Blog

Explore our blogs for the latest insights, tips, and best practices in third-party risk management. Stay informed and protect your organization by navigating the complexities of third-party relationships with confidence. Read on to enhance your risk management strategy!

Cybersecurity, Risk Landscape

Cybersecurity vs. Information Security

You like potato and I like potahto You like tomato and I like tomahto Potato, potahto, tomato, tomahto. Let's call the whole thing off... --Ella Fitzgerald, Let’s Call the Whole Thing Off (featuring Louis Armstrong)   You say information security,...

Read More
Best Practices

Mergers and Acquisitions Risk and Cyber Security Points

With the pandemic causing economic uncertainty, it has been a “head-scratchingly prolific year” for mergers and acquisitions (M&A) (and associated merger and acquisitions risks!). As organizations combine, what factors determine the success of a merger or acquisition?   Ensuring all...

Read More
Framework, Industry Guidance, and Regulations

Request For Comments – Interagency Guidance for Third Party Risk Management

Three of the four federal banking regulators have launched an extremely important effort to refresh and harmonize third party risk management guidance for financial institutions in the United States (the comment period closes on September 17th). Shared Assessments plans to...

Read More
Education

TPRM Fundamentals – An Intern’s Perspective

A college student majoring in Economics and Data Science, I love analytical thinking and learning. As part of my internship with Shared Assessments this summer, I leapt at the opportunity to take the Third Party Risk Fundamentals Certificate course.   ...

Read More
Best Practices, Risk Landscape

Types of Third Party Risk and Lessons Learned: Beyond Textbook Definitions

I’ve worked in Third Party Risk for over twenty years. Over the years I learned first-hand the intersection of types of third party risk and business risk based on the business model and type of product or service that is...

Read More
Cybersecurity, Risk Landscape

Collected Thoughts: Ransomware Risk

This month, several Shared Assessments Industry Strategy and Working Groups came together in a cross vertical meeting, Ransomware: It Takes An Organization, to address ransomware threats.   Sophisticated ransomware attacks are being used with adjusted methods to strike supply chains...

Read More
Framework, Industry Guidance, and Regulations

Flavors of Regulations Impacting TPRM

July is coming to an end, and with it goes National Ice Cream Month.  Take a moment to savor the flavor of the season. Cookies-and-cream? Mint-chocolate chip? Or...Neopolitan? There are a variety of flavors of risk to consider in third...

Read More
Best Practices, Cybersecurity

Protecting Your Digital Supply Chain – Three Tips

In his 2001 book From Analogue to Digital Supply Chains Tony Hines coined the term “digital supply chain” to explain the electronic distribution of goods or services that had previously been supplied in physical form.  The digital delivery of media...

Read More
Cybersecurity, Risk Landscape

Ransomware and TPRM: Steps You Can Take Now

Ransomware attacks are dominating headlines. Solar Winds, JBS, Colonial Pipeline, and Kaseya VSA are household names not because of the products or services these organizations offer, but because of notorious cyberattacks against these organizations. Publicity aside, the $20 billion sum...

Read More
Risk Landscape

Observing The Kaseya VSA Attack

Just before the Fourth of July weekend, Kaseya, an IT solutions developer for managed service providers (MSPs) and enterprise clients, fell prey to a cyberattack waged by REvil, a Russia-based private ransomware-as-​a-service (RaaS) provider. CBS has called this the single...

Read More
Shared Assessments

New to the Shared Assessments Team

Shared Assessments is growing and we are excited to welcome new compliments to our team.  We have different backgrounds but share a purpose in our work as we strive to build a trusted risk community through the power of many....

Read More
Risk Landscape

Strategies for Building Resilience

Resilience is a watchword for every risk management team and every governing board. Resilience represents the ability of entities to avoid, prevent, adapt, respond to, recover from, and learn from operational disruptions.[i] While ensuring business continuity is a key aspect...

Read More
1 14 15 16 17 18 52