September brings fall, Mercury in retrograde (whatever that means!) and the arrival of the 2022 Shared Assessments Third Party Risk Management Toolkit. The 2022 Shared Assessments Third Party Risk Toolkit – the industry standard in risk management – is due late September, making this release a Libra in astrological sign.
The Shared Assessments Toolkit is a framework of components built to work together to manage the processes a third party risk practitioner would use to implement their program. As an organization that values data-driven methodology, we do not put our full faith in the zodiac. But we are comfortable with associating this launch with Libra and the related symbol of scales, representing the qualities of balance and equilibrium.
Regulatory and Threat Environment Focus Libra’s fixation on balance and harmony are aligned with this release. Refreshed tool content harmonizes with the changing regulatory and threat environment. Content has been concentrated on new standards concerning Cybersecurity, Data Governance, Operational Risk, and Resilience.
Improved User Experience An aesthete, Libra has a special appreciation of art and beauty. The improved User Experience of the tools speaks to this quality. Questions have been refined for efficiency, content gaps have been closed and a speedier backend performance has been introduced. In short, the tools are easier to use. The art of simplicity!
Content And Function Changes Equilibrium in all areas is important to a Libra. Content and function between the tools in this release makes for a balance between the tools; using the SIG in complement with the SCA is now a seamless process.
Environmental, Social and Governance (ESG) Equilibrium with the greater world is furthered by this toolkit’s focus on Environmental, Social and Governance (ESG). ESG adjustments in this release include:
- Standardized Information Gathering (SIG) Questionnaire – adding 35 questions, entire ESG category, easy creation of ESG questionnaire
- Vendor Risk Management Maturity Model (VRMMM) – updating Program Governance Section with ESG criteria
- Standardized Control Assessment (SCA) – a new procedure for ESG
- Target Data Tracker (TDT) – Helps gather information for the ESG program
Collective Intelligence As we put the polishing touches on this release, we embrace Libra’s symbolization of “we” (vs. Aries “me”). Every release of our tools involves the collective intelligence of our membership. A diversity of views have been provided by:
- Outsourcers, services providers, licensees, assessment firms and regulators
- Multi-size organizations – startup to global corporations
- Many industries – Financial, Insurance, CPC, Services, IT, Healthcare
- Experts in cybersecurity, data governance, supply chain risk, compliance, regulation, enterprise risk and third party risk
Libras are known to be great at launching new initiatives – we hope we can measure up to what the Age of Aquarius expects of us: standardized excellence that makes risk assessments easier to create, customize, and manage.
