Authorities on Risk Assurance

The Shared Assessments Blog

Viewing Category: Newsletter

Leading Third Party Risk Summit – Celebrating Our 10th Year

Published on May 10, 2017 By | Posted in: Blog, CTPRP Training, Cybersecurity, Event, Guidance, Larry Ponemon, News, Newsletter, Shared Assessments Summit, Third Party Risk Management

. Shared Assessments Program Summit Addresses Digital Transformation As organizations embrace the opportunities afforded by digital technologies, they are facing a business ecosystem that will be forever transformed. The 10th Annual Summit includes pre-Summit workshops and is designed as a comprehensive opportunity for learning, networking and sharing around third party risk. We’ve devoted the week […]

Setting a New Benchmark – New York State Cybersecurity Requirements

Published on April 17, 2017 By | Posted in: Best Practices, Business Resiliency, Compliance, Education, Framework, Newsletter, Outsourcing, Risk Management, Third Party Risk Management, Vendor Risk Managment

For financial services companies that fall under the New York State Department of Financial Services (DFS) cybersecurity requirements rule, the timeline for implementing 23 NYCRR500 has begun. The new rule became effective March 1st. Each section of the rule has a timeline relating to the development of cybersecurity programs for all “Covered Entities.” The regulation […]

Setting Expectations for Your Third Parties

Published on March 14, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Newsletter, Outsourcing, Risk, Risk Management, Security, Third Party Risk, Third Party Risk Management, Vendor Risk Managment

Risk Rating During On-Boarding Including third party risk rating as a strategic part of a robust risk management program provides the opportunity for early identification of the wide range of issues that ripple through both regulated and unregulated industries wherever outsourcing is present. Scoring third parties consistently was ranked as the most challenging issue in […]

Employing Lines of Defense – Risk Management That’s Not Just for Banks

Published on February 23, 2017 By | Posted in: Best Practices, Business Resiliency, Education, Framework, Newsletter, Outsourcing, Risk, Risk Management, Third Party Risk Management, Vendor Risk Managment

Key Best Practices Messages Robust risk governance principles are espoused in guidelines worldwide for Enterprise Risk Management (ERM) from organizations that vary from oversight agencies to industry support groups. Just for example, the International Association of Privacy Professionals (IAPP), Financial Stability Board (FSB), Committee of Sponsoring Organizations of the Treadway Commission (COSO), the Basel Committee […]

Strengthening Third Party Risk Management with Agnostic Program Tools

Published on December 14, 2016 By | Posted in: Agreed Upon Procedures (AUP), Blog, Newsletter, Press Release, Program Tools, Risk Assessment, Risk Management, Shared Assessments, Standardized Information Gathering (SIG), Third Party Risk, Third Party Risk Management, Tone at the Top, Vendor Risk, Vendor Risk Management Maturity Model (VRMMM), Vendor Risk Managment, Vendor Security

Third party mishaps resulting in breaches and other newsworthy events continue to drive home the need for improved risk management program capabilities in all verticals. From planning for engagement, through due diligence and vendor selection, contract negotiations, ongoing and continuous monitoring and through termination, the Program Tools helps organizations effectively manage the critical components of […]

Demonstrating the Increased Maturity of Third Party Risk Management Programs – 2016 Benchmark Study

Published on November 29, 2016 By | Posted in: Benchmark Study, Benchmark Study, Blog, Board's, Newsletter, Risk Management, Shared Assessments, Third Party Risk, Third Party Risk Management

The Shared Assessments Program and Protiviti, Inc., a Shared Assessments member organization, have completed the 2016 Vendor Risk Management Benchmark Study, the third annual study in this series. This year’s study shows, for the first time, that companies appear to have reached a positive turning point with regard to managing third party risks. Data from […]

You Can’t Build a Robust Risk Management Program Without the Right Skills

Published on October 16, 2016 By | Posted in: Blog, Certified Third Party Risk Professional (CTPRP) program, Data, Data Protection, Education, Newsletter, Third Party Risk, Third Party Risk Management

The intricate third party risk management (TPRM) lifecycle requires coordinated and well-integrated knowledge from the Board and C-Suite through management and general staff, and extends throughout the relationship with third and fourth parties. The complex elements of a robust TPRM program involve effective design, control and monitoring of policies and processes, third party and system […]

Building A Robust Third Party Risk Management Program

Published on September 16, 2016 By | Posted in: Data Protection, Newsletter, Third Party Risk, Third Party Risk Management

Strong third party risk management is a growing requirement in the face of globalization and the increasing dependence on third parties that support core products and functions. Third party risk management (TPRM) revolves around the whole relationship lifecycle. This intricate lifecycle requires organizations to apply an integrated approach that expands the need for robust governance, […]

EU’s GDPR – Privacy as Best Practice

Published on August 31, 2016 By | Posted in: Brexit, Data, Data Protection, EU, General Data Protection Regulation (GDPR), Newsletter, Privacy

While the expanded regulations and new accountabilities of the European Union (EU) Regulation 2016/679, better known as the General Data Protection Regulation (GDPR) are daunting in scope, they do provide significant opportunities as well.1 For instance, while demonstrating privacy by design will be an ongoing organizational obligation, complying with the new regulations and then being […]

What the UK Brexit Vote Could Mean for Privacy

Published on July 21, 2016 By | Posted in: Brexit, Data, Data Protection, EU, Newsletter, Privacy

It has been a month since the UK voted to leave the EU and there is still plenty of uncertainty along the road ahead. However, when it comes to privacy law, there are some certainties. Ralph O’Brien, Principal Consultant EU at TRUSTe reviews the options. In the short term the UK Data Protection Act 1998 […]

Shared Assessments Logo Deluxe Corp
Shared Assessments Licensee ZS logo
Shared Assessments Licensee Lockpath
Shared Assessments Licensee Rsam
Shared Assessments Logo Iron Mountain
Shared Assessments Logo usbank
Shared Assessments Licensee Protiviti
Shared Assessments Logo dtcc
Shared Assessments Logo Ernst & Young
Shared Assessments Licensee Power Advocate
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Logo pwc
Shared Assessments Licensee Pivot Point Security
MetricStream logo
Viewpoint Logo
Shared Assessments Logo Deloitte
Shared Assessments Logo sei
Shared Assessments Logo first data
Shared Assessments Licensee ControlCase
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Licensee Bank of the West
Shared Assessments Licensee TD Ameritrade
Shared Assessments Logo radian