7 Ways to Ensure Organization’s and Vendor’s Data Privacy
California consumers embarked on a new data privacy journey this year by wading through thousands of emails detailing corporate privacy policy updates related to the California Consumer Privacy Act (CCPA) that took effect Jan. 1. The 500,000 or so companies with...
read more
5 Ways To Help Shared Assessments Members Be #PrivacyAware
January 28th is an internationally recognized day dedicated to creating awareness about the importance of privacy and protecting personal information. Industry participants across the world have joined together to create a global community that respects privacy,...
read more
Shared Assessments Steering Committee Chair and Vice Chair 2020
Shared Assessments strives to be the trusted source for thought leadership, best practices and solutions for third party risk with opportunities for members to address global risk management challenges through committees, awareness groups, interest groups and special...
read more
10 Trends and 7 Resolutions in Third Party Risk for 2020
In 2019, data privacy dominated third party risk management (TPRM) activities, thanks to the European Union’s (EU’s) General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Data privacy concerns will continue to top TPRM priorities in...
read more
2020 OT Risk Perspective: IT-OT Athletes Are Rare
Three decades ago, Nike’s iconic “Bo Knows” campaign featured TV commercials of teammates marveling at Bo Jackson’s incredibly rare skill set. He was the first modern professional athlete to play on Major League Baseball and the National Football League teams in the...
read more
Operational Technology Risk Management Requires Collaboration
In late November, The Wall Street Journal ran an exposé on cyberattacks that have struck more than a dozen utilities that operate near critical infrastructure across 18 states. The report underscored the need to heed the U.S. government’s repeated warnings that the...
read more
2020 Fraud Perspective: Pigs, Rats and Ransomware
Before The Santa Fe Group Senior Advisor Bob Jones shares his insights on 2020 fraud trends, he points out that 2019 is the Year of the Pig. “It’s also the year of ransomware,” adds Jones, who expects ransomware attacks, phishing attacks and other forms of fraudulent...
read more
Shared Assessments Best Practices Guide and New Visual Tools Help Practitioners Demonstrate TPRM Program Value
Third party risk management practitioners today work in an environment rife with conflicting demands. Mounting pressure for speedy vendor onboarding is occurring in an environment that is facing escalating regulatory requirements, even in industries where in the past...
read more
SIM Swap Scams + Consumerization = TPRM Risk
SIM swap scams can be extremely expensive to individual consumers -- one investor lost more than $23.8 million worth of cryptocurrency to a SIM card hijacking in 2018. These hacks also represent a growing third party risk as the use of cell phones and related consumer...
read more
Best Practices in TPRM Resource Management: Meeting Increasing Regulatory Expectations Amid a More Challenging Risk Environment
Third party risk managers are struggling to convey the need for the additional resources to develop and sustain a robust TPRM program. Shared Assessments members came together to create a coherent picture of the emerging challenges and provide actionable tools that...
read more
2020 Shared Assessments Third Party Risk Management Toolkit
Shared Assessments has released its updated 2020 Third Party Risk Management (TPRM) Toolkit which supports organizations in their vendor risk management efforts, regardless of size and industry. The Toolkit elements help both Outsourcers and third party providers meet...
read more
Coming Soon: 2020 Shared Assessments Third Party Risk Toolkit
No need to wait until Thanksgiving to be grateful, the 2020 Third Party Risk Tools are due to arrive on November 19th. Here is a preview of what you can expect in our third party risk bag of tricks. NEW Privacy Tools. Our third party risk specific 2019 privacy tool,...
read more
Creating a Unified Continuous Monitoring Cybersecurity Taxonomy: Gaining Ground by Saying What’s What
Continuous monitoring is a rapidly expanding field where a common taxonomy is key to setting expectations in the field and a consistent understanding around continuous monitoring practices. To resolve this problem, the Shared Assessments Program Continuous Monitoring...
read more
This is Your Career on CTPRP …. Any Questions?
In the late ‘80s, the Partnership for a Drug-Free America ran an advertising campaign with a simple and powerful message. In one of the televised spots, a man cracks an egg (your brain) into a hot skillet (drugs) where it sizzles (your brain on drugs). If we created a...
read more
Enhancing Third Party Provider Risk Management Through Aligning the Contracting, Security and Diligence Functions
As the founder of a law firm and two cybersecurity firms, my clients often reach out to me to manage technology contracts that have cybersecurity and privacy implications. My clients span the small with minimal processes to larger firms with Chief Information Security...
read more
The Board’s Role in Realizing Effective Risk Management
In practice, governing boards are the last line of defense in ensuring critical risk management processes are effective. However, recent high profile incidents highlight the need for a greater role for boards in mitigating risks. These events serve as a stark example...
read more
The Value of Virtual Assessments
A risk-based determination of whether - and how - to conduct remote assessments of vendors Expert Contributors: Angela Dogan and Andrew Hout Given how much time and money virtual assessment of vendors can save companies and their third party risk management programs,...
read more
What ‘Virtual’ Means When Conducting Assessments
The word virtual’s various meanings include “near enough” and “not physically existing.” When it comes to performing virtual assessments, outsourcers and third parties should keep both definitions top of mind. For all practical purposes, virtual assessments are the...
read more
Are We Heading Back to School for Privacy Changes?
Seasons change and priorities change as we exit the dog days of summer and head into back to school timelines and waning days remaining of legislative sessions. This past month Shared Assessments Program Advisory Board Members and Steering Committee Members...
read more
Shared Assessments’ TPRM Framework – Member Forum Observations
The July 2019 Shared Assessments Member Forum introduced the first sections of the Program’s Third Party Risk Management (TPRM) Framework. The Framework is a new member resource designed to provide TPRM guidance to risk professionals across the experience spectrum....
read more
