Authorities on Risk Assurance

The Shared Assessments Blog

Setting Expectations for Your Third Parties

Published on March 14, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Newsletter, Outsourcing, Risk, Risk Management, Security, Third Party Risk, Third Party Risk Management, Vendor Risk Managment

Risk Rating During On-Boarding Including third party risk rating as a strategic part of a robust risk management program provides the opportunity for early identification of the wide range of issues that ripple through both regulated and unregulated industries wherever outsourcing is present. Scoring third parties consistently was ranked as the most challenging issue in […]

Building Your TPRM Program – Part 2: 11 Essential Activities to Implement in your Third Party Risk Management Program

Published on March 6, 2017 By | Posted in: News

This is part two of a two-part series created in response to an increasing number of member requests for foundational concepts that support Boards and executive managers as they work to define, design and implement evidence-based Third Party Risk Management (TRPM) programs. This second part provides starting-point approaches and essential focus areas for an organization […]

Employing Lines of Defense – Risk Management That’s Not Just for Banks

Published on February 23, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Framework, Newsletter, Outsourcing, Risk, Risk Management, Third Party Risk Management, Vendor Risk Managment

Key Best Practices Messages Robust risk governance principles are espoused in guidelines worldwide for Enterprise Risk Management (ERM) from organizations that vary from oversight agencies to industry support groups. Just for example, the International Association of Privacy Professionals (IAPP), Financial Stability Board (FSB), Committee of Sponsoring Organizations of the Treadway Commission (COSO), the Basel Committee […]

Building Your TPRM Program – Part 1: Four Foundational Steps to Build Your Third Party Risk Management Program On

Published on February 3, 2017 By | Posted in: Best Practices, Business Resiliency, Certified Third Party Risk Professional (CTPRP) program, Education, Framework, Outsourcing, Risk Management, Vendor Risk Managment

Build Your Third Party Risk Management Program

Building Your TPRM Program

Published on January 25, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Outsourcing, Risk Management, Third Party Risk Management, Vendor Risk Managment

PwC’s report highlighting monitoring of vendor networks by means of supply chain risk analytics focuses on the fact that the volume and transactions of outsourcing amplify risk. “The increasing severity of consequences for regulatory violations by vendors in complex global supply chains is matched only by the corresponding damage to reputation when vendor network violations […]

Shared Assessments 2016 – Strengthening Best Practices and Building Community

Published on January 17, 2017 By | Posted in: News

Shared Assessments finished the 2016 year with 85 new members, a 25% increase over 2015. We closed out the year with a total of 226 members, showing continuing year-over-year growth in the commitment of organizations to improving third party risk management and advancing best practices worldwide. We’ve come a long way together since Shared Assessments […]

Shared Assessments Program Addresses Recommendations of Russian Hack Report for Improved Security

Published on January 13, 2017 By | Posted in: Advanced Persistent Threats, Cyber Attacks, Cyber Crime, Cybersecurity, Hacking, Program Tools, Security, Third Party Risk Management

The Threat Horizon The December 29th joint analysis report (JAR) GRIZZLY STEPPE – Russian Malicious Cyber Activity, contains specific indicators of cyberattacks and steps organizations can take to mitigate the “the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. […]

Smart Cities Incorporate Solid Third Party Risk Assurance

Published on January 3, 2017 By | Posted in: Government, News, State and Local, Third Party Risk Management

Local government liability exposure is far-flung and both large and small municipalities are vulnerable. As the landscape of risk has evolved, not only facilities and service delivery risk management come into play. Now in-house and third party management is essential for risk areas that include cybersecurity, IT, privacy, data security and business resiliency controls. The […]

Press Release: 2016 Shared Assessments-Protiviti Benchmark Study

Published on December 20, 2016 By | Posted in: Benchmark Study, Blog, Press Release, Third Party Risk, Third Party Risk Management, Vendor Risk, Vendor Risk Managment, Vendor Security

MEDIA CONTACT: Marya Roddis, Vice President of Communications O: 505-466-6434 C: 575-235-8228 marya@santa-fe-group.com 2016 Shared Assessments-Protiviti Benchmark Study Demonstrating the Increased Maturity of Third Party Risk Management Programs Santa Fe, NM – December 20, 2016 – The member-driven Shared Assessments Program and Protiviti, Inc., a Shared Assessments member organization, are pleased to announce the release […]

Strengthening Third Party Risk Management with Agnostic Program Tools

Published on December 14, 2016 By | Posted in: Agreed Upon Procedures (AUP), Blog, Newsletter, Press Release, Program Tools, Risk Assessment, Risk Management, Shared Assessments, Standardized Information Gathering (SIG), Third Party Risk, Third Party Risk Management, Tone at the Top, Vendor Risk, Vendor Risk Management Maturity Model (VRMMM), Vendor Risk Managment, Vendor Security

Third party mishaps resulting in breaches and other newsworthy events continue to drive home the need for improved risk management program capabilities in all verticals. From planning for engagement, through due diligence and vendor selection, contract negotiations, ongoing and continuous monitoring and through termination, the Program Tools helps organizations effectively manage the critical components of […]

MetricStream logo
Shared Assessments Licensee ZS logo
Shared Assessments Logo Deloitte
Shared Assessments Logo yodlee
Shared Assessments Licensee TD Ameritrade
Shared Assessments Logo Deluxe Corp
Shared Assessments Logo pwc
Shared Assessments Logo Ernst & Young
Shared Assessments Logo usbank
Shared Assessments Licensee Rsam
Shared Assessments Licensee-Copytalk
Shared Assessments Licensee Pivot Point Security
Shared Assessments Logo Iron Mountain
Shared Assessments Licensee Power Advocate
Shared Assessments Licensee Protiviti
Shared Assessments Logo radian
Shared Assessments Licensee Identity Theft 911
Viewpoint Logo
Shared Assessments Logo dtcc
intralinks-logo
Shared Assessments Licensee Lockpath
Shared Assessments Licensee Bank of the West
Shared Assessments Logo first data
Shared Assessments Logo sei
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Licensee ctg
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Licensee ControlCase