opportunities to address global risk management challenges

Shared Assessments offers opportunities for members and non-members alike to address global third-party risk management challenges through our committees. Committees shape the industry by enhancing the Shared Assessments Third-Party Risk Management Product Suite and driving best practices through the development of papers, studies, and blogs.

Our community understands the value of leveraging the collective knowledge of their risk management peers to develop and manage best-in-class third-party risk management programs. Our committee participants are leaders in their industries and integral to our global community of risk management professionals.


Recommended knowledge and membership levels for each committee are described below. (However, members are welcome to join any committee regardless of their current position or expertise in third-party risk management.)

Fundamental: For those new to risk management. Peer-to-peer discussions are based on the foundational principles of third-party risk management.

Intermediate: For those with more knowledge or skill in third-party risk management than a beginner and who have mastered the basic concepts. 

Advanced: A peer-to-peer environment for senior risk managers, professionals, and experts to examine complex, emerging, and cascading risks.

Members Only: This indicates a committee is open to members of Shared Assessments only.

Non-Member/Member: This indicates a committee is open to members of Shared Assessments and the wider risk management community. (Non-members of Shared Assessments are welcome to participate for one year in these groups. No other benefits of Shared Assessments membership will be conveyed through non-member participation.)

Focus Area Committees


Meeting Schedule: Bi-monthly, 4th Tuesday at 11:00am – 12:00pm ET

Membership: Members Only

Participation Level: Intermediate

Staff Lead: Chris Johnson, Senior Advisor

This group meets via an open forum allowing for active engagement and discussion of relevant topics. Participants examine integration, challenges, opportunities, and solutions posed by emerging technologies including Machine Learning, Artificial Intelligence, Cloud, 6G, Distributed Ledgers (Blockchain), and Cryptocurrencies.  

Advancements in technology fuel productivity that supports digital transformation and business objectives. New technologies across all sectors are rapidly changing the risk landscape for organizations and third parties/supply chain ecosystems.  

This group invites member organizations specializing in emerging technologies such as Cryptocurrencies and Artificial Intelligence to present to the committee. Participants are encouraged to submit emerging technology topics relevant to TPRM for discussion.


Meeting Schedule: Quarterly and ad hoc as needed, 2nd Thursday at 11:00am – 12:00pm ET

Membership: Members Only

Participation Level: Advanced

Staff Lead: Gary Roboff, Senior Advisor

As the compliance and audit environment sees changes affecting key areas of outsourcing relationships, participants discuss current and proposed international regulations, guidelines, and standards. A special focus this year will address member implementation challenges resulting from the June 2023 integrated U.S. regulatory guidance. Additional topics examined by this committee include cloud, IoT, concentration risk, complex supply chains (including Nth party), resilience, inventories, due diligence access, and how these harmonize (or diverge) globally.

This group invites speakers on relevant topics, and as thought leaders, publishes member-driven briefing papers and blogs on regulatory subjects. It also reviews, discusses, and responds to draft third-party regulatory guidance and rules from state, federal, and international regulators. Where appropriate, the group makes recommendations for Shared Assessments Product Suite enhancements and participates in developing resources pertinent to third-party risk addressing consumer protection, operational risk, and regulatory compliance monitoring.

Products Development Committees

Products Development Committees ensure that Shared Assessments Third-Party Risk Management Product Suite is relevant, thorough, and responsive to a range of new and emerging U.S. and international guidelines for privacy, information (cyber) and data security, and business continuity.

The Shared Assessments TPRM Product Suite has maintained its status as the industry standard for third-party risk assurance because these solutions are maintained by the very risk professionals who specialize in third-party risk management issues.

Products Development Committee members influence product design and content. As risk professionals and subject matter experts, Products Development Committee members have broad experience in enterprise risk management, internal audit, operational risk and compliance, and data governance, from a wide range of industries.


Meeting Schedule: Monthly, 4th Thursday, 12:00pm – 1:00pm ET 

Membership: Members Only

Participation Level: Advanced

Staff Lead: Colleen Milazzo, SVP, TPRM Software Products

The Products Development Committee is responsible for the management and development of existing and new content as well as the functionality of solutions in the Shared Assessments’ Product Suite: SIG, SCA, and VRMMM solutions. (Products Committees have been consolidated into one group from previous years.)

This committee strives to ensure all content within the products adheres to current local, state, federal, national, and international rules, laws, regulations, technological standards, and frameworks. Further, the committee ensures the products are updated to meet new and changing risk areas as the lifecycle of third-party risk management evolves.


Meeting Schedule: Quarterly, 4th Wednesday at 11:00am – 12:00pm ET

Membership: Members Only

Participation Level: Advanced

Staff Lead: Colleen Milazzo, SVP, TPRM Software Products

The Data Governance Committee consists of members who are data owners, managers, and consumers, and other enterprise risk management and privacy professionals. The focus of this committee is to enable data-driven decision-making to address challenges specific to data protection obligations organizations encounter in managing data and compliance governance risks by communicating changes in domestic and international data regulations.

With the pace and complexity of data protection regulations increasing, participants come together to navigate and address data governance in third-party relationships.

Working in concert with the Products Development Committee and other Shared Assessments Committees, this group ensures content and products adhere to varying standards, rules, laws, regulations, and frameworks issued by local, state, federal, national, and international bodies, including those specific to privacy.

Industry And Cross-Industry Committees

In a continuing effort to meet the needs of our diverse Shared Assessments membership, we have created our industry and cross-industry committees.

