Standardized Control Assessment (SCA) Procedure Tools
The SCA assists risk professionals in performing onsite or virtual assessments of vendors. It is a holistic tool for onsite assessments of cybersecurity, IT, privacy, data security and business resiliency in an information technology environment. This is the “verify” portion of a third party risk program and was created leveraging the collective intelligence and experience of our vast member base. It is updated every year in order to keep up with the ever-changing risk environment and priorities.
What’s Included In the SCA?
After purchasing the SCA, you will be able download the tool and supporting materials (templates, checklists, guidelines).
SCA Getting Started Guide
Familiarizes users with the tool, the parties and the assessment process. It contains all the reference material needed to use the SCA Report Template for assessing an organization. A large part of the guide focuses on the details around preparing for, executing and reporting the results of an assessment.
These voluntary guidelines are intended for use by third party risk assessors that use the Standardized Control Assessment (SCA) procedures to ensure consistency related to execution and reporting of an SCA Engagement.
SCA Report Template
Standardized and customizable set of testing procedures provided in excel format.
Assessment Best Practices Checklist
Best practices for planning and execution of an SCA engagement.
SCA Executive Summary Data Table Templates
Instructions and selection of optional sample templates that can be modified to create an executive summary report.
SCA Executive Summary Reporting Template
Sample tables you can use to craft your SCA Executive Summary.
“The SCA is a very useful tool in conducting objective, fact-driven assessments. The SCA provides best practices for analysis of cross-industry risk domains that are applicable to mature TPRM programs.”
—Angela Davis Dogan, MBA/TM, CTPRP, CTPRP, Founder & CEO, Davis Advisory Services, LLC
The SCA is Used by 15,000+ People World-Wide
- Risk Management
- Security Policy
- Organizational Security
- Asset and Info Management
- Human Resource Security
- Physical and Environmental
- IT Operations Management
- Access Control
- Application Security
- Incident Event and Comm Mgmt
- Business Resiliency
- End User Device Security
- Network Security
- Threat Management
- Server Security
- Cloud Hosting
SINGLE LICENSE: $5000
The SCA is a holistic tool that assists risk professionals in performing onsite or virtual assessment of vendors.
BECOME A MEMBER
Shared Assessment membership includes access to all our tools in our third party risk toolkit, including the SCA.