Authorities on Risk Assurance

The Shared Assessments Blog

Voice Privacy: An Emerging Conversation

Published on March 17, 2015 By | Posted in: Newsletter, Privacy, Voice

We tend to think of conversations as ephemeral. If a conversation is sensitive, we stop typing and start talking. Our long history of telecommunication regulations has led us to believe our conversations are safe, protected, regulated. And yet some conversations that feel ephemeral aren’t. With the advent of smart phones, we have stopped simply talking […]

The Football Approach to Tackling Data Security Risks

Published on March 12, 2015 By | Posted in: Cybersecurity, Data, Privacy, Security

The legendary Green Bay Packers coach Vince Lombardi was famous for his “Gentlemen, this is a football” speech at the beginning of each season. This return to fundamentals served his team well over the years–they won five NFL championships, including two Super Bowls. Businesses need the same back-to-basics approach when managing security risks to their […]

Press Release: 10 Tips to Address Latest Third Party Security Risks: Payment Systems, Data Breaches, Cybersecurity

Published on March 5, 2015 By | Posted in: Cybersecurity, News, Payments, Press Release, Security, Third Party Risk Management

PRESS RELEASE Contact: Lisa MacKenzie, MacKenzie Marketing Group, 503-225-0725, or Kelly Stremel, 10 Tips to Address Latest Third Party Security Risks: Payment Systems, Data Breaches, Cybersecurity Experts Discuss an Ever-Changing Threat Landscape; Share Insights on Third Party Oversight and How to Manage an Effective Vendor Risk Management Program Santa Fe, N.M. — March […]

Staying Strategic with Third Party Risk

Published on March 2, 2015 By | Posted in: Third Party Risk, Third Party Risk Management

Banks have an opportunity to not only specify and assess controls, but also inspire a strategic and robust approach to risk management. Over the past year, the OCC, the FRB, and the FDIC have all released updated guidance on managing third party risk. One focus of this guidance is the identification of “critical” vendors and […]

Dear Member of the Board

Published on February 24, 2015 By | Posted in: Board's, Newsletter, Vendor Risk Managment, Vendor Security

Whether you’re a board member of a retailer like Starbucks or sitting on a large financial services board like JPMorgan Chase, I’ll bet you’re pleased at this point that you said no to SONY board membership. Though Enron is now nearly 13 years behind us, you may recall the U.S. Senate subcommittee finding that ultimately […]

Rightsizing Tiered Approaches for Risk & Compliance

Published on February 20, 2015 By | Posted in: Compliance, Risk

Last week was an active week of discussion on issues facing financial services companies. I presented at the 40th annual Roundtable for ISACA’s MN Chapter on The Next Generation of Third-Party Risk Management and attended Deluxe Exchange 2015, where an engaging keynote speech by Sheila Bair, former chair of the FDIC highlighted critical issues facing […]

Cybersecurity: The 2015 Buzzword for Banks (and Everybody Else)

Published on February 17, 2015 By | Posted in: Cybersecurity

Cybersecurity is the hot topic du jour. According to IBM’s 2014 Cyber Security Intelligence Index, there were 1.5 million monitored cyber attacks in the United States, and cites nation-state attacks, extortion, data destruction, and third party breaches among the biggest security threats for 2015. Regulators are taking notice, with recommendations and guidelines to help […]

Why Handshakes Are Not Enough — Vendor Risk Management is in the Details

Published on February 12, 2015 By | Posted in: Vendor Risk Managment, Vendor Security

The days of doing business with a handshake and a smile are long gone. However, one thing continues to remain constant—how few vendor contracts are updated, even if the scope of service changes. This can be detrimental to an organization, particularly if the vendor is handling sensitive data such as personally identifiable information (PII), protected […]

The Critical Need for Third-Party and Supply-Chain Management

Published on February 10, 2015 By | Posted in: Supply Chain, Third Party Oversight

The need for businesses to develop, implement and expand risk based strategies across their supply chains has never been more critical. Widespread environmental disasters, political turmoil, social unrest and the plethora of recent information security blunders have ever-increasing potential to cripple – even destroy – otherwise healthy businesses. This is especially true for companies that […]

Data Breach: Threats, Plan, Response

Published on February 9, 2015 By | Posted in: News

Recently, I had the opportunity to co-present with John Sileo, from at the 42nd annual seminar of the RIMS Society Minnesota chapter. John kicked off the event with a keynote titled “Data Spies, Hackers, and Online Attackers” which was a great foundation to our session on Cyber Security Fraud. While the audience was a […]

Shared Assessments Licensee Rsam
el paso electric logo
Shared Assessments Logo sei
Agio Logo
Shared Assessments Licensee BWise
Shared Assessments Logo Bank Of New York Mellon
Viewpoint Logo
Shared Assessments Program licensee Nice logo
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Licensee Lockpath
Shared Assessments Licensee ctg
Shared Assessments Licensee ControlCase
Shared Assessments Licensee Telerex
Shared Assessments Logo Ernst & Young
Shared Assessments Licensee TD Ameritrade
Shared Assessments Licensee Caanes
Aujas Information Risk Services Logo
Shared Assessments Licensee Identity Theft 911
Shared Assessments Logo radian
Shared Assessments Logo zywave
Shared Assessments Licensee RSA
Shared Assessments Licensee-Brainshark
Online Business Systems logo
Shared Assessments Licensee Bank of the West
Shared Assessments Logo Deluxe Corp
trusted integration logo
Shared Assessments Logo Deloitte
Shared Assessments Logo Lerner Sampson & Rothfuss
Shared Assessments Licensee Power Advocate
Shared Assessments Logo pwc
Shared Assessments Licensee Pivot Point Security
MetricStream logo
Shared Assessments Program licensee Enode logo
Ellie Mae Logo
Shared Assessments Logo jpmorgan
Shared Assessments Logo usbank
Shared Assessments Licensee ZS logo
Shared Assessments Licensee redtail
Early Warning Logo
Shared Assessments Licensee Pro Teck
Shared Assessments Licensee Protiviti
Shared Assessments Licensee-Copytalk
Shared Assessments Licensee BSI
Shared Assessments Logo first data
Shared Assessments Logo Iron Mountain
Shared Assessments Logo dtcc
Shared Assessments Licensee White Hat
Shared Assessments Logo yodlee
Shared Assessments Licensee LTD Financial Services
Shared Assessments Logo tsys