Tools For Your Organization’s Third Party Risk Management Program
Leveraging the diverse industry experience and relationship perspective of our members, the toolkit embodies a “Trust, but Verify” approach based on vetted, standardized methodology. Our tools are updated every year to ensure they adapt to changing risk and regulatory environments. The tools are FREE to members and can be purchased at a 14% discount in the full toolkit.

Vendor Risk Management Tools
Our vendor risk management tools empower you to manage the full vendor assessment life cycle.
VRMMM
Vendor Risk Management Maturity Model
Benchmark and evaluate third party risk programs
- VRMMM User Procedure Guide
- VRMMM TPRM Program Assessment Tool
- VRMMM Executive Summary Reporting Template
- VRMMM Executive Summary Data Tables
Free to Download
SIG
Standardized Information Gathering Questionnaire
Build, customize, analyze and store vendor questionnaires
- SIG User Procedure Guide
- SIG Manager Tool
- SIG Implementation Workbook
- SIG Documentation Artifacts Request List
Single License: $4000 / Year
SCA
Standardized Control Assessment Procedure
Perform onsite or virtual assessments of vendors
- SCA User Procedure Guide
- SCA Tool
- SCA Best Practices Checklist
- SCA Documentation Artifacts Checklist
- SCA Executive Reporting Template
- SCA Executive Summary Data Tables
- SCA Guidelines
Single License: $3000 / Year
Data Governance
Data Governance Tools
Scope and evaluate a third party privacy assessment
- Data Governance User Procedure Guide
- Privacy SIG Questionnaire Template
- Privacy SCA Procedure Template
- Target Data Tracker
Free to Download
License the Full Toolkit, $6,000
From benchmarking to questionnaires to assessments – manage the entire lifecycle of third-party risk management.
You will save 14% off prices of licensing tools individually.
You will get everything included in:
- VRMMM
- SIG
- SCA
- Data Governance Tools
Our Tools Are Used by 15,000+ Members World-Wide
All of our tools are created by our members. They are included free for use to our members only.












“The Shared Assessments Toolkit is foundational in the area of third party risk. Third party risk managers rely on the tools to gather, assess and verify controls with ease and efficiency.”
Ron Bradley, Director, Cybersecurity Risk Management at Trane Technologies