SIG Questionnaire

No. Choosing to exclude one question does not mean related questions will not apply. See page 21 in the 2024 SIG Manager/SIG Questionnaires User Guide.

A Control Family is a scoping method used to classify risk types and the way organizations control them. Control Families are at a program level and describe controls as a function or action (what does this mean taken from the user guide?) See page 19 in the 2024 SIG Manager/SIG Questionnaires User Guide.

The Control Attribute is associated with the question in the Content Library. It aligns with Control Families that identify potential control elements or artifacts that enable evidence of the control. See page 19 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Yes. Up to 100 additional Custom questions can be added below the Content Library questions during the scoping phase of the SIG template (Domain Z: Additional Questions). After adding these custom questions to the Content Library worksheet, they will be included in the custom-scoped template and thereafter, in the Questionnaire you create from that template. See page 41­­ in the 2024 SIG Manager/SIG Questionnaires User Guide.

Yes. Column A in the Content Library allows you to manually Include and Exclude questions that do not meet the requirements of your assessment. See page 42­­ in the 2024 SIG Manager/SIG Questionnaires User Guide.

A Response Template is used to enter responses to questions (and other relative details such as Scoring) that an Outsourcer (as an Assessor) expects to receive from a Third-Party Service Provider. The Template would then be used to compare responses from a Service Provider’s SIG Questionnaire. A Response Template can also be used by a Service Provider to proactively fill in responses and all related details to send to the Outsourcer. See page 25­­ in the 2024 SIG Manager/SIG Questionnaires User Guide.

Compare SIG Data is available in its own section within the SIG Manager. You may Compare a received SIG Questionnaire to your Response Questionnaire or Compare a received Questionnaire to your Response Template (requires that a Response Template be created and saved first). See page 29 in the 2024 SIG Manager/SIG Questionnaires User Guide.

You may create one or more Subject Matter Expert (SME) SIG Questionnaires using saved SIG Scoping Templates (for the scope level) and Response Templates (to include any responses, comments, notes, or additional information you may have added in the Content Library). Thereafter, you can send the Questionnaire to SMEs in your organization—internal use only. See page 26 in the 2024 SIG Manager/SIG Questionnaires User Guide for further details.

When the Questionnaire is returned, you will use the Append function in the Recall/Modify Template section on the SIG Manager worksheet. See pages 27 in the 2024 SIG Manager/SIG Questionnaires User Guide for further details.

The Tab Automation feature is available within a SIG Questionnaire on the SIG 2024 or individual Domain worksheets. It is Enabled by default to activate the dynamic function of the primary (parent) and subsidiary (parent/child/grandchild/great-grandchild) questions at all levels. See page 37 in the 2024 SIG Manager/SIG Questionnaires User Guide for further details.

The only products available in languages other than English are related to the SIG. They are questionnaires and are not full translations, as only the questions have been translated. It’s worth noting that these translations were not verified by Shared Assessments, meaning that they can’t be guaranteed. If you require a translated product, please get in touch with the Product Support Team at https://sharedassessments.org/product-support-center/, and someone will contact you.

The SIG Questionnaire workbook is already password-protected. However, to prevent changes to values that have been entered please contact the Product Support Team at https://sharedassessments.org/product-support-center/, and someone will contact you.

Modifications outside the intended use of any Shared Assessments Product may not be made without the express written consent of Shared Assessments LLC. This includes but is not limited to the adding, removing, or reformatting of the cells, rows, columns, or tabs within each product.

You may request to join a live demonstration or take the SIG Fundamentals course using the links below. A written reference is the 2024 SIG Manager/SIG Questionnaires User Guide with supplemental documents provided in your download after purchase.

• Live demo: https://sharedassessments.org/live-demo/
• SIG Fundamentals: https://sharedassessments.org/sig-fundamentals/

No. Products are provided to Members, Subscribers, and via a license (Licensee). Refer to the Copyright tab on the SIG Manager Product.

Yes. You can add up to two Custom Policies to the Content Library. When selecting the four Mapping References you wish to identify in your Custom SIG Scoping Template and related Questionnaire, you may check off those boxes on the SIG Manager worksheet before you save the Template. See page 43 in the 2024 SIG Manager/SIG Questionnaires User Guide for further details.

Yes. You can add up to two Custom Policies to the Content Library. When selecting the four Mapping References you wish to identify in your Custom SIG Scoping Template and related Questionnaire, you may check off those boxes on the SIG Manager worksheet before you save the Template. See page 43 in the 2024 SIG Manager/SIG Questionnaires User Guide for further details.

The SIG Manager is the engine of the Product with the functionality to perform Standardized Information Gathering (SIG) operations. Built within the MS Excel spreadsheet application, it allows users to create, customize, store, compare, and recall customized templates as well as manage SIG data. See page 2 in the 2024 SIG Manager and Questionnaires User Guide.

The SIG Questionnaire is the Excel document created by the SIG Manager from the stored template. You may create a Questionnaire from a Standard SIG Scoping Template or customize your own Template (Custom SIG Scoping Template) and create a Questionnaire. See page 2 in the 2024 SIG Manager and Questionnaires User Guide.

