Data Privacy Scoping Template Given the pace and complexity of data protection regulations, Shared Assessments provides a free, scoped Privacy Standardized Information Gathering (SIG) Questionnaire mapped to privacy frameworks. This template helps organizations complete third party data privacy r ....
Scoping Template Shared Assessments has released a free Standardized Assessment Tool for the Log4j risk. With this scoping template, you will be able to conduct your own vulnerability assessment and share the form with your vendors for a holistic view of Log4j risk across your supply chain. Registe ....
This briefing paper provides insight into gaining greater supply chain sovereignty by identifying critical dependencies across both inbound and outbound supply chains. Adopting this proactive stance provides many opportunities for organizations, including being ready to respond to the regulatory cha ....
This paper provides a quick overview and concrete action steps that will help organizations achieve superior outcomes over time. Traditional approaches that rely solely on point-in-time assessments can no longer keep up with rapidly changing or emerging risks. Determine how to make your program work ....
This briefing paper provides a foundation for a more robust TPRM style – one that applies complex adaptive systems to the field of risk management to help practitioners understand step-function, cascading improvements in risk management processes they can apply to their own programs. The related ....
This Building Best Practices resource: Examines how to improve due diligence assessment productivity. Identifies a strong strategy that leverages control verification reports. Documents a means of examining existing artifacts to more efficiently scope any remaining due diligence. A p ....
The Role of ERM in Managing Risks Related to New Technologies and its companion Executive Summary document examine the challenges that come with significant technology shifts, such as IoT, AI, 5G and quantum encryption and computing; and the valuable role that the board and C-suite can play in helpi ....
This Executive Summary provides an overview of the challenges related to emerging technologies and key steps identified to help establish effective risk monitoring programs that are responsive to potential risks related to new technologies. This is the companion to the more in-depth briefing paper. ....
This set of General Data Protection Regulation (GDPR) resources have been updated to provide insights to the Third Party risk community and include background on the regulation and guidance on how to integrate GDPR requirements into TPRM programs. These resources work in conjunction with the Shared ....
TPRM practices are ideally suited to enhancing M&A outcomes. By applying TPRM best practices, a wider range of risks deeper in the supply chain can be examined than is typically achieved in M&A due diligence. The guide outlines specific best practices to help lower risks; discusses acquirer ....
