by James Arnold, Ron Parham, Colleen Milazzo | September 21, 2023 | Data & Cybersecurity
Since the introduction of the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), data privacy has become an essential aspect of Third Party Risk Management (TPRM). With constant changes in data privacy regulations, staying up-to-date with international and stat ....
by Gary Roboff, Senior Advisor | June 22, 2023 | Guidance, Public Policy
Regulators have developed “principles-based guidance that provides a flexible, risk-based approach to third-party risk management that can be adjusted to the unique circumstances of each third-party relationship.” On June 6th, less than 20 months after comments closed, the Federal Reserve, The ....
by Bob Jones | June 12, 2023 | Data & Cybersecurity
While excellent ransomware guides and tools exist from various sources, our new guide (Third Party Focused Ransomware Strategy: An Enterprise-Wide Collaborative Strategy Guide for TPRM Professionals) and the related resources referenced throughout provide a Third Party Risk Management focused appro ....
by Sabine Zimmer | May 8, 2023 | Risk Professionals
“Put yourself in their shoes…” is a commonplace reminder to practice empathy. You must put on someone else’s shoes (and then walk a mile) to understand how someone thinks and to gain a sense of the landscape in which this person lives or works. Supply Wisdom, a provider of real-time risk ....
by Gary Roboff, Senior Advisor | February 22, 2023 | Public Policy
and...Third Party Risk Managers Everywhere Should Pay Attention! Third-party risk managers should be paying attention to important ESG regulatory developments in the European Union, where two pieces of regulation became effective within the last month and one more may be on the cusp. Third-party ri ....
by Sabine Zimmer | January 30, 2023 | Data & Cybersecurity, Data Protection, Privacy
Have you discovered who you truly are? Did you take the Myers-Briggs? Do you know your sign? Abilities, attributes, and astrology be darned - to an identity thief, you just represent a unique set of numbers and the opportunity to abscond with your Personally Identifiable Information (PII). Thank ....
by Sylvie Obledo | January 27, 2023 | News And Events, Shared Assessments
Our UK / EU and US Steering Committees provide governance on Committees and Products development, help to set the annual agenda for the Shared Assessments program, and provide leadership for all major initiatives undertaken by the Shared Assessments Program Committees. We are happy to announce our a ....
by Sabine Zimmer | January 26, 2023 | Risk Professionals
Andrew Moyad (CEO, Shared Assessments) recently sat down with Michael Crawford (Head of Operations, Opstream) to talk about his risk management career. This blog post presents outtakes from the interview, exploring Andrew's winding career path (along with a few laughs). Whether you are wondering abo ....
by Ron Parham | December 19, 2022 | Standardized Information Gathering (SIG)
Shared Assessments is pleased to announce that the Standard Information Gathering Questionnaire (SIG) 2023 mapping is now incorporated into the Secure Controls Framework (SCF) catalog of controls version 2022.3. This was a collaborative endeavor between Shared Assessments and the SCF. Benefits of U ....
by Sabine Zimmer | October 31, 2022 | Data & Cybersecurity
Data zips across the Atlantic over submarine communications cables and pings across the sea to and from satellites at light speed. These transatlantic data flows are critical to the economic relationship between the United States and the European Union: The White House places a $7.1 trillion value ....
