The Trusted Source in
Third Party Risk Assurance

  • Creating efficiencies and cost savings to effectively
    manage the vendor risk management lifecycle
  • Tools follow "a trust, but verify" standardized approach,
    adopted globally across a broad range of industries
  • Kept current with regulations, industry standards
    and guidelines, and the current threat environment
  • Education, resources and tools for outsourcers,
    service providers, assessment firms and solution providers

Membership & Tools

Join our global community of risk management professionals and access our Tools and resources
Learn more about becoming a member of the Shared Assessments Program
Learn More »

Become a member of the Shared Assessments Program

"Adopting the Shared Assessments Program enabled Deluxe to reduce cycle time, improve quality, & streamline the due diligence process. At Deluxe, two-thirds of our due diligence requests use Shared Assessment tool."
— Linnea Solem, CIPP, CIPP/C, Chief Privacy Officer, Vice President Risk and Compliance, Deluxe Corp, Shared Assessments Program Chair
  • Participate in a global community of information security, privacy, and third party risk management leaders
  • Gain access to members-only resources and the Shared Assessments Program Tools, including the SIG and AUP
  • Develop and demonstrate knowledge with industry peers on challenging issues in information and data security, privacy and business continuity
  • Gain opportunities to build, shape and refine vendor risk management tools and best practices
  • Network with information security officers, privacy officers, and other subject matter experts

Just the Tools

Purchase icon
Purchase our ready-to-use Tools to develop and manage your third party vendor assurance program.
Learn more about purchasing the world’s most comprehensive third party risk management tools
Learn More »

The world’s most comprehensive third party risk management tools

Shared Assessments Portrait Niall Browne
"Shared Assessments Program tools allow enterprise organizations to evaluate and measure the level of IT risk across their vendors in an quantifiable, objective and repeatable process."
— Niall Browne, CSO and VP of Security, Workday
  • Obtain efficiencies and cost savings by using just one document to establish and define your risk control environment
  • Reduce FTE costs by using one document to satisfy multiple client requests, rather than responding to multiple proprietary questionnaires
  • Used globally by financial institutions, healthcare organizations, energy/utility, retailers, telecommunications and others
  • Shared Assessments Program Tools kept current with regulatory and industry standards
"Early Warning adheres to a security program ensures we protect all of our customers’ data, including Personally Identifiable Information (PII). Through active participation and membership in the Shared Assessments program, we leverage the Program’s tools and resources to make our customer audits as efficient as possible."
— Glen Sgambati, CISM, CIPP, CRISC, CTP
Chief Risk and Security Officer
Early Warning

Happy Data Privacy Day!

Published on January 28, 2016 By | Posted in: Data, Data Privacy Day

Today is Data Privacy Day. With a theme of Respecting Privacy, Safeguarding Data, and Enabling Trust, the day celebrates the first international treaty dealing with

New FFIEC Examination Handbook is Required Reading

Published on January 28, 2016 By | Posted in: Newsletter, FFIEC, Examination Handbook

Hot on the heels of the June 2015 Cybersecurity Assessment Tool, the Federal Financial Institutions Examination Council (FFIEC) has issued a revised Examination Handbook Management

Be #PrivacyAware on Data Privacy Day!

Published on January 27, 2016 By | Posted in: Data, Data Privacy Day

January 28th, is international Data Privacy Day. With a theme of Respecting Privacy, Safeguarding Data, and Enabling Trust, each year hundreds of organizations come together

Newly Released 2016 Program Tools

Our 2016 Shared Assessment Program Tools deliver comprehensive assessment of IT, privacy and data security controls to manage threats.

Learn which Program Tool is right for you »

Incident Response Briefing Paper

IRBP ImageThe Shared Assessments Program is pleased to announce our briefing paper, Building Best Practices for Effective Monitoring of a Third Party’s Incident Event Management Program.

