This committee exchanges ideas and shares best practices related to the TPRM needs of the Healthcare sector. Areas of interest include, but are not limited to, regulatory requirements, emerging technology, program governance, and procurement.

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

The Foundations Committee focuses on the fundamentals of third-party risk for those in the early stages of their careers, who have recently become practitioners, or who are considering a new career path in third-party risk.

This committee provides a platform for networking, experience sharing, and practical skill building. Members will delve into essential components needed for a strong TPRM program, collaborate to tackle challenges, and gain confidence in using products and solutions to more effectively identify and manage third-party risks.

Enhanced Learning and Skill Development: By sharing real-world practices and activities, Foundations Committee members will gain practical insights and hands-on experience, which can significantly improve their understanding and skills in practicing third-party risk management activities throughout the lifecycle.

- Prepare for success in the CTPRP and CTPRA course/exam.
- Prepare participants to engage more actively in other committees.
- Gain an understanding of how Shared Assessments products and content can assist in executing your TPRM activities.

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

This online course runs February 11-12, 2026. The CTPRP designation is a professional credential designed to validate knowledge, experience, and proficiency in the design, structure, and implementation of a comprehensive Third-Party Risk Management (TPRM) Program. The program also incorporates best practices for TPRM program metrics, management reporting and evaluating the operational performance of the program. 12 Shared Assessments CPEs can be earned for completing the course.

As global regulators intensify their focus on third-party ecosystems, organizations must rethink how they identify, assess, and manage critical vendors through the lens of operational resilience. This session explores the shifting regulatory landscape and what it signals for the future of third-party risk. We’ll connect the dots between regulatory intent, sector-wide dependencies, and emerging pressures like AI-driven complexity. Attendees will walk away with clear considerations for strengthening resilience across their most critical third-party relationships.

The implementation of NIS2 and DORA represents a fundamental shift in regulatory expectations, requiring organizations to transition from static compliance to scalable, resilience-centric Third-Party Risk Management (TPRM). This fireside chat examines the strategic imperatives for operationalizing these frameworks within complex, high-volume vendor ecosystems. Through an executive lens, the session explores methods for aligning cross-functional teams, mapping overlapping regulatory requirements, and evolving beyond point-in-time audits toward continuous, proactive risk mitigation. Attendees will gain insights into securing executive buy-in and building a sustainable TPRM infrastructure capable of meeting the next generation of European cybersecurity mandates

Today’s complex risk, regulatory, and audit environments are undergoing rapid changes that affect almost every key outsourcing relationship. New Artificial Intelligence regulations are emerging at multiple levels (state, national, and regional), with divergence clearly evident. International jurisdictions are continually revising outsourcing codes (for example, in the European Union and the UK), and sustainability requirements in key regions are evolving rapidly, sometimes diverging. In a regulatory environment with this much flux, it is more important than ever that TPRM practitioners understand not just local outsourcing requirements, but also the direction of regulatory changes internationally.

Members and Content Licensees Only

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

The Products User Group is responsible for driving the design and development of new product concepts, ideas, existing and new content, and the functionality of solutions within the Shared Assessments Product Suite.

The Products User Group plays a critical role in shaping the future of the Shared Assessments Products Suite by ensuring every idea we consider delivers meaningful value to our members.

This user group will help us determine which concepts are most valuable and should be placed on our product roadmap by providing thoughtful feedback, and new product concepts and ideas. This user group will also foster open and structured collaboration between the product team and contributors, ensuring strategic alignment for Shared Assessments’ TPRM products.

Participants (Members, Subscribers, Content Licensees) of this user group must be currently using Shared Assessments products in your day-to-day job function.

Content Licensees registering for this user group must have the Shared Assessments products actively integrated to participate in this user group.

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

Today’s regulatory environment is characterized by unprecedented crosscurrents, with jurisdictions sometimes moving in opposite directions. At the same time, organizational risk profiles are changing in concert with a risk environment that's evolving more rapidly than ever before. This session will explore: • How regulatory and risk environments are changing and the consequences of these changes • The heightened necessity for risk-focused organizational agility • Overcoming roadblocks to achieve more efficient and effective third-party and supply chain risk management

Join us for an in-depth look at the Standardized Information Gathering Questionnaire (SIG) and its evolution into the web based SIG EV platform. This session will focus exclusively on the SIG Excel and SIG EV, demonstrating how organizations can modernize their third-party risk management approach.

The team will walk through how the SIG Evolution (SIG EV) serves as a SaaS-based upgrade to the traditional SIG Excel, offering a more intuitive interface, secure information sharing, live dashboards, built-in file validation, and role-based access. You’ll also gain clarity on when to leverage each version—whether you’re a vendor responding to assessments or an outsourcer managing third-party risk. This session is ideal for those exploring Third-Party Risk Management tools and looking to streamline their assessment processes using industry-standard frameworks.

(Please note this session is intended for those seeking to learn more about Shared Assessments' offerings - no CPEs offered).

Participants focus on how to incorporate sustainability considerations into Third-Party Risk Management (TPRM) programs. Participants from all organizations with an interest in sustainability, corporate social responsibility, and Environmental, Social, & Governance (ESG) considerations, regardless of level of TPRM experience, are welcome.

The Committee has an educational focus, informing members about evolving sustainability frameworks, policies, metrics, procedures, regulations, etc., in the context of TPRM. It is a forum for individuals from mature organizations with extensive experience to share insights with those organizations just beginning their sustainability journeys. Outside experts are occasionally brought in to share “best practices” related to their organization’s sustainability, corporate social responsibility, and ESG journey.

Additionally, input from this group is considered in developing Shared Assessments Products, including the SIG, SCA, and VRMMM.

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.