Select Page

Third Party Risk Tools

The Shared Assessments Program Tools provide rigorous standards for building and enhancing third party risk programs. Using industry best practices, the tools follow a “trust, but verify” approach to conducting vendor assessments.



Standardized Information Gathering (SIG) Questionnaire

The SIG is a holistic tool for risk management assessments of third party cybersecurity, IT, privacy, data security and business resiliency in an information technology environment.

Add to cart


Standardized Control Assessment (SCA) Procedures

The SCA is a holistic tool for performing onsite risk assessments and to verify the information provided in the SIG. The SCA is customizable to a organization’s needs and defines 18 critical risk control areas.

Add to cart



Vendor Risk Management Maturity Model (VRMMM)

The VRMMM is a tool for evaluating maturity of third party risk programs. This tool is free for members and non-members and measures programs against a comprehensive set of best practices.

Free Download
Register to Download

Product Bundle Features

Included Features SIG
SCA 2018
VRMMM 2018 GDPR Tool Kit 2018 Complete
SIG 2018 (Full SIG, Lite SIG and Core SIG) X X
SIG 2018 Management Tool X X
SIG 2018 Overview X X
SIG How to Guide X X
SCA 2018 X X
SCA 2018 Report Template X X
SCA 2018 Overview X X
Vendor Risk Management Maturity Model 2018 X X
Vendor Risk Management Maturity Model Overview 2018 X X
GDPR Tool Kit 2018 X X

Shared Assessments Program tools allow enterprise organizations to evaluate and measure the level of IT risk across their vendors in a quantifiable, objective and Repeatable process.

Niall Browne

SVP Trust & Security, CSO at Domo, Inc.

  • Membership

    The Shared Assessment Program Tools are free for members of Shared Assessments. Learn more about Membership.

    Membership Info