Select Page

About the Shared
Assessment Program

The Shared Assessments Program has been setting the standard in third party risk management since 2005, when the Big Four and six global banks collaborated to form Shared Assessments to address the inefficiencies surrounding vendor risk management.

Shared Assessments’ thought leaders develop best practices based resources, including tools that are:

  • Member-driven
  • Industry-standard
  • Consistent, robust and cost-effective

The Program helps organizations better manage third party risk, using controls for cybersecurity, IT, privacy data security and business resiliency. Program Tools are kept current with industry need, regulations and the threat environment.

Membership has grown well beyond its founders, as companies across the globe and industries have adopted the Shared Assessments standard. The Shared Assessments Program is managed by The Santa Fe Group.

Holistic Third Party Risk Approach

A Shared Assessments Membership provides guidance through the process of managing third party risk, from beginning to end. We offer thought leadership, third party risk tools and certification.

Our Program Tools are free to members and cover third party risk management using a “trust, but verify” approach:

  • Standardized Information Gathering (SIG) questionnaire for understanding vendor controls
  • Agreed Upon Procedures (AUP) for verification assessments
  • Vendor Risk Management Maturity Model (VRMMM)

Shared Assessments manages the Certified Third Party Risk Professional (CTPRP) designation, the only program to validate expertise in third party risk.