Authorities on Risk Assurance

The Shared Assessments Blog

How Shared Assessments Approached the Need to Assess the Security of Third Party Provided Software

Published on July 24, 2014 By | Posted in: Newsletter, Security, Software Security

During discussions in 2013 to determine the next risk areas that should be addressed by the Shared Assessments Program Tools, the focus rapidly turned to software security. As we polled our members we found that many of them were concerned with the security of the software being provided by their vendors, and more importantly what […]

Structure Governance & Oversight Programs

Published on July 18, 2014 By | Posted in: Governance, Oversight

Part II in a IV part series As I outlined in part one in this four part blog series entitled, Regulators Expectations for Third Party Risk Management, organizations need to deploy a risk-based approach when developing their third party oversight program. Today, I want to explore concepts for how organizations can structure governance & oversight […]

Risk-based Approach to Third Party Risk Management

Published on July 10, 2014 By | Posted in: News, Risk Management, Third Party Risk

Part I in a series In less than eighteen months, there has been more industry guidance and updated regulations regarding third party risk than at any other juncture in the evolution of governance within the financial services industry. Media attention from retailer breaches and enforcement actions by industry regulators has put the oversight of third […]

Payment Token Implementation Do’s and Don’ts

Published on July 1, 2014 By | Posted in: Payments, Tokens

With an estimated 70% of US credit cards likely to be EMV chip ready by the end of next year1 , the race to protect against sharply increased levels of card-not-present fraud has begun in earnest. As we’ve discussed in the past, one of the most important tools to help mitigate card-not-present fraud will be […]

Deciphering the 3TG in Dodd Frank & Understanding Supply Chain Compliance

Published on June 18, 2014 By | Posted in: Dodd-Frank, Supply Chain, Third Party Risk Management

Part II of a Two Part Series The Dodd-Frank Act put Consumer Protection into the headlines with the creation of the Consumer Financial Protection Bureau (CFPB), triggering a large restructuring of consumer financial laws and regulations. However, not all parts of Dodd Frank deal with the marketing practices of financial services companies. Dodd-Frank is the […]

Finding the 3TG in Dodd-Frank

Published on June 12, 2014 By | Posted in: Dodd-Frank

Part I in a Two Part Series The Dodd-Frank Act put Consumer Protection into the headlines with the creation of the Consumer Financial Protection Bureau (CFPB), triggering a large restructuring of consumer financial laws and regulations. However, not all parts of Dodd Frank deal with the marketing practices of financial services companies. Dodd-Frank is the […]

VRMMM & CTPRP…Say What???

Published on June 3, 2014 By | Posted in: Program Tools, Third Party Risk Management

No, I haven’t let my 3 year old take the keyboard to type words and make buzzing sounds like a racecar. The VRMMM and CTPRP are acronyms for the Vendor Risk Management Maturity Model (VRMMM) and Certified Third Party Risk Professional (CTPRP). These topics were quite the buzz at the 2014 Shared Assessments Summit held […]

Breach Response 101: Educate Your C-Suite & Board of Directors

Published on June 2, 2014 By | Posted in: Board's, Data Breach

Between the Q1 market response to retailer breaches and the Heartbleed Bug Vulnerability, organizations of all sizes are assessing and reviewing their internal and external incident management policies, standards and procedures. The pace at which incidents can go viral requires communication to be coordinated at all levels within an organization. A challenge for many companies […]

A Look at the Maturity of Vendor Risk Management

Published on May 29, 2014 By | Posted in: News

Key Findings from the Shared Assessments and Protiviti, Benchmarking Study by Brad Keller, SVP and Program Director,The Santa Fe Group/Shared Assessments & Rocco Grillo, Managing Director, Protiviti As the volume of outsourced products and services has surged in recent years, so, too, have the risks associated with vendors and third party providers. This is occurring […]

A Critical Need in Any Business: Addressing the Supply Chain

Published on May 28, 2014 By | Posted in: Supply Chain

With the release of ISO 27001:2013, users will be inundated with a multitude of new information, requirements, and terms related to the standard. One critical subject area likely not addressed much in any communication is supply chain management. Supply chain management is a very critical aspect of a good Information Security Management System (ISMS). Far […]

Shared Assessments Logo usbank
PCV-logo-web
fis-logo-web
Shared Assessments Licensee Pivot Point Security
Shared Assessments Logo jpmorgan
NationalStudentClearinghouse
Shared Assessments Licensee Protiviti
Online Business Systems logo
brinqa-logo-web
Shared Assessments Logo Bank Of New York Mellon
ez-shield-logo-web-2
Shared Assessments Logo Lerner Sampson & Rothfuss
Shared Assessments Logo yodlee
Shared Assessments Logo first data
Early Warning Logo
Shared Assessments Program licensee Nice logo
Shared Assessments Licensee Pro Teck
advance-america-logo-web-2
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Licensee-Brainshark
Shared Assessments Licensee ControlCase
Genpact-logo-web
prevalent-logo-web-2
evault-logo-web-2
Shared Assessments Logo radian
Shared Assessments Licensee BSI
Shared Assessments Licensee redtail
Aujas Information Risk Services Logo
booz-allen-logo-web
Ellie Mae Logo
trusted integration logo
Shared Assessments Logo Deloitte
Viewpoint Logo
Shared Assessments Licensee BWise
continuity-logic-logo-web-2
Shared Assessments Licensee ctg
Shared Assessments Logo dtcc
veracode-logo-web
Agio Logo
Shared Assessments Licensee Power Advocate
Shared Assessments Logo Iron Mountain
Shared Assessments Licensee Lockpath
Shared Assessments Licensee Caanes
Shared Assessments Logo Ernst & Young
MetricStream logo
Shared Assessments Licensee Rsam
Shared Assessments Logo tsys
intralinks-logo
kpmg-logo-web-2
Shared Assessments Licensee Identity Theft 911
CRIF Logo
Shared Assessments Licensee Bank of the West
sti-logo-web
Shared Assessments Logo sei
Shared Assessments Logo Deluxe Corp
Shared Assessments Licensee-Copytalk
Shared Assessments Licensee Telerex
Shared Assessments Licensee TD Ameritrade
Shared Assessments Licensee White Hat
Shared Assessments Program licensee Enode logo
Shared Assessments Licensee LTD Financial Services
Shared Assessments Logo cvs
Shared Assessments Licensee RSA
Shared Assessments Licensee AON
ProcessUnitybanner
el paso electric logo
Shared Assessments Licensee ZS logo
Shared Assessments Logo zywave
Shared Assessments Logo pwc