The Shared Assessments Program has established a Code of Professional Ethics to guide the conduct of its certification holders. The goal of the code of ethics is to clarify every certified risk professional’s responsibility to support the risk management profession by conducting themselves in a professional and ethical manner.


Action will be taken against anyone who violates the ethics code. These actions may range from a warning to the withdrawal of their risk professional certification. Rather than seek to regulate its certificate holders, Shared Assessments intention is that this code aid in providing guidance in making ethical decisions.


Shared Assessments certification holders shall:


  1. Abide by the law of the jurisdiction in which services are provided, perform all duties in an honorable manner, and respect the rights of others in performing professional responsibilities.
  2. Perform their duties with objectivity and professional care, and in accordance with professional standards.
  3. Encourage compliance with appropriate standards and procedures for the effective management of enterprise information systems and technology including audit, risk controls, privacy, security, and risk management.
  4. Maintain the privacy and confidentiality of information obtained in the course of their activities unless disclosure is required by legal authority. Such information shall not be used for personal benefit or released to inappropriate parties.
  5. Maintain competency in their respective fields and agree to undertake only those activities they can reasonably expect to complete with the necessary skills, knowledge and competence.
  6. Not knowingly provide misleading or inaccurate information, nor encourage or otherwise participate in the release of such information.