Papers

Executive Summary: Principles of Third Party Contract Development, Adherence & Management

This Executive Summary provides and overview of third party contract best practices for setting realistic expectations for both parties regarding due diligence, contract negotiations, onboarding, oversight (including control assessments), reporting requirements and terminations. The Summary contains ....

Register to Download

Principles of Third Party Contract Development, Adherence & Management

Principles of Third Party Contract Development, Adherence & Management and its companion Executive Summary document, discuss how robust contract development practices provide benefits to both the outsourcer and the third party provider. These resources provide guidelines for developing a defined ....

Register to Download

Balancing Compliance & Convenience in Digital Device Use

Have we become convenience junkies? We have become a mobile society, a mobile economy, and we live a mobile life. Seventy-seven percent of Americans now own smartphones. How do we balance this convenience with privacy, security and risk? Linnea Solem, Chairperson of the Shared Assessments Prog ....

Register to Download

Risk Rating Third Parties: Optimizing Risk Management Outcomes

The objectivity of a risk rating process that follows best practices informs a more effective evaluation and comparison of third party control postures. This paper discusses what third party risk rating is, what risk rating is needed and how an organization can apply risk rating best practices as pa ....

Register to Download

Evaluating Cloud Risk for the Enterprise - An Updated Shared Assessments Guide

In the past seven years we have seen tremendous changes in technology, personnel and business practices. Cloud has now become the de-facto industry model for providing a computing service. Mobile has become the most common model for accessing data. Cloud platforms are managing billions of Internet o ....

Register to Download

Assessment of Public Cloud Computing Vendors

Unique concerns exist around assessing security and controls for public cloud vendor use. This paper addresses those concerns and emerging best practice solutions for outsourcers seeking a Cloud Service Provider (CSP), as well as outsourcers engaging in relationships with third parties that use a CS ....

Register to Download

Fourth Party Risk Management Paper

Risk from downstream parties is increasing as outsourcing organizations engage more and more third parties who themselves have their own outside provider relationships. The proliferation of fourth party relationships provides the undesired opportunity for the existence of significant risk management ....

Register to Download

Continuous Monitoring of Third Party Vendors: Building Best Practices

Moving the Needle on Longitudinal Tracking for More Effective Processes Continuous monitoring, a subset of ongoing monitoring, moves the risk posture of systems to a level that allows tracking over time, often in real-time, to raise awareness of changing vulnerabilities and processes for more eff ....

Register to Download

Building Best Practices in Third Party Risk Management: Involving Procurement Paper

Establishing a strong standard for risk management means including all stakeholders before a third party is brought on board.  The paper focuses on ways to effectively integrate Procurement into the third party oversight function. ....

Register to Download

Financial Services Industry Call to Action

The increased connectivity and complexity of critical infrastructure systems both nationally and globally puts economic and public security squarely at the forefront of risk management in every sector and industry vertical. A proactive stance is clearly required to establish best practices for more ....

Register to Download
« Previous PageNext Page »

This site uses cookies

Please note that on our website we use cookies necessary for the functioning of our website, cookies that optimize the performance.
To learn more about our cookies, how we use them and their benefits, please read our Cookie Policy and Privacy Policy.