Marya Roddis, Vice President of Communications
Partnerships Focused on Critical Third Party Risk Management Issues
Santa Fe, NM — March 15, 2016 — Shared Assessments is pleased to announce the release pleased to announce the release of its new white paper: Financial Services Industry Call to Action. The increased connectivity and complexity of critical infrastructure systems both nationally and globally puts economic and public security squarely at the forefront of risk management in every sector and industry vertical.
This paper presents the opportunity that organizations now have to collectively raise the bar and establish effective industry-wide risk management solutions and how the benefits of such a collaborative strategy accrue for outsourcers and vendors alike.
The financial services industry is in position to continue its leadership role in third party risk management, in order to improve the quality and efficiency of risk management programs at both the outsourcer and provider levels. As NIST Fellow Ron Ross notes: “I think some of our biggest failures today are in governance and leadership. We have tremendous security professionals. We have lots of frameworks, lots of controls. We have lots of risk assessments guidelines. But, to get all that body of work integrated into the mainstream. That’s the challenge.”
Toward this end, the Shared Assessments Program is urging all financial services institutions to:
- Become more involved in cooperative relationships.
- Adopt standardized, consistent, robust third party risk management methodologies.
- Work collaboratively to perform onsite assessments and leverage the results.
Will your organization join with us now to create important step function improvements in third party risk management to improve enterprise risk controls industry-wide?
About the Shared Assessments Program
The Shared Assessments Program is the trusted source in third party risk management, with resources to effectively manage the critical components of the vendor risk management lifecycle that are: creating efficiencies and lowering costs for all participants; kept current with regulations, industry standards and guidelines, and the current threat environment; and adopted globally across a broad range of industries both by service providers and their customers. Shared Assessments membership and use of the Shared Assessments Program Tools: the Agreed Upon Procedures (AUP); Standardized Information Gathering (SIG) questionnaire and Vendor Risk Management Maturity Model (VRMMM), offers companies and their service providers a standardized, more efficient and less costly means of conducting rigorous assessments of controls for IT and data security, privacy and business resiliency. The Shared Assessments Program is managed by The Santa Fe Group (www.santa-fe-group.com), a strategic advisory company based in Santa Fe, New Mexico. For more information on Shared Assessments, please visit https://sharedassessments.org.