As reliance on SOC II reports grows within TPRM programs, organizations face a significant challenge: determining how much trust to place in the reports they receive. Recent AICPA guidance has heightened scrutiny on SOC II engagements, particularly flagging risk tied to templated, high-volume assessments that may not reflect each organization’s unique risk profile. Join Shared Assessments and Bill Deller (Schneider Downs) to examine what these developments mean for both issuers and users of SOC II reports. This session will highlight emerging concerns around overreliance on platforms, inconsistent quality, and the diminishing role of professional judgement. Participants will share techniques on how to better evaluate SOC II reports by identifying red flags, asking more effective questions of providers, and aligning report analysis with broader TPRM practices. Register to look beyond the report to understand what matters!

TBA

Join us for an in-depth look at the Standardized Information Gathering Questionnaire (SIG) and its evolution into the web based SIG EV platform. This session will focus exclusively on the SIG Excel and SIG EV, demonstrating how organizations can modernize their third-party risk management approach.

The team will walk through how the SIG Evolution (SIG EV) serves as a SaaS-based upgrade to the traditional SIG Excel, offering a more intuitive interface, secure information sharing, live dashboards, built-in file validation, and role-based access. You’ll also gain clarity on when to leverage each version—whether you’re a vendor responding to assessments or an outsourcer managing third-party risk. This session is ideal for those exploring Third-Party Risk Management tools and looking to streamline their assessment processes using industry-standard frameworks.

(Please note this session is intended for those seeking to learn more about Shared Assessments' offerings - no CPEs offered).

Join us for an in-depth look at the Standardized Information Gathering Questionnaire (SIG) and its evolution into the web based SIG EV platform. This session will focus exclusively on the SIG Excel and SIG EV, demonstrating how organizations can modernize their third-party risk management approach.

The team will walk through how the SIG Evolution (SIG EV) serves as a SaaS-based upgrade to the traditional SIG Excel, offering a more intuitive interface, secure information sharing, live dashboards, built-in file validation, and role-based access. You’ll also gain clarity on when to leverage each version—whether you’re a vendor responding to assessments or an outsourcer managing third-party risk. This session is ideal for those exploring Third-Party Risk Management tools and looking to streamline their assessment processes using industry-standard frameworks.

(Please note this session is intended for those seeking to learn more about Shared Assessments' offerings - no CPEs offered).

This Committee examines existing and emerging “best practices” to help address the challenges organizations face in managing third-party risk.  Committee meetings typically include a “Shop Talk” with guest speakers, panelists, or open discussion on topics prioritized by the Committee participants through surveys and polling questions.  Examples of previously examined topics include third-party contract development, inherent risk ratings, scoping assessments, maximizing continuous monitoring systems, identifying and managing fourth parties, integrating artificial intelligence into risk management, resourcing models, and articulating a program’s business value. 

The output of this Committee includes industry briefing and white papers, practitioner guidelines and work aids, industry call-to-action pieces, and blogs intended to enhance third-party risk management practices. This group coordinates with other Shared Assessments Committees when appropriate.  

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

This group meets via an open forum, allowing for active engagement and discussion of relevant topics. Participants examine the integration, challenges, opportunities, and solutions posed by emerging technologies, including Machine Learning, Artificial Intelligence, Cloud, 6G, Distributed Ledgers (Blockchain), and Cryptocurrencies.   

Advancements in technology fuel productivity, supporting digital transformation and business objectives. New technologies across all sectors are rapidly changing the risk landscape for organizations and third parties/supply chain ecosystems.   

This group invites member organizations specializing in emerging technologies, such as Cryptocurrencies and Artificial Intelligence, to present to the committee. Participants are encouraged to submit emerging technology topics relevant to TPRM for discussion.  

Members and Content Licensees Only 

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

The SIG you know and trust is better than ever — and now it’s built for teamwork. SIG Evolution (SIG EV) brings the familiar SIG framework into a collaborative environment where teams can assess, review, and manage vendors beyond Excel seamlessly. In this Product Forum, we’ll show you just how close SIG EV is to what you’re doing today — and how the upgrade to real-time collaboration and consistent outputs streamlines the experience from end to end.

The Foundations Committee focuses on the fundamentals of third-party risk for those in the early stages of their careers, who have recently become practitioners, or who are considering a new career path in third-party risk.     

This committee provides a platform for networking, experience sharing, and practical skill building. Members will delve into essential components needed for a strong TPRM program, collaborate to tackle challenges, and gain confidence in using products and solutions to more effectively identify and manage third-party risks.    

Enhanced Learning and Skill Development: By sharing real-world practices and activities, Foundations Committee members will gain practical insights and hands-on experience, which can significantly improve their understanding and skills in practicing third-party risk management activities throughout the lifecycle.  

- Prepare for success in the CTPRP and CTPRA course/exam.  
- Prepare participants to engage more actively in other committees.  
- Gain an understanding of how Shared Assessments products and content can assist in executing your TPRM activities.

Schedulers for this committee have been issued to committee members. If you are not part of this committee, please register your interest using the link below.

Built for our global community, the August CTPRP course schedule is designed to better accommodate Asia and India business hours, making participation easier across regions.

Course Hours:

• India (IST): 8:30 AM–1:30 PM
• Singapore / Malaysia / China / Philippines (SGT / MYT / CST / PHT): 11:00 AM–4:00 PM
• Japan / South Korea (JST / KST): 12:00 PM–5:00 PM
• U.S. Eastern Time: 11:00 PM–4:00 AM ET (previous day)

This online course runs August 5-6, 2026. The CTPRP designation is a professional credential designed to validate knowledge, experience, and proficiency in the design, structure, and implementation of a comprehensive Third-Party Risk Management (TPRM) Program. The program also incorporates best practices for TPRM program metrics, management reporting and evaluating the operational performance of the program. 12 Shared Assessments CPEs can be earned for completing the course.

TBA