Shared Assessments Program
Shared Assessments is a third party risk membership program that provides organizations with a way to obtain a detailed report about a service provider's controls (people, process and procedures) and a procedure for verifying that the information in the report is accurate.



6 Steps for Effective Information Security Assessments
Assess your organization’s security risks with this checklist. Expert Kevin Beaver explains the 6 key components of the process.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
In 2006, six members of the financial services industry in conjunction with the Big 4 accounting firms, and key industry service providers set out to ease the risk assessment burden on both outsourcers and third parties. Their goal was to streamline the cumbersome evaluation process and create an industry standard. The result is the Shared Assessments Program. Today, the Shared Assessments Program helps members helps members to keep current with regulations, industry standards and guidelines as well as the current threat environment.
Shared Assessments membership includes use of the Shared Assessments Program Tools. The Agreed Upon Procedures (AUP); Standardized Information Gathering (SIG) questionnaire and Vendor Risk Management Maturity Model (VRMMM), offers companies and their service providers a standardized way to assess IT controls for data security, privacy and business resiliency. Shared Assessments also administers a third party risk management certification program called the Certified Third Party Risk Professional (CTPRP).
The Shared Assessments Program is managed by The Santa Fe Group, which is based in Santa Fe, New Mexico.
See also: compliance audit
Start the conversation
0 comments