Authorities on Risk Assurance

The Shared Assessments Blog

Posts By: Marya Roddis

Ransomware – Is it Possible to Avoid Being a Target?

Published on May 22, 2017 By | Posted in: Cyber Attacks, News, Ransomware, Third Party Risk Management

This most recent and extraordinary ransomware attack shows the extent to which thieves will go and the impacts this can have on a global scale. While certain types of organizations have become favored targets for hackers, this particular event underscored the fact that everyone is at risk. In the now infamous WannaCry attack, organizations, agencies […]

Setting a New Benchmark – New York State Cybersecurity Requirements

Published on April 17, 2017 By | Posted in: Best Practices, Business Resiliency, Compliance, Education, Framework, Newsletter, Outsourcing, Risk Management, Third Party Risk Management, Vendor Risk Managment

For financial services companies that fall under the New York State Department of Financial Services (DFS) cybersecurity requirements rule, the timeline for implementing 23 NYCRR500 has begun. The new rule became effective March 1st. Each section of the rule has a timeline relating to the development of cybersecurity programs for all “Covered Entities.” The regulation […]

Employing Lines of Defense – Risk Management That’s Not Just for Banks

Published on February 23, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Framework, Newsletter, Outsourcing, Risk, Risk Management, Third Party Risk Management, Vendor Risk Managment

Key Best Practices Messages Robust risk governance principles are espoused in guidelines worldwide for Enterprise Risk Management (ERM) from organizations that vary from oversight agencies to industry support groups. Just for example, the International Association of Privacy Professionals (IAPP), Financial Stability Board (FSB), Committee of Sponsoring Organizations of the Treadway Commission (COSO), the Basel Committee […]

Building Your TPRM Program

Published on January 25, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Outsourcing, Risk Management, Third Party Risk Management, Vendor Risk Managment

PwC’s report highlighting monitoring of vendor networks by means of supply chain risk analytics focuses on the fact that the volume and transactions of outsourcing amplify risk. “The increasing severity of consequences for regulatory violations by vendors in complex global supply chains is matched only by the corresponding damage to reputation when vendor network violations […]

Smart Cities Incorporate Solid Third Party Risk Assurance

Published on January 3, 2017 By | Posted in: Government, News, State and Local, Third Party Risk Management

Local government liability exposure is far-flung and both large and small municipalities are vulnerable. As the landscape of risk has evolved, not only facilities and service delivery risk management come into play. Now in-house and third party management is essential for risk areas that include cybersecurity, IT, privacy, data security and business resiliency controls. The […]

Press Release: 2016 Shared Assessments-Protiviti Benchmark Study

Published on December 20, 2016 By | Posted in: Benchmark Study, Blog, Press Release, Third Party Risk, Third Party Risk Management, Vendor Risk, Vendor Risk Managment, Vendor Security

MEDIA CONTACT: Marya Roddis, Vice President of Communications O: 505-466-6434 C: 575-235-8228 marya@santa-fe-group.com 2016 Shared Assessments-Protiviti Benchmark Study Demonstrating the Increased Maturity of Third Party Risk Management Programs Santa Fe, NM – December 20, 2016 – The member-driven Shared Assessments Program and Protiviti, Inc., a Shared Assessments member organization, are pleased to announce the release […]

Strengthening Third Party Risk Management with Agnostic Program Tools

Published on December 14, 2016 By | Posted in: Agreed Upon Procedures (AUP), Blog, Newsletter, Press Release, Program Tools, Risk Assessment, Risk Management, Shared Assessments, Standardized Information Gathering (SIG), Third Party Risk, Third Party Risk Management, Tone at the Top, Vendor Risk, Vendor Risk Management Maturity Model (VRMMM), Vendor Risk Managment, Vendor Security

Third party mishaps resulting in breaches and other newsworthy events continue to drive home the need for improved risk management program capabilities in all verticals. From planning for engagement, through due diligence and vendor selection, contract negotiations, ongoing and continuous monitoring and through termination, the Program Tools helps organizations effectively manage the critical components of […]

Updated for 2017: Tools Specifically Designed to Manage Third Party Risk

Published on November 29, 2016 By | Posted in: Agreed Upon Procedures (AUP), News, Press Release, Program Tools, Risk Assessment, Risk Management, Shared Assessments, Standardized Information Gathering (SIG), Third Party Risk, Third Party Risk Management, Vendor Risk, Vendor Risk Management Maturity Model (VRMMM), Vendor Risk Managment, Vendor Security

PRESS RELEASE Contact: Marya Roddis Vice President of Communications marya@santa-fe-group.com  505-466-6434 Updated for 2017: Tools Specifically Designed to Manage Third Party Risk Shared Assessments Program Tools Empower Risk Management Confidence Santa Fe, NM — November 29, 2016 — The Shared Assessments Program, the member-driven trusted source in third party risk assurance, announces the release of […]

Shared Assessments Updated 2017 Program Tools

Published on November 1, 2016 By | Posted in: Blog, Program Tools, Shared Assessments, Third Party Risk, Third Party Risk Management, Vendor Risk, Vendor Risk Managment

Tools That Empower Vendor Management Confidence Shared Assessments responds directly to the dynamic landscape of third party risk management with the annual update of its Program Tools. The Tools serve organizations, regardless of size and industry, helping them navigate the constantly evolving landscape of cyber and other security threats at both the national and international […]

Comments Invited on Federal Banking Agency Enhanced Cyber Risk Management Standards

Published on October 19, 2016 By | Posted in: Cyber Risk, Data, Data Protection, OCC, Third Party Risk, Third Party Risk Management

The three federal banking regulatory agencies, the Federal Reserve Board, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency, announced an advance notice of proposed rulemaking (ANPR) regarding enhanced cyber risk management standards for large and interconnected entities under their supervision, as well as those entities’ service providers. The standards […]

Shared Assessments Logo Deluxe Corp
Shared Assessments Logo Ernst & Young
Shared Assessments Logo pwc
Shared Assessments Logo Iron Mountain
Shared Assessments Logo radian
Shared Assessments Logo usbank
Shared Assessments Licensee Lockpath
Shared Assessments Logo Deloitte
Shared Assessments Licensee Bank of the West
Shared Assessments Licensee ControlCase
Shared Assessments Logo Bank Of New York Mellon
MetricStream logo
Shared Assessments Logo first data
Shared Assessments Logo sei
Shared Assessments Logo dtcc
Shared Assessments Licensee ZS logo
intralinks-logo
Shared Assessments Licensee Protiviti
Shared Assessments Program licensee Churchill & Harriman logo
Viewpoint Logo
Shared Assessments Licensee Pivot Point Security
Shared Assessments Licensee TD Ameritrade
Shared Assessments Licensee Rsam
Shared Assessments Licensee Power Advocate