2020 has brought unique risk challenges that have significantly shifted the focus of risk managers. New operational risks emerged with the pandemic, with major shifts to work from home security and service availability issues, vendor stability, and socioeconomic...
Program Tools
Shared Assessments Program Addresses Recommendations of Russian Hack Report for Improved Security
The Threat Horizon The December 29th joint analysis report (JAR) GRIZZLY STEPPE – Russian Malicious Cyber Activity, contains specific indicators of cyberattacks and steps organizations can take to mitigate the “the tools and infrastructure used by the Russian civilian...
Shared Assessments Updated 2017 Program Tools
Tools That Empower Vendor Management ConfidenceShared Assessments responds directly to the dynamic landscape of third party risk management with the annual update of its Program Tools. The Tools serve organizations, regardless of size and industry, helping them...
Press Release: Many Companies’ Vendor Risk Management Programs Still Need Improvement, According to New Study from Protiviti and Shared Assessments
Editor Contacts: For Protiviti: Kathy Keller (650) 234-6252 kathy.keller@protiviti.com For Shared Assessments Program: Sarah Perry, The Santa Fe Group, 602-441-1769, sarah@santa-fe-group.com or Lisa MacKenzie, MacKenzie Marketing Group (503) 705-3508,...
Using Peer Collaboration to Manage Supply Chain Risk
Today’s companies are outsourcing more critical functions as part of their business operations in today’s complex environment. Every member of the supply chain must be evaluated to ensure they are properly protecting systems and data. With hackers specifically...
In 2015, Don’t Just Make New Year Resolutions Regarding Third Party Risk, Keep Them!
Start 2015 on the right foot including your third party risk management program. Here are some suggested “New Year’s Resolutions” to incorporate into your strategic and tactical plans for the coming year: Resolution #1: I will incorporate the new SIG 2015 into my...
Updated Shared Assessments Program Tools Are Powerful Weapons Against Third-Party Risk in 2015
The industry is in a state of high alert concerning third party risk in 2015. In fact, Booz Allen Hamilton moved third party risk to the top of the list of cyber security trends for financial services to “guard against” this coming year. WIRED.com also cited third...
Shared Assessments in 2014: A Good Year with So Much Ahead
It has been an exciting time to participate in the Shared Assessments Program. Looking back at 2014, it has been a good, active year, with the rollout of our Certified Third Party Risk Professional (CTPRP) certification, our kick-off of the annual Vendor Risk...
SIG 2014 And Software Security
Ok, so you did everything right… you sent your vendor a Standard Information Gathering (SIG) scoped based on data and service type, you analyzed the responses, decided to perform an on-site assessment using the Agreed Upon Procedure (AUP), and helped identify security...