
Third-Party Risk Management Certification
Doing business in an outsourced economy requires expertise to meet the necessary strategies, processes, and practices when evaluating and managing vendor risk and overseeing the security of sensitive data once it’s in the hands of third parties.
CTPRP
Certified Third-Party Risk Professional
The CTPRP is designed for third-party risk, procurement and compliance professionals, including business vendor managers, risk managers, vendor IT security managers, IT assessors and IS professionals.
CTPRP holders will demonstrate a thorough working knowledge of third-party risk management concepts and principles, including:
- Managing the vendor lifecycle.
- Vendor risk identification and rating.
- Knowledge of the fundamentals of vendor risk assessment, monitoring and management.
CTPRA
Certified Third-Party Risk Assessor
The CTRPA is designed for IT/IS third-party risk professionals, including individuals performing assessments, onsite or remote, of third parties relative to the risk tolerance of the assessor organization.
CTPRA holders performing assessments will demonstrate advanced knowledge of:
- Organizational safety and security.
- Physical and environmental security of data environment.
- Network security.
CTPRP Impact on Risk Management Careers
In a recent poll of CTPRP holders, we discovered the following:
80%
CTPRP holders report training improved their ability to fulfill their job duties.
47%
CTPRP certification helped them land a new job or earn a promotion.
68%
CTPRP’s current annual compensation ranged from $90,000 to $120,000

Credentials Driving Credibility
“The primary benefit of the certifications is the associated body of knowledge…It has held up as the golden standard in the TPRM profession even as the profession has expanded significantly in the past few years. When we present to prospective clients or advise existing clients we can lean on our experience and both [certification] bodies of knowledge as industry best practices. That gives us a unique perspective…””
— Bill Deller, CTPRP/CTPRA, Schneider Downs IT Risk Advisory Services Manager