What Is A Certified Third Party Risk Assessor?

A Shared Assessments Certified Third Party Risk Assessor is a risk professional with demonstrated knowledge, expertise and proficiency within specific IT risk control domains. CTPRAs are able to effectively use their knowledge to perform a comprehensive and efficient IT risk evaluation.

In risk management, a CTPRA:

• Plans and Scopes on-site and virtual assessments for specific third party relationships
• Conducts assessments and testing of the third party’s location and control environment
• Performs discovery and evaluates compliance artifacts
• Summarizes assessments results, findings and remediation actions

CTPRA Curriculum Updates

The Certified Third Party Risk Assessor (CTPRA) program just completed its biggest curriculum update since 2020. There has never been a better time to validate your third party risk assessment knowledge and take advantage of this learning opportunity. Take a look and see what is new for the overall program curriculum in 2022:

Why Are Certified Third Party Risk Assessors Important?

Today’s Certified Third Party Risk Assessor must remain current with a high-level of technical knowledge required to properly understand various risk controls, and most importantly, how to evaluate that control in today’s environment. To that point, the risk environment ‘today’ looks very different than only two short years ago!

The global pandemic forced changes onto almost every aspect of “normal” business operations, and organizations continue to adapt and evolve to changing processes and strategies as a result of global disruptions. While virtual assessments were gaining in popularity not too long ago, they are the norm now. Seasoned third party risk assessors are adapting processes to meet a virtual environment while newer team members may not have experience with anything but a virtual assessment.

The 2022 CTPRA certification training provides candidates with the risk skills and business acumen necessary to conduct a successful assessment engagement of any type:

Risk Controls Covered In CTPRA

While the Shared Assessments CTPRP certification will explain why specific risk control are important within third party risk management, the CTPRA curriculum will take those risk controls through the viewpoint of an assessor to examine the identified risk compared against the organization’s risk tolerance in order to determine a level of acceptance.

Combining the knowledge gained through the CTPRA curriculum with hands-on experience of utilizing the Shared Assessments SIG, users will develop a greater understanding of those risk control domains and interpreting SIG questionnaire results. In response to changing guidelines and regulations, the 2022 CTPRA curriculum enhanced numerous technical control topics such as Privacy, Infrastructure, and Emerging Risks as a result of NIST 800- Rev. 5 and FFIEC Guideline updates. Additional topic areas of enhancement include:

The CTPRA curriculum solidifies the technical expertise and risk skill necessary to successfully lead assessments in today’s risk environment.

Upcoming CTPRA Classes

Participate in an upcoming certification training class:

May 6, 2022, 8:00am – 6:00pm ET (In Person)
July 13-14, 2022, 10:00am – 3:00pm ET
September 21-22, 2022, 10:00am – 3:00pm ET
November 9-10, 2022, 10:00am – 3:00pm ET

To view other certification and certificate offerings from Shared Assessments, please click here.