Members and non-members alike of Shared Assessments are welcome to participate to ensure a comprehensive look at the needs of specific verticals. (Note: non-member participation is limited to one year and no other benefits of membership, including access to the Shared Assessments TPRM Product Suite, are provided.)

Experienced executives facilitate industry community discussions of the most pressing Third-Party Risk Management (TPRM) challenges and seek to:

  • Serve as a forum for identifying, understanding, and supporting TPRM programs.
  • Address the expanding frequency/scope of control assessments, including risks associated with cybersecurity, information security, business resiliency, physical security, and operational procedures.
  • Develop and publish targeted blogs, white papers, and other best practices resources.
  • Improve industry opportunities for TPRM efficiencies and cost savings.

Meeting Schedule: Bi-monthly, 2nd Thursday, 11:00am – 12:00pm ET

Open To: Outsourcers only

Membership: Member/Non-Member

Participation Level: All Levels

Staff Lead: Jen Hancock, Senior Advisor

This group nurtures a trusted network of Asset Management and Financial Institution industry professionals who deal with key business processes related to the management of third parties, including but not limited to ESG, governance, procurement, third-party risk, finance, control validation, and policy. Committee members collaborate and address challenges, risk trends, regulatory changes, technology solutions, and best practices related to the third-party lifecycle.

This committee invites guest presenters to discuss trends and changes in the financial services arena.


Meeting Schedule: Quarterly, 4th Tuesday at 12:00pm – 1:00pm ET

Open To: Healthcare organizations and other organizations by invitation only.

Membership: Member/Non-Member

Participation Level: All Levels

Staff Lead: Chris Johnson, Senior Advisor

Newsletter: Emailed bi-monthly to committee members. Click here to join the committee.

This committee exchanges ideas, shares best practices, and identifies collaboration opportunities related to the TPRM needs of healthcare companies. Areas of interest include, but are not limited to, regulatory requirements, emerging technology, program governance, and procurement.


Meeting Schedule: Bi-monthly, 3rd Thursday, 11:00am – 12:00pm  ET

Open To: Insurance (Property and Casualty and Life) Firms Only 

Membership: Member/Non-Member

Participation Level: All Levels

Staff Lead: Chris Johnson, Senior Advisor

This committee exchanges ideas, shares best practices, and identifies collaboration opportunities related to insurance specific TPRM needs.

This group provides participants an opportunity to discuss the expanding risk landscape, the complexity of Nth party relationships, the impact of climate change on complex supply chains, regulatory requirements for insurance firms, and the complexity of assessing risks surrounding their client product offering(s).

This committee provides organizations with an opportunity to have an open dialogue of the current difficulties they are navigating such as ESG, and additional assessments of existing service providers including agents, brokers, and managing general underwriter (MGU).


Meeting Schedule: Meets bi-monthly, 3rd Thursday at 11:00am-12:00pm ET (4:00pm – 5:00pm GMT + 1)

Membership: Member/Non-Member

Participation: All Levels

Staff Leads:  Rhonda Cook, Senior Advisor

Participants focus on third-party risk management sustainability, social, and governance practices in today’s evolving ESG arena. Participants from all organizations with an ESG third-party risk interest, regardless of level of TPRM experience, are welcome.

The committee has an educational focus, informing members about ESG frameworks, policies, metrics, procedures, regulations, etc.  It is a forum for individuals from organizations with ESG programs and extensive experience to share their insights with those organizations just beginning their ESG journeys. Outside ESG experts are occasionally brought in to share best practices related to their organization’s ESG journey.

Additionally, input from this group is considered in the development of Shared Assessments Products, including the SIG, SCA, and VRMMM.


Meeting Schedule: Bi-monthly, 4th Thursday at 10:00am-11:00am ET (3:00pm – 4:00pm GMT+1)

Membership: Member/Non-Member

Participation Level: All Levels

Staff Lead: Bob Jones / Rhonda Cook, Senior Advisors

This committee examines the challenges organizations face in managing third-party risk and identifies existing and emerging best practices. Examples of previously examined topics include complex supply chains, fourth-party management, third-party contract development, risk rating, and assessment scoping.

The output of this group includes industry briefing and white papers, practitioner guidelines, industry call-to-action pieces, and blogs that enhance TPRM practice. This group coordinates with other Shared Assessments committees when appropriate.


Meeting Schedule: Bi-monthly, 4th Wednesday at 11:00am – 12:00pm ET

Membership: Member/Non-Member

Participation Level: All Levels

Staff Lead: Jen Hancock, Senior Advisor

The partnership between third-party risk management, procurement, and the business unit is paramount to allowing new and existing vendor relationships to operate and flourish in meeting an organization’s strategic goals. This committee identifies and documents best practices for achieving this partnership, centralizing a vendor inventory/registry, and streamlining the vendor relationship lifecycle. Committee members focus on practices in this arena in response to the shifting threat environment.

Key areas of discussion include relationship building with the various departments interfacing with third-party risk management, contracting, central predictive forecasting, controls, and agile response processes that include cyber, financial, location, and other key indicators.


We do give CPEs for attending Committee Meetings.

No prerequisite knowledge is required to participate in Committee Meetings

No advance preparation is required.

Program Level: Basic

Delivery Method: Group Internet-Based

CPEs Earned for Completion: 1*

 *exact CPEs earned per meeting is subject to change. You must attend for the entire duration to be eligible to receive CPE credits. We do not issue partial credit. CPEs are automatically issued based on our attendance data to the name and email address used to attend the call. Please note it can take up to 30 days for the CPE credit(s) to be issued.

    To Participate

    To participate in any of these committees or groups, email SACommittees@sharedassessments.org.