Select Page

Third party Risk Tools

The Shared Assessments Program Tools provide rigorous standards for building and enhancing third party risk programs. Using industry best practices, the tools follow a “trust, but verify” approach to conducting vendor assessments.

img

Trust

Standardized Information Gathering (SIG) Questionnaire

The SIG is a holistic tool for risk management assessments of third party cybersecurity, IT, privacy, data security and business resiliency in an information technology environment.

Add to cart

Verify

Agreed Upon Procedures (AUP)

The AUP is a holistic tool for performing onsite risk assessments and to verify the information provided in the SIG. The AUP is customizable to a organization’s needs and defines 17 critical risk control areas.

Add to cart

img

Benchmark

Vendor Risk Management Maturity Model (VRMMM)

The VRMMM is a tool for evaluating maturity of third party risk programs. This tool is free for members and non-members and measures programs against a comprehensive set of best practices.

Free Download

Product Bundle Features

Included Features SIG
2017
Bundle
SIG Lite
2017
Bundle
AUP
2017
Bundle
Vendor Risk
Management
Maturity Model
2017
Complete
2017
Bundle
SIG 2017 X X
SIG 2017 Lite X X X
SIG 2017 Management Tool X X
SIG Lite 2017 Management Tool X X X
SIG Overview X X X
SIG How to Guide X X X
SIG Coping Companion Sample X X X
AUP 2017 X X
AUP 2017 Report Template X X
AUP 2017 Overview
Vendor Risk Management Maturity Model 2017 X X
Vendor Risk Management Maturity Model Overview 2017 X X

Shared Assessments Program tools allow enterprise organizations to evaluate and measure the level of IT risk across their vendors in a quantifiable, objective and Repeatable process.

Niall Browne

SVP Trust & Security, CSO at Domo, Inc.

  • Membership

    The Shared Assessment Program Tools are free for members of Shared Assessments. Learn more about Membership.

    Membership Info