Papers and Studies

As organizations increasingly rely on third-party vendors, having a well-defined approach to vendor terminations becomes essential for maintaining operational continuity and mitigating risks. This paper outlines how organizations can implement pre-determined, vendor-specific plans that facilitate smooth transitions and protect business continuity. By proactively managing termination risks, companies can minimize disruptions and safeguard critical operations. Key […]

This paper delves into how operational resilience and business continuity planning are key to building a robust, risk-resilient supply chain. It shows how organizations can enhance their Third-Party Risk Management (TPRM) by using measurable metrics to assess supplier performance, identify risks, and close gaps. By aligning vendors with resilience goals, companies can fortify their supply […]

The SIG Questionnaire is used to evaluate the risk controls of an organization’s vendors and service providers. When scoping your Vendor Risk Questionnaires, which SIG should you use? The SIG offers three tiering structures – the SIG Lite, the SIG Core, and the SIG Detail Questionnaire. This paper defines each of the tiers and their […]

Shared Assessments’ Third-Party Risk Management (TPRM) Product Suite incorporates a wide body of international laws, regulations, and industry sector guidelines and frameworks in the Standardized Information Gathering (SIG) Questionnaire and the Standardized Control Assessment (SCA) Procedure. The 2025 SIG contains direct mappings to 31 of the most critical Reference Documents, which are included within the […]

This guide introduces and defines 21 of the most critical and current risk domains within four key areas. The guide describes why organizations need to acknowledge each risk domain and offers concrete suggestions of how organizations can account for risks presented by each domain.

As complex supply chains become commonplace, understanding their intricacies and interconnectedness is essential. This paper offers valuable insights into the evolving regulatory environment and highlights the importance of proactive risk management strategies. Learn how to identify and mitigate risks across your entire supply chain—not just with third-party vendors—ensuring your organization remains resilient amid disruptions. Discover […]

Rapid advancements in AI are revolutionizing industries, bringing remarkable opportunities and notable concerns regarding social and governance implications. This comprehensive paper explores the latest and best practices in TPRM governance, focusing on how AI can enhance the efficiency and effectiveness of managing third-party risks in the supply chain. This invaluable resource provides practitioners and executives […]

Many organizations struggle to identify the scope of their third-party and Nth-party engagements, as well as the associated risks from these extended networks. By implementing continuous monitoring, businesses can uncover hidden Nth-party providers that are otherwise undetectable. This paper explores the essential steps to establish a robust TPRM continuous monitoring program, detailing what to monitor […]

This member spotlight highlights how New York Life Insurance “Keeps Their House In Order” by utilizing Shared Assessments education, products, thought leadership, and networking opportunities. By effectively managing third-party risks and building a resilient TPRM program with the support and structure of a Shared Assessments membership, New York Life Insurance continues to safeguard against potential […]

The purpose of this paper is to highlight best practices in governance of Third Party Risk Management (TPRM). Governance in this context refers to a formalized program framework that supports an organization’s strategic business objectives. Strong program governance helps foster efficient use of resources, greater transparency, and an environment of trust. This briefing focuses on […]

The Standardized Information Gathering (SIG) Questionnaire acts as a bridge between vendors and outsourcers, offering value to both parties in managing third-party risk. Outsourcers use the SIG to assess their existing and prospective service providers, while vendors use the SIG to respond to these same customers. In this way, the SIG Questionnaire creates a common […]

This member spotlight highlights Becky Brown, Program Manager for Third Party Risk Management for SEI Investments Company, and how Shared Assessments’ education, third-party risk summit, and products have helped shape her career and TPRM program. Brown is a breath of fresh air upholding the greater power of risk management we believe in here at Shared […]