No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

OneTrust to Acquire Shared Assessments to Advance Third-Party Risk Standardization Globally

by Corporate Compliance Insights
May 4, 2021
in GRC Vendor News
two figures shaking hands across line

Shared Assessments plans to remain a vendor-neutral industry organization now with increased ability to scale SIG third-party risk standard adoption globally

ATLANTA (May 4, 2021) – OneTrust, the #1 fastest-growing company on the Inc. 500 and category-defining enterprise platform to operationalize trust, today announced it entered into a definitive agreement to acquire Shared Assessments, the global membership organization dedicated to developing the best practices, education, and tools to drive third-party risk assurance.

The acquisition will enable Shared Assessments to further scale the availability and adoption of the SIG to become the de facto third-party risk standard globally. Shared Assessments, including the Standardized Information Gathering Questionnaire (SIG), Shared Assessments Summit, and Shared Assessments certifications, plan to continue operating as an open and vendor-neutral industry organization.

Shared Assessments SIG as the Ubiquitous Third-Party Risk Standard

The case for global third-party risk standardization is clear. According to Forrester 1, “The number of third parties requiring vetting, monitoring, and mitigation far exceed the capacity of most TPRM teams, so they only focus on those considered ‘critical.’” These issues are multiplied by each risk assessment questionnaire having an average of 200 questions.

Recent events have also exacerbated the challenges of managing third-party risk. COVID-19 spurred a decade’s worth of digital transformation to happen seemingly overnight as companies rapidly adopted cloud applications, networking, and security vendors. Solar Winds exposed the challenges enterprises face while understanding and responding to major hacks, and the invalidation of the EU-US Privacy Shield (Schrems II) is forcing organizations to reevaluate thousands of third-party data transfers.

The Shared Assessments SIG is one of the most widely adopted third-party risk standards today, and is positioned to be the ubiquitous global standard to solve these critical third-party risk challenges. The SIG is already used by more than 15,000 companies globally, and with the support and scale of OneTrust, Shared Assessments can advance the SIG’s adoption internationally in critical areas, including:

  • Global reach: Make the SIG globally available in languages around the globe
  • International alignment: Align the SIG more deeply with international frameworks
  • Real-time updates: Adapt the SIG in real-time based on industry news and events (e.g. COVID, Schrems II)
  • Adjacent risk domains: Advance the SIG adoption across multiple risk areas, including ESG
  • Technology enhancements: Build a technology platform to make it easier for organizations to adopt and apply the SIG in their programs

As a part of OneTrust, Shared Assessments will have the capital and global reach it needs to grow the SIG and scale it into the de facto international third-party risk standard.

Commitment to Shared Assessments’ Vendor-Neutral Integrity

Shared Assessments is tackling challenges that far outreach the scope of one vendor, industry, or technology platform. Managing third-party risk with custom standards and frameworks on a per-vendor or per-organization basis is unscalable. In a world where organizations are responsible for not just their third parties, but fourth and fifth parties as well, standardization is the solution.

Shared Assessment’s key differentiator as the global standard for third-party risk lies in the organization’s work with vendors, licensees, and members across the industry. As a part of OneTrust, Shared Assessments will maintain its position as a global membership organization. Shared Assessments plans to review and update its policies and procedures to be in line with member and licensee expectations and continue collaborating in a neutral way with multiple tech vendors and industry partners.

OneTrust is committed to preserving Shared Assessments’ position as a respected industry organization. This integrity is vital for Shared Assessments to deliver on its goal to become the ubiquitous global standard for third-party risk. Shared Assessments will continue to build its programs, partnerships, and standards supported by its steering committees, advisory boards, licensee partnerships, and member agreements.

Growing the Summit, Certification, and Third-Party Risk Management Community

Shared Assessments will see continued growth and investment in the third-party risk management community. The Shared Assessments Summit flagship third-party risk event recently wrapped up a successful spring virtual conference. The Summit will continue to be among the most widely attended industry events for third-party risk with a diverse group of vendors, consultants, and industry organizations participating and sponsoring the Summit.

The Shared Assessments certification program will also see investment and growth. The accredited Certified Third Party Risk Professional (CTPRP) and Certified Third Party Risk Assessor (CTPRA) will continue to be offered live and on-demand for professionals seeking credibility, recognition, and marketability in third party risk. OneTrust and Shared Assessments will also look into ways to expand the CTPRP and CTPRA to be more accessible to third-party risk professionals around the world.

