Critical to Managing Vendor Threats

Published on November 20, 2014 By | Posted in: Certified Third Party Risk Professional (CTPRP) program, News, Newsletter, Third Party Risk

Goodwill Industries recently fell on bad times when a vendor’s system was attacked by malware, giving criminals access to payment card information—names, payment cards, and expiration dates1. This appears to be a sign of the times. Over the past year or so, several major retailers have experienced a breach in which a third party played […]

No Playing Hide and Seek With Cyber Security

Published on November 17, 2014 By | Posted in: Cyber Risk, Cybersecurity, Risk, Risk Management

The FFIEC recently released its Cyber Security Assessment observations, after conducting a pilot on cyber security readiness with more than 500 community institutions. A key theme emerging from the observations was the need for enhanced sharing of threat and vulnerability information across the public and private sectors. The rapid pace of change in emerging risks […]

PRESS RELEASE: Certification Program Developed Specifically for Risk Professionals

Published on November 12, 2014 By | Posted in: Certified Third Party Risk Professional (CTPRP) program, Press Release, Third Party Risk

PRESS RELEASE: Contact: Lisa MacKenzie, MacKenzie Marketing Group, 503-705-3508, or Kelly Stremel, Certification Program Developed Specifically for Risk Professionals The Certified Third Party Risk Professional (CTPRP) Designation Validates Third Party Risk Management Expertise Santa Fe, NM — November 12, 2014 — Recent high-profile data breaches have spotlighted third party risk, resulting in increased […]

FFIEC to Update Cybersecurity Guidance

Published on November 4, 2014 By | Posted in: Cybersecurity, Guidance

The FFIEC issued its general findings from an assessment of over 500 community based financial institutions this summer. In its November 3rd press release, the FFIEC discussed the growing need for tighter cybersecurity measures and indicated that it was already in the process of reviewing and updating the existing guidelines for managing cybersecurity risk. The […]

Apple Pay is Live and Has (Just) A Few Hiccups

Published on October 30, 2014 By | Posted in: Apple Pay, Payments

Apple Pay hit the streets with the release of IOS 8.1 the week of October 20th and at least at the physical point of sale, the mechanics largely seem to be working as planned. With the exception of about 1000 Bank of America customers who experienced quickly corrected duplicate charges, there have been few reported […]

Shared Assessments Logo sei
Viewpoint Logo
Ellie Mae Logo
Shared Assessments Licensee ctg
Shared Assessments Logo Ernst & Young
Aujas Information Risk Services Logo
Shared Assessments Logo Deloitte
Shared Assessments Program licensee Enode logo
Shared Assessments Licensee Telerex
Shared Assessments Licensee redtail
Shared Assessments Logo first data
Shared Assessments Licensee Caanes
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Licensee Protiviti
Shared Assessments Logo dtcc
Shared Assessments Licensee-Brainshark
Shared Assessments Logo radian
el paso electric logo
Shared Assessments Licensee Power Advocate
Shared Assessments Licensee Pivot Point Security
Shared Assessments Licensee Bank of the West
Shared Assessments Logo yodlee
Shared Assessments Licensee ControlCase
Shared Assessments Logo Lerner Sampson & Rothfuss
Shared Assessments Licensee TD Ameritrade
Shared Assessments Logo Deluxe Corp
Shared Assessments Licensee BWise
Shared Assessments Licensee-Copytalk
Shared Assessments Logo pwc
Shared Assessments Logo Iron Mountain
Shared Assessments Licensee LTD Financial Services
Shared Assessments Licensee Pro Teck
Shared Assessments Licensee AON
trusted integration logo
Shared Assessments Licensee RSA
Early Warning Logo
Shared Assessments Program licensee Nice logo
Shared Assessments Logo zywave
Shared Assessments Logo jpmorgan
Online Business Systems logo
Shared Assessments Logo usbank
Shared Assessments Licensee White Hat
Shared Assessments Licensee Rsam
MetricStream logo
Agio Logo
Shared Assessments Licensee Lockpath
Shared Assessments Licensee Identity Theft 911
Shared Assessments Licensee BSI
Shared Assessments Licensee ZS logo
Shared Assessments Logo tsys
Shared Assessments Program licensee Churchill & Harriman logo