Papers and Studies

Stay on top of the latest in Third-Party Risk Management (TPRM) with Shared Assessments’ papers and studies. Learn industry trends and take away best practices to improve your approach. Read on and rock on, risk management!

Internet of Things (IoT): A New Era of Third Party Risk

With the proliferation of IoT devices in the enterprise, managing third-party risks to sensitive and confidential data has become a herculean task. As revealed in The Second Annual Study on the Internet of Things (IoT): A New Era of Third-Party Risk, companies are deeply concerned that failure to prevent a data breach or cyber attack […]

Register to Download

Balancing Compliance & Convenience in Digital Device Use

Have we become convenience junkies? We have become a mobile society, a mobile economy, and we live a mobile life. Seventy-seven percent of Americans now own smartphones. How do we balance this convenience with privacy, security and risk? Linnea Solem, Chairperson of the Shared Assessments Program Privacy Working Group, explores that balance in this article. […]

2017 Vendor Risk Management Benchmark Study

As rapidly changing risk and regulatory environments continue to challenge vendor risk management capabilities, the results of the latest Vendor Risk Management Benchmark Study show that: Organizations in all industries are making incremental progress in improving how they manage vendor and third party risks. Governing boards are increasing their level of engagement with cybersecurity risks, […]

Register to Download

Risk Rating Third Parties: Optimizing Risk Management Outcomes

The objectivity of a risk rating process that follows best practices informs a more effective evaluation and comparison of third party control postures. This paper discusses what third party risk rating is, what risk rating is needed and how an organization can apply risk rating best practices as part of their risk management program. It […]

Assessment of Public Cloud Computing Vendors

Unique concerns exist around assessing security and controls for public cloud vendor use. This paper addresses those concerns and emerging best practice solutions for outsourcers seeking a Cloud Service Provider (CSP), as well as outsourcers engaging in relationships with third parties that use a CSP.

Register to Download

Evaluating Cloud Risk for the Enterprise – An Updated Shared Assessments Guide

In the past seven years we have seen tremendous changes in technology, personnel and business practices. Cloud has now become the de-facto industry model for providing a computing service. Mobile has become the most common model for accessing data. Cloud platforms are managing billions of Internet of Things (IoT) devices daily; and new exciting developments […]

Register to Download

The Internet of Things (IoT): A New Era of Third-Party Risk

Ready or not, IoT third party risk is here. Given the proliferation of connected devices, today’s cyber climate is evolving and organizations have to shift their focus to the security of external parties, now more than ever,” said Charlie Miller, Senior Vice President with the Shared Assessments Program. “In order to avoid becoming the next […]

Register to Download

Fourth Party Risk Management Paper

Risk from downstream parties is increasing as outsourcing organizations engage more and more third parties who themselves have their own outside provider relationships. The proliferation of fourth party relationships provides the undesired opportunity for the existence of significant risk management gaps.

Register to Download

2016 Shared Assessments Benchmark Study

The 2016 Vendor Risk Management Benchmark Study by Shared Assessments in collaboration with global consulting firm Protiviti examines the maturity of vendor risk management.

Register to Download

Building Best Practices in Third Party Risk Management: Involving Procurement Paper

Establishing a strong standard for risk management means including all stakeholders before a third party is brought on board.  The paper focuses on ways to effectively integrate Procurement into the third party oversight function.

Register to Download

Tone at the Top Paper

DID YOU KNOW? Consensus is quickly growing that an effective risk culture cannot be developed without a “Tone at the Top” that demonstrates, beyond doubt, that the Board and C-Suite are active in building and maintaining an effective enterprise risk management culture and program, inclusive of third party risk issues. The right Tone at the […]

Register to Download

Financial Services Industry Call to Action

The increased connectivity and complexity of critical infrastructure systems both nationally and globally puts economic and public security squarely at the forefront of risk management in every sector and industry vertical. A proactive stance is clearly required to establish best practices for more mature risk management programs industry-wide. The financial services industry is in position […]

Register to Download
1 4 5 6 7