To help organizations be better prepared against increasingly inevitable incidents, the Shared Assessments Program SIG Committee has released Building Best Practices for Effective Monitoring of a Third Party’s Incident Event Management Program. The paper outlines a newly developed best practices model of incident event management program creation.

Learn more and access the paper. »

2015 Shared Assessments Benchmark Study

Cover-2015-Benchmark-Study The 2015 Vendor Risk Management Benchmark Study by Shared Assessments in collaboration with global consulting firm Protiviti examines the maturity of vendor risk management.

Learn More and Access the Report »

Collaborative Onsite Assessments Case Study

COA CoverThe Shared Assessments Program is pleased to present a case study based on our first in a series of pilots for our Collaborative Onsite Assessment program.

The goal of this pilot program is to create the opportunity for multiple industry outsourcers to perform a collaborative onsite assessment of a single service provider, performed by an independent assessment firm, leveraging the Shared Assessments Agreed Upon Procedures (AUP), the standardized testing procedures of the Shared Assessments Program, as a common onsite assessment vehicle. The case study outlines the methodology used and the results of this first pilot.

Access the Report »

Law Firm Briefing Paper

The Shared Assessments LFBP Image Program is pleased to a briefing paper based on the significance of information security and privacy controls on law firms as third party service providers and collaborative opportunities for resolution.

This paper focuses on the issues law firms are facing as they adapt to providing a secure IT environment that meets increasingly stringent third party risk assessment requirements; and solution-building efforts to establish robust industry-wide program recommendations regarding management of IT security, data, resiliency, and privacy risk.

As the trusted source in third party risk management, the Shared Assessments membership works collaboratively to develop improvements to third party risk processes and methodologies and create efficiencies.

Access the Paper »

Registration Now Open: 2016 Shared Assessments Summit

Early Bird Discounts Available
Use code EARLYBIRD10 (all caps) now through January 31.
2016 Shared Assessments Summit
May 16-20, 2016

Renaissance Baltimore Harborplace
Baltimore, MD

May 16:
SIG & AUP Beginner Pre-Conference Workshop(s)
May 17:
Pre-Conference Workshop(s)
May 18:
Shared Assessments Summit (full day session)
May 19
Shared Assessments Summit (full day session)
May 20
CTPRP Certification Workshop & Exam

Early Bird discounts available. Click here to learn more and register.

Click here to go directly to the registration page.

Shared Assessments Licensee TD Ameritrade
Shared Assessments Licensee Lockpath
Shared Assessments Licensee Telerex
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Licensee Pivot Point Security
Shared Assessments Licensee Rsam
MetricStream logo
Shared Assessments Logo yodlee
Viewpoint Logo
el paso electric logo
Shared Assessments Licensee White Hat
Shared Assessments Logo Ernst & Young
Shared Assessments Licensee Power Advocate
Shared Assessments Logo Lerner Sampson & Rothfuss
Shared Assessments Logo pwc
Shared Assessments Logo tsys
Alsbridge Logo-Tag 176x84bw
Shared Assessments Licensee Protiviti
Shared Assessments Licensee-Copytalk
Early Warning Logo
Shared Assessments Logo usbank
Shared Assessments Licensee Pro Teck
Shared Assessments Logo sei
BSI Logo CMYK png bwRS
Online Business Systems logo
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Licensee ctg
Shared Assessments Logo jpmorgan
Shared Assessments Logo first data
Shared Assessments Licensee ControlCase
Shared Assessments Program licensee Nice logo
Shared Assessments Licensee Caanes
Ellie Mae Logo
Shared Assessments Licensee LTD Financial Services
Shared Assessments Logo radian
Shared Assessments Licensee ZS logo
Shared Assessments Logo Deloitte
Shared Assessments Logo Deluxe Corp
Shared Assessments Licensee Bank of the West
Aujas Information Risk Services Logo
Shared Assessments Logo Iron Mountain
Shared Assessments Licensee Identity Theft 911
Shared Assessments Logo dtcc