businessman01

The Shared Assessments Program 2017 Strategic Risk Management Initiative

April 11, 2017 | Best Practices, Business Resiliency, Certified Third Party Risk Professional (CTPRP), Cybersecurity, Education and Training, Framework, Outsourcing, Risk, Risk Management, Security, Third Party Risk, Third Party Risk Management, Vendor Risk Management

The Shared Assessments Program is the only organization that has uniquely positioned and developed standardized resources for managing the complete third party relationship lifecycle. Such standardization is critical to the advancement of effective, secure third party controls and risk management in ....

blog 09

Setting Expectations for Your Third Parties

March 14, 2017 | Best Practices, Business Resiliency, Education and Training, Outsourcing, Risk, Risk Management, Security, Third Party Risk, Third Party Risk Management, Vendor Risk Management

Risk Rating During On-Boarding Including third party risk rating as a strategic part of a robust risk management program provides the opportunity for early identification of the wide range of issues that ripple through both regulated and unregulated industries wherever outsourcing is present. Sco ....

blog 03

Building Your TPRM Program

January 25, 2017 | Best Practices, Business Resiliency, Education and Training, Outsourcing, Risk Management, Third Party Risk Management, Vendor Risk Management

PwC’s report highlighting monitoring of vendor networks by means of supply chain risk analytics focuses on the fact that the volume and transactions of outsourcing amplify risk. “The increasing severity of consequences for regulatory violations by vendors in complex global supply chains is match ....

The SIG – The Swiss Army Knife of Risk Assessment

September 3, 2013 | On-site Assessment, Outsourcing, Vendor Assessment

In 2005, the Shared Assessments program was born to serve the financial services industry and its major service providers. The intent was to achieve economies of scale by sharing the expense and time in conducting on-site assessments.  A group representing six major banks and the Big Four accountin ....

The NSA, Snowden and Third-Party Risk: Preliminary Lessons Learned

August 5, 2013 | Information Security, Outsourcing, Third Party Risk, Vendor Security

Remember this: Edward Snowden Worked for a Third-Party Vendor. While it remains uncertain what exactly Mr. Snowden shared with other nations, we do know this: he wasn’t authorized to disclose classified information. Some may believe he is a hero, others believe he is a villain. It is clear, tho ....

Risk Management: Establishing a Positive Culture of Opportunity

June 19, 2013 | Outsourcing

As companies strive to strengthen their organizations through the outsourcing of products and services, close attention must also be paid to the additional risk implications of these practices. One issue emblematic of these additional risks is the increasingly common practice of subcontracting by ou ....