This guide introduces and defines 21 of the most critical and current risk domains within four key areas. The guide describes why organizations need to acknowledge each risk domain and offers concrete suggestions of how organizations can account for risks presented by each domain.
Impact of Covid-19 On Profile and Management of Third Parties In and outside of work, the Covid-19 pandemic was a mandatory exercise in flexibility. What are the workplace shifts we see impacting third-party risk management as we emerge from the pandemic? This FREE guide emphasizes how the pandemic has affected profile and management of third parties […]
Guide: Geopolitical Risk What does geopolitical risk mean for your organization and third party risk management (TPRM)? The risks emerging from recent Russian aggression against Ukraine have potential consequences for your organization’s Business Continuity, Compliance, Cyber, Data Privacy, Supply Chain, and Technology risks. This guide helps those managing third party risk to understand and manage […]
Business Case for Third-Party Risk Management (TPRM): A Starting Point For Senior Leadership As part of our ongoing support to the larger, global community of third-party risk practitioners and programs, Shared Assessments and Third Party Risk Association (TPRA) have together prepared The Business Case for Third Party Risk Management (TPRM): A Starting Point for Senior Leadership. At […]
In the current business landscape, organizations rely on numerous third and Nth parties to produce goods and services. The complexity of these outsourcing activities makes it difficult to understand risks across the supply chain. At the same time, new risks are mounting, and the frequency of severe events is increasing placing new demands on risk […]
What is the Third-Party Risk Quantification paper about? In the current business landscape, organizations rely on numerous third and Nth parties to produce goods and services. The complexity of these outsourcing activities makes it difficult to understand risks across the supply chain. At the same time, new risks are mounting, and the frequency of severe […]
Third Party Risk Management: Landscape Overview We surveyed more than 600 third-party risk management (TPRM) executives and practitioners directly involved with their organizations’ approach to vendor risk management. This infographic gives an overview of what we learned about trends, challenges, and priorities in risk management. What Topics Does This Cover? Security and Privacy. Emerging and Cascading Risks. […]
We surveyed more than 600 third-party risk management (TPRM) executives and practitioners directly involved with their organizations’ approach to vendor risk management. This infographic gives an overview of what we learned about trends, challenges, and priorities in risk management.
Securing Your Software Supply Chain Shared Assessments recommends a specific due diligence process for understanding third-party patch management capabilities using our industry-leading Standardized Information Gathering (SIG) Vendor Risk Questionnaire. In the case of #Spring4Shell (or alternatively #SpringShell), we recommend you review your previous risk assessments first, instead of initiating new Questionnaire requests in your vendor […]
Geopolitical risk stems from war, terrorism, and even ongoing tensions between states that derail normal and peaceful international relations. Geopolitical risk has an adverse impact on the delicate balance of the world’s economy, security, and political relations. What does geopolitical risk mean for your organization and third party risk management (TPRM)? Risks emerging from recent Russian aggression against Ukraine have potential consequences […]
Guide To Risk Domains This guide introduces and defines nineteen of the most critical and current risk domains within four key areas. The guide describes why organizations need to acknowledge each risk domain and offers concrete suggestions of how organizations can account for risks presented by each domain. What Are Risk Domains? Risk domains are […]
This paper provides a unified continuous monitoring cybersecurity taxonomy. A living document designed to evolve with the cybersecurity landscape, the taxonomy advances communication about evaluating and monitoring the impact of cyber threats. Cybersecurity monitoring solution providers, outsourcers, and third party service providers collaborated in Shared Assessments’ Continuous Monitoring Working Group to develop this first version […]
