On Demand Events

Explore the latest findings from the 2025 Critical Third-Party Survey as panelists analyze key trends and compare them with the 2023 results. This session provides an updated perspective on critical third parties, highlighting the impact of increasing global regulatory scrutiny. Join this engaging and interactive discussion where experts will bridge the gap between identifying and quantifying critical third parties and integrating these insights into TPRM processes. Topics will include defining inherent risk criteria, employing effective risk tiering techniques and models, and leveraging tools such as Shared Assessments' TPSIRR framework. Gain practical strategies to enhance your organization's approach to managing critical third parties in today’s dynamic risk landscape.

Modern third-party risk management (TPRM) programs do more than just mitigate risk or check a compliance box—they create measurable business value. But many TPRM teams are set up to fail with a reactive, resource-intensive approach. In this session, you’ll learn how to flip that script with streamlined, value-generating TPRM that supports business resilience and growth. We’ll explore how:

- AI-powered, automated vendor risk assessments make your team more effective at identifying and mitigating risk in a fraction of the time
- Modern TPRM moves away from lengthy questionnaires toward insight-rich, on-demand security data
- Greater efficiency leaves you with extra resources that can be re-allocated to business-critical tasks

If you’ve ever been called a “cost center” or “necessary evil” (or if you just want more time back in your day), this is the session for you!

In today's complex risk landscape, organizations must effectively assess and manage third-party risks to safeguard their operations and data. The Shared Assessments Program offers two pivotal tools to streamline this process: the Standardized Information Gathering (SIG) questionnaire and the Standardized Control Assessment (SCA) procedures. This webinar will delve into how the SCA complements the SIG, forming a comprehensive "trust but verify" approach to third-party risk management. Attendees will gain insights into: Understanding the SIG and SCA: An overview of each tool's purpose, structure, and application in evaluating vendor risk. Alignment and Integration: Strategies for integrating SCA procedures with SIG responses to validate vendor-provided information and ensure robust risk assessments. Practical Implementation: Best practices for scoping assessments, conducting evaluations, and utilizing findings to enhance your organization's third-party risk posture. Join us to learn how leveraging the synergy between the SIG and SCA can lead to more efficient and effective third-party risk management, ultimately strengthening your organization's resilience against emerging threats.

This session will explore how companies are navigating the challenges of AI adoption, evolving service models, and addressing new risks. The discussion will emphasize the importance of strong governance, talent management, and the strategic integration of AI, digital engineering, and cloud solutions to ensure ongoing competitiveness in a rapidly changing market. We will also share an update what we are seeing from our clients regarding the testing and implementation of AI models and the governance structures that our enterprise clients are deploying. Key discussions will include:
- Evolving Governance: How AI and digital transformation are reshaping governance practices across industries.
- Risk Management: Identifying and mitigating the unique risks associated with AI deployment.
- Future Workforce: Developing strategies to prepare and manage talent in a tech-driven world.

Join Shared Assessments CEO Andrew Moyad and Senior Advisor Jen Hancock for a dynamic, fireside-chat-style discussion on the top trends shaping Third Party Risk Management in 2025. Together, they’ll explore how advancements in Artificial Intelligence, evolving global regulations, complex supply chain risks, governance strategies, and continuous monitoring solutions are redefining the TPRM landscape. This engaging session will provide expert insights into the key challenges practitioners face and offer practical strategies for preparing your organization to adapt and thrive. Don’t miss this opportunity to gain actionable takeaways and listen in on a candid, forward-looking conversation designed to leave you ready to tackle what’s next in TPRM.

The Shared Assessments Insurance Committee discussed the importance of application-level encryption, with 84% of respondents requiring it. They debated key rotation, with 30% mandating annual rotation. The committee also explored the use of third-party assessments and certifications, noting that 20% accept them fully, while 30% use them partially. The conversation highlighted challenges in managing assessment questionnaires, with typical high-risk assessments ranging from 200 to 300 questions. The meeting concluded with plans to address data minimization efforts, AI programs, and regulatory changes in future meetings.

The meeting discussed the impact of AI regulations on third-party risk management. Key points included a recap of 2024 which included summaries as well as a review of the similarities and differences between the Executive Order, EU AI Act, and UK AI Laws. The panelist then defined AI Systems, AI Deployer, and AI Provider before several use case scenarios were explored on the different impacts these regulations would have on them. Use case examples included AI Deployer of a multinational bank organization with EU operations; : AI Deployer of a US-based Healthcare provider active in the EU Market, and AI Provider of a high-risk AI system. The committee then looked ahead into what might be expected in 2025 & beyond in the US, UK, and EU.

Join Shared Assessments and Mirato as we explore how MARS Incorporated leverages AI to drive impactful efficiencies in their risk management processes. As a global snacking, petcare, food & nutrition company, operating in over 80 countries with a diverse product range, MARS skilfully navigates the complexities of supply chains and vendor networks. By utilizing the Mirato Questionnaire Killer™ (MQK), MARS has significantly reduced assessment time while increasing accuracy. This session offers a real-world AI risk management use case—bring your own Skittles, M&M's, or Snickers!

The Financial Services Committee discussed various topics, including the impact of the Bank of England's ruling on critical third parties, the importance of supply chain & geopolitical risk management, and the FFIEC's updated handbook. Key points included the need for proactive monitoring of critical vendors, leveraging data sources, and understanding the financial stability of vendors. The committee emphasized the importance of aligning third-party risk management programs with regulatory expectations and maintaining up-to-date policies. They also highlighted the necessity of involving senior management and compliance teams in analyzing and addressing regulatory changes to ensure compliance and resilience.

This session will feature an overview of the 2025 Shared Assessments Product Family, focused on Regulatory Mappings: DORA, NIS2, and CSF NIST 2.0. We will review the impact of the new regulatory mappings covered by the Standardized Information Gathering (SIG) Questionnaire and discuss new updates to the TPSIR, such as clarity, weighting, and customizability. We will also preview the new SIG Content Library API.