Since SIG Manager operates within Excel, there may be security measures in your organization’s shared environment. Move the Product to a local environment. When you open the SIG Manager, enable content and editing when prompted. Start with page 3 in the 2024 SIG Manager/SIG Questionnaires User Guide for complete instructions.

Access to the SIG Manager Product is licensed to Product Subscribers and Members. Entering a company name enables the functionality of the Product. Moreover, it is the company name you enter that will transfer to each worksheet within the SIG Manager, and each document you output. See the Copyright tab on the SIG Manager for more information, and page 3 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Yes. There is a button to “Change Company Name” on the Common Options worksheet in Column B. Save appropriately. See page 25 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Macros are necessary to run the SIG Manager Product. Check with your organization’s IT Security team. Ensure that the Product has been moved to a secure but local environment. See page 11 in the 2024 SIG Manager/SIG Questionnaires User Guide.

No, the SIG Manager requires macros to function properly.

Yes, macros are not required for the completion of a Questionnaire. However, disabling macros will then display all questions on the SIG 2024 or Domain worksheet(s) that may not apply to the scoped services. The ‘Jump To’ and ‘Export JSON’ functionalities will also not work if macros are disabled.

Yes. The Recall/Modify function allows you to save a template under the same or a different name. See page 23 in the 2024 SIG Manager/SIG Questionnaires User Guide.

You will receive instructions with your Membership or Product Subscriber purchase, associated with your new login to the website. Any new versions of the Product are posted on the website. On the Member Portal, scroll down to the Products section, and download from there.

On the SIG Manager worksheet, click Upgrade in the Manage SIG Data section (Line 21) and select the file to upgrade from, then click Open. This action will take all information saved in the previous version and transfer it to the updated version (e.g., custom templates, response templates in the Content Library, etc.) See page 31 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Yes. You can transfer responses from any version of the SIG Manager back to version 2021 using the Migrate function within the Manage SIG Data section of the SIG Manager. You need an answered SIG Questionnaire as a source file, and another SIG Questionnaire as a destination file to migrate. See page 32 in the 2024 SIG Manager/SIG Questionnaires User Guide for further instructions.

The Shared Assessments Program only provides the SIG Products for user interfaces in Microsoft Excel currently. The SIG Manager can export custom-scoped and response templates in a standardized technical format called “JSON” (JavaScript Object Notation) that is recognized by various types of software and interfaces. See page 32 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Scoping is the act of configuring or creating a SIG Template by choosing the type and level of questions that are appropriate to your assessment requirements. You must scope or create a SIG Scoping Template before you can save it or use it to generate a Questionnaire. See page 8 in the 2024 SIG Manager/SIG Questionnaires User Guide.

The level of SIG to choose is based on the depth and breadth of due diligence you need based on the third-party risk rating and vendor classification. Two default Standard SIG Scoping Templates are provided. The SIG Lite provides a foundation of low-risk level questions for third parties, while the SIG Core provides a comprehensive set of questions for third-party service providers that pose a higher risk. See page 8 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Not typically. The SIG Content Library provides an inventory of vetted questions that are available for Outsourcers to choose from when scoping a detail-level risk assessment for a Service Provider, or “deep-dive” assessment on a specific industry sector topic. Detailed scope-level questions are not included in Standard SIG Questionnaires since they are designed for more customized assessments. See page 5 in the 2024 SIG Manager/SIG Questionnaire User Guide.

No. According to the Shared Assessments Terms of Use, questions may not be edited without written permission. However, custom questions can be added. The SIG Manager allows you to add up to 100 custom questions within the Content Library for inclusion in your custom-scoped Questionnaires. See page 41 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Attempting to move or remove anything from the SIG Manager Product is not possible because it is password-protected to maintain the integrity of the Product and applies to the Terms of Use. You may, however, hide and unhide columns and rows on the Questionnaire but the recipient of that document will be able to unhide it at any time. See page 13 in the 2024 SIG Manager/SIG Questionnaires User Guide.

You may create your Custom SIG Scoping Templates with single or multi-worksheet formats and generate Questionnaires from them. Standard SIG Scoping Templates create Standard SIG Lite and Standard SIG Core Questionnaires with a single worksheet format only. See page 17 in the 2024 SIG Manager/SIG Questionnaires User Guide.

Yes. You may choose any number of Risk Domains or Control Families that meet the needs of the assessment, whether you are an Outsourcer preparing to send a risk assessment to a Third-Party Service Provider or a Service Provider preparing an internal assessment to send to the Outsourcer. You may also mix scope levels (Lite, Core, Detail) for each Domain or Control Family. See page 17 in the 2024 SIG Manager/SIG Questionnaires User Guide.

The SIG Questionnaire cannot accommodate more than four mapping references at this time, due to space limitations in Excel. For more information on Mapping References, see page 17 in the 2024 SIG Manager/SIG Questionnaires User Guide.