Definition

Shared Assessments Program

Shared Assessments is a program that provides organizations with a way to obtain a detailed report about a service provider's controls (people, process and procedures) and a procedure for verifying that the information in the report is accurate.

Shared Assessments was created by the Bank of America Corporation, The Bank of New York Mellon, Citi, JPMorgan Chase & Company, U.S. Bankcorp, and Wells Fargo & Company in collaboration with leading service providers and the Big 4 accounting firms to help financial services companies assess service providers. The goal of Shared Assessments is to streamline the process of selecting and maintaining a vendor by creating an industry-wide standard to which service providers must adhere. To that end, the BITS consortium created the Standardized Information Gathering questionnaire (SIG), which is used to assess how well service providers adhere to those procedures.

The Shared Assessments program is not a certification. The SIG simply allows vendors to do a self-assessment of their security controls and provide that to their financial-services clients. In conjunction with the SIG, the Shared Assessments program offers Agreed Upon Procedures (AUP), which are audit standards that an independent assessment firm can use when conducting an onsite audit of a managed service provider. The service provider can share the report with multiple financial services clients, alleviating the need for separate audits.

See also: IT controls, compliance audit

This was last updated in October 2009
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchFinancialSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: