The Certified Third Party Risk Assessor (CTPRA) designation is a professional credential that validates expertise, decision making and proficiency in third-party risk and controls evaluation. The program includes the processes for identifying, quantifying, and mitigating third-party risk within an organization’s TPRM program. The program structure emphasizes on the controls evaluation process within specific risk domains to conduct comprehensive governance, operational risk, IT, and cyber-risk third party evaluations using distinct assessment techniques.
12 CPEs can be earned for completing the course.
The CTPRA is designed for third party risk, information security, cyber-risk, audit, information technology, and Governance, Risk, Compliance (GRC) professionals that are involved in the planning, scoping, and conducting the evaluation of a third party’s control environment, including:
Date | Time | Location | Instructor | |
---|---|---|---|---|
December 10-11, 2024 | 10:00am – 3:00pm ET | Online | Nasser Fattah, Senior Consultant, Shared Assessments | Register |
February 19-20, 2025 | 10:00am – 3:00pm ET | Online | Elizabeth Dunsmoor, TPRM Principal, Shared Assessments | Register |
March 25, 2025 | 8:00am - 6:00pm ET | In Person | Westin Fort Lauderdale Beach Resort | TBD | Register |
May 7-8, 2025 | 7:00am - 12:00pm ET | Online | Elizabeth Dunsmoor, TPRM Principal, Shared Assessments | Register |
July 15-16, 2025 | 10:00am – 3:00pm ET | Online | Elizabeth Dunsmoor, TPRM Principal, Shared Assessments | Register |
Online Instructor-Led $1,195 Member | $1,495 Non-Member
In Person Instructor-Led $1,345 Member | $1,645 Non-Member
CTPRA classes consist of two 5-hour sessions taught via web conference. Eligible for 12 Shared Assessments Continuing Professional Education (CPE) credits.
Private classes and volume discounts are available. If a class does not have a minimum number of registrants, the class may be cancelled and registrants will be contacted about moving to a future session.
Annual Maintenance Fee $100
The Shared Assessments CTPRA class is a live, instructor-led, two-day event (5 hours per day). A typical class timeline is as follows:
CTPRA CLASS
Completion of both days of this class will earn 10 CPEs. We do not issue CPEs for partial attendance. The exam cannot be taken without class attendance for both days. Class attendance is verified by teleconference records and staff instructors. All upcoming classes are listed in the “Upcoming Classes” section above.
The CTPRA Certification Job Practice Guide identifies the domains, topics, skills, competencies, and job roles that represent the type of work performed in the role of a Third Party Risk Assessor who plans, performs, and oversees Third Party assessments across multiple risk domains. The structure of the Job Practice Guide is based on the inputs of Shared Assessments Program members, recognized best practices, and the education and tools that drive Third Party risk assurance.
Yes! Please email the Shared Assessments Education team, education@sharedassessments.org, for more information.
All upcoming courses are listed in the “Upcoming Classes” section above.
The Shared Assessments Program can accommodate private classes for organizations willing to certify 15 or more people. Please contact our Education team at Education@sharedassessments.org for more information.
The CTPRA registration cost includes the two-day instructor-led class, examination, access to online reference and study materials, and a digital credential badge once the certification is successfully earned.
Note: Shared Assessments does not issue downloadable PDFs or hard copies of our study materials.
Distribution of the materials to any party other than the person registered for the class is strictly prohibited. Sharing materials without permission by Shared Assessments may result in the removal from class registration or discontinuation of the certification designation attained.
There is a $75 administrative fee to adjust or modify existing class registrations. Please contact the Shared Assessments Education team, education@sharedassessments.org, for assistance.
Once the class is completed, you will be sent details on how to schedule your exam with Examity, our testing vendor. The CTPRA examination is a time-based, closed book exam, completed within 3 hours. The exam is taken online from your computer and remote proctoring is required to monitor examination compliance. The CTPRA examination contains 125 questions worth up to 140 points. Examination questions include testing the domain knowledge and application of knowledge using Third Party risk situations. Multiple choice questions are presented using Third Party risk management scenarios from the Outsourcer or the Service Provider point of view. You must achieve a score of 70% or higher to pass the exam. Upon completion of the exam, a survey may be presented to provide feedback on the method of instruction, curriculum, materials, or examination content.
We recommend scheduling your exam at least 24 hours in advance of your preferred exam date/time to avoid a nominal $5.00 “on demand” testing fee from the testing company. Any cancellation or modification within 24 hours of an existing exam appointment will result in a $5.00 on-demand fee.
If you need reasonable accommodations to take the exam, please contact us at education@sharedassessments.org.
The exam can be taken during any time zone globally. You have 15 weeks from the start date of the class to take the exam. If you do not take the exam within 15 weeks, you may not be approved for certification and may need to retake the class at your own expense.
After completing the class, candidates will have a 15-week window to schedule and take their exam with our testing proctor company, Examity. Approximately 1 day prior to the first day of class, you will receive an email with instructions for scheduling the exam. We estimate that, on average, candidates will need to spend a total of 30 hours preparing for the exam. Exam results are sent via email and are usually sent out within two weeks of taking the exam.
To take the CTPRA examination you must attend the entire CTPRA class.
Yes. If you do not pass the exam, you may take it again. There is a $150 fee to retake the exam. You may re-take the exam up to three (3) times. After the third attempt, you must re-take the class at your own expense. Individuals who wish to retake the class will receive a 50% discount.
You will receive provisional results immediately after taking the exam pending review and approval by the exam proctors and Shared Assessments. Your official results and next steps will be sent to you via email within two weeks of completing the exam.
Individuals interested in obtaining the Shared Assessments CTPRP certification are required to hold a minimum of five years of experience as a risk management professional. Listed below is an example of the type of experience that qualifies:
Individuals who are interested in obtaining the Shared Assessments CTPRP certification must complete the following process:
The application form is provided to you upon passing the exam. You must fill out your relevant work experience and provide the name and contact information for a person who can verify your employment experience. This is usually a current manager. For those who are self-employed or unemployed, Shared Assessments will make a determination based on a review of the documentation provided to show the necessary experience. We may ask for additional documentation as part of the approval process. In lieu of work experience, an applicant can receive up to a year of work experience credit if they have a bachelor’s or master’s degree in information security or information technology from an accredited university. An additional year of work experience may be waived if the applicant holds an active IT or IS certification (i.e., CISA, CISSP, CIPP, CIPM).
The CTPRP certification is awarded to those who complete the three steps indicated above. An individual who passes the exam but does not meet the prerequisite of five years of experience as a risk management professional will be awarded the Associate CTPRP designation. The Associate CTPRP can be changed to a full CTPRP designation at no additional cost if the certification is kept active and the five (5) year professional experience requirement is achieved.
We accept applications up to one year after passing the exam. After one year, you are required to retake the class and the exam. If you would like to retake the class and the exam, we will offer it at a 50% discount.
Once received, applications are typically processed within one month of receipt. You will be notified of your designation via email from one of our Education team members.
Once an individual’s application is approved and they have earned the CTPRP certification, a digital credential badge is awarded to showcase the accomplishment.
To retain your certification, CTPRA holders must comply with the following requirements:
Please note that it is your responsibility to maintain your certification. Shared Assessments is not responsible for notifying you of upcoming renewals.
If you attend a Shared Assessments event that is issuing CPEs, you must attend the entire event. Shared Assessments does not issue CPE credit for partial attendance. If our web conferencing or manual attendance records indicate that you attended an event, you will be automatically issued a CPE within 30 days of the event. You will receive an email from our automated system with instructions to download the digital CPE certificate from your account on our Education and Events portal by logging in using the same email address you used to attend the event. Please note that sometimes the automated email can end up in your spam or junk folder.
Yes. CPEs issued from other organizations are accepted towards your CPE requirements. See our Qualifying Continuing Professional Education requirements for more information.
Certification holders must pay an annual maintenance fee of US $100.00 to maintain their certification. This amount is subject to change.
We are working on accepting payment through our portal, but it is not quite ready for launch. In the meantime, email us at education@sharedassessments.org and we will send you a link for payment.
If you are in good standing with an Associate certification and meet your five-year experience requirement, the process is simple. Upon request, we will send you the necessary form. Similar to your initial application, you’ll need to enter in your work experience since receiving your Associate Certification and have your current manager sign a verification form. For more information, please contact education@sharedassessments.org to request information on making the transition from associate to full designation.
The process for reinstating your lapsed certification will depend on how long your certification has been lapsed. If it has been under 2 years, we will reinstate your certification upon receiving all outstanding fees and/or proof of required CPEs. If it has been over 2 years, you will be required to retake the class and the exam at your own expense.
If you have additional questions, please contact us by calling Shared Assessments at 505-466-6434 or emailing us at education@sharedassessments.org.