Certified Third Party Risk Professional (CTPRP)
Doing business in an outsourced economy requires special strategies, processes and practices when evaluating and managing vendor risk and overseeing the security of sensitive data once it’s in the hands of third parties. Risk management professionals with the specialized skills and training required to manage third party risk have a significant advantage in the workplace. The Certified Third Party Risk Professional (CTPRP) designation from the Shared Assessments Program validates that expertise, providing professional credibility, recognition and marketability. The CTPRP certification coupled with membership in Shared Assessments Program provides networking opportunities and access to risk management expertise and resources.
CTPRP holders will demonstrate a thorough working knowledge of third party risk management concepts and principles, including:
- Managing the vendor lifecycle.
- Vendor risk identification and rating.
- Knowledge of the fundamentals of vendor risk assessment, monitoring and management.
Certification Earning Requirements
- Attend the Shared Assessments Program CTPRP Workshop
- Successfully pass the Shared Assessments CTPRP Examination
- Hold a minimum of five years experience as a risk management professional, in a position(s) that demonstrates proficiency in assessment, management and remediation of third party risk issues.
A maximum of two years’ work experience may be waived as follows:
- One year waiver: The applicant holds a bachelor’s or master’s in information security or information technology from an accredited university.
- One year waiver: The applicant holds an IT, IS or privacy certification (i.e., CISA, CISSP, CIPP, CIPM, etc.).
Individuals who attend and pass the CTPRP Workshop and Examination, but do not yet hold the minimum of five (5) years of risk management professional experience required for the CTPRP designation, will earn the Associate CTPRP designation.
Read the Associate CTPRP Eligibility Policy
The CTPRP certification is valid for three years. The certification may be maintained for additional periods of time by meeting the additional requirements outlined below. CTPRP holders may use the CTPRP initials after their name in business correspondence.
Who Will Benefit by Earning CTPRP?
Third party risk, procurement and compliance professionals, including business vendor managers, risk managers (vendor or operational), vendor IT security managers, IT auditors/assessors and IS auditors/professionals.
Read the article, Shared Assessments’ New Cert: Why Enterprise Risk Management Matters
Retaining Your Certification
CTPRP holders may retain certification by fulfilling the following requirements:
- Attain and report an annual minimum of 20 CPE hours. CPE credit hours may be earned through Shared Assessments Program Activities or through external industry events appropriate to vendor risk management subject matter. CTPRP holders may be required to participate in an audit of CPE credits.
- Keep current with maintenance fees and renewals. The annual maintenance fee is $100.00. CTPRP holders will be provided a renewal notification 90 days in advance of the due dates.
- Abide by the Shared Assessments Code of Ethics. The Shared Assessments Program has established a Code of Professional Ethics to guide the conduct of its certification holders. The goal of the code of ethics is to clarify every certified risk professional’s responsibility to support the risk management profession by conducting themselves in a professional and ethical manner.
Eligibility for Shared Assessments Program Membership
Risk management professionals in any industry may enjoy the benefits as a CTPRP holder. Once certification has been earned, certificate holders who are not currently members through their employers may join the Shared Assessments Program as an individual member (a company may have up to three participants only at the individual level). For more information on benefits of holding an individual membership, contact email@example.com.
Shared Assessments members are national and international organizations of all sizes that understand the importance of comprehensive standards for managing third party risk. They include financial institutions, healthcare organizations, energy/utilities, retailers and telecommunications companies. They are service providers of all sizes, consulting companies and assessment firms.
|TBD||Check back periodically for 2017 class updates|
Certification Program Pricing
|Workshop & Exam||$795||$995|
|Annual Maintenance Fee||$100||$100|
|Multiple registrant corporate discounts||Discount Amount|
To learn more about the Shared Assessments Certified Third Party Risk Professional (CTPRP) program contact us at firstname.lastname@example.org.
In the event that you need to cancel your event registration, you must do so in writing within seven (7) business days of your confirmation notification from the Santa Fe Group, up to 10 days prior to the event. No refunds will be granted after that time. Individuals that register for the CTPRP Workshop and Exam less than 7 days in advance of the event will be provided materials onsite and not in advance of the event.