This paper provides a quick overview and concrete action steps that will help organizations achieve superior outcomes over time. Traditional approaches that rely solely on point-in-time assessments can no longer keep up with rapidly changing or emerging risks. Determine how to make your program work ....
This briefing paper provides a foundation for a more robust TPRM style – one that applies complex adaptive systems to the field of risk management to help practitioners understand step-function, cascading improvements in risk management processes they can apply to their own programs. The related ....
This Building Best Practices resource: Examines how to improve due diligence assessment productivity. Identifies a strong strategy that leverages control verification reports. Documents a means of examining existing artifacts to more efficiently scope any remaining due diligence. A p ....
This Executive Summary provides an overview of the challenges related to emerging technologies and key steps identified to help establish effective risk monitoring programs that are responsive to potential risks related to new technologies. This is the companion to the more in-depth briefing paper. ....
The Role of ERM in Managing Risks Related to New Technologies and its companion Executive Summary document examine the challenges that come with significant technology shifts, such as IoT, AI, 5G and quantum encryption and computing; and the valuable role that the board and C-suite can play in helpi ....
This set of General Data Protection Regulation (GDPR) resources have been updated to provide insights to the Third Party risk community and include background on the regulation and guidance on how to integrate GDPR requirements into TPRM programs. These resources work in conjunction with the Shared ....
This set of California Online Consumer Privacy Act (“CCPA”) resources are provided to share insights and best practices on how to understand aspects of CCPA and the implications that this regulation has on Third Party risk management. These resources work in conjunction with the Shared Assessmen ....
TPRM practices are ideally suited to enhancing M&A outcomes. By applying TPRM best practices, a wider range of risks deeper in the supply chain can be examined than is typically achieved in M&A due diligence. The guide outlines specific best practices to help lower risks; discusses acquirer ....
Third party risk managers are struggling to convey the need for the additional resources to develop and sustain a robust TPRM program. Shared Assessments members came together to create a coherent picture of the emerging challenges and provide actionable tools that practitioners can use to document ....
This “Gaining Ground” briefing paper is phase one of the two-phase cooperative project led by the Shared Assessments’ Continuous Monitoring working group. This group has galvanized practitioners from 57 member organizations, as well as non-member CM solution providers in the Taxonomy Subgroup, ....