Shared Assessments will also continue to deliver its popular toolkits, research, and resources for its member community and the third-party risk industry at large. As a part of OneTrust, these resources can be translated and delivered worldwide to increase the global adoption of third-party risk best practices.

Industry Support for OneTrust Plans to Acquire Shared Assessments

“The third-party risk industry is in need of more collaboration to drive innovation and this announcement represents a bold move in that direction,” said Nick Sorensen, CEO of Whistic. “Reliance on standards like the SIG makes establishing trust and transparency easier for both buyers and sellers in the Whistic ecosystem and across the industry in general. As a long-time Shared Assessment Member and Licensee, I’m confident that this acquisition will help accelerate this trend and benefit all of us.”

“With the rise of business disruptions has come greater recognition of the critical role TPRM professionals play ensuring enterprise resilience,” said Atul Vashistha, Founder & CEO, Supply Wisdom. “While OneTrust has led the market with risk management technologies, Shared Assessment has engaged with risk professionals to advance their goal of common standards and practices for greater efficiency in third-party risk. Their union will accelerate these efforts towards global standards and approaches. As supporters of Shared Assessments’ efforts since its founding, the Supply Wisdom team is very excited for what this will bring to both our clients and the profession. For our clients, it will reduce risk management friction and enable leading practices benchmarking. For risk professionals, it will make it easier to accelerate greater adoption of automation from risk detection to risk actions automation.”

“Data privacy regulations are increasingly focused on data governance and disclosures to third parties,” said Linnea Solem, CEO, Solem Risk Partners. “This collaboration will strengthen the resources available to the industry to address that intersection and drive efficiency in assessing obligations beyond simply data security.”

“As long-time supporters of Shared Assessments we support any initiative to drive standardization of the SIG and accelerate growth in the third-party risk space,” said Brenda Ferraro, VP of Third-Party Risk at Prevalent.

Statements from Shared Assessments CEO and OneTrust CEO

“We are very excited about this strategic partnership and planned acquisition by OneTrust. Shared Assessments will have a unique opportunity to continue the vendor-neutral, thought leadership role we play in the third-party risk community, now with increased investment and global reach,” said Catherine A. Allen, Shared Assessments founder and interim CEO. “We’ll have more resources to help us more quickly drive standards in the industry, grow internationally, and provide more industry education and events. We’re excited to be a part of OneTrust and Kabir Barday’s culture of integrity and respect for the individual, which fits with our team and culture. Our joint vision of collaborative efforts within the industry will benefit third party risk management as a whole, and enable Shared Assessments to stay at the forefront of the industry and global adoption of standardization.”

“We believe standardization is the future of the third-party risk management market,” said Kabir Barday, CEO, OneTrust. “The Shared Assessments SIG is already one of the most widely used standards in the world, and together we can further invest in the SIG’s technology, global reach, and adoption so we can make it the ubiquitous global standard. We also recognize it is critical Shared Assessments continues to operate with a wide variety of industry players and is guided by their standards board and advisory committees. We are excited for the continued investment in Shared Assessments, the SIG, and the third-party risk community across the globe.”

Financial details of the acquisition were not disclosed, and the transaction is expected to close in May.

1Forrester blogs, Third-Party Risk Management: You Can’t Outsource Your Way Out Of Accountability, August 2020

OneTrust is a registered trademark or trademark of OneTrust LLC or its subsidiaries in the United States and other jurisdictions.

About OneTrust

OneTrust is the #1 fastest-growing company on Inc. 500 and the category-defining enterprise platform to operationalize trust. More than 9,000 customers, including half of the Fortune 500, use OneTrust to make trust a competitive differentiator, implementing central agile workflows across privacy, security, data governance, GRC, third-party risk, ethics and compliance, and ESG programs.

The OneTrust platform is backed by 150 patents and powered by the OneTrust Athena AI and robotic automation engine, and capabilities include:

  • OneTrust Privacy - Privacy Management Software
  • OneTrust DataDiscovery - AI-Powered Discovery and Classification
  • OneTrust DataGovernance - Data Intelligence Software
  • OneTrust Vendorpedia - Third-Party Risk Exchange
  • OneTrust GRC - Integrated Risk Management Software
  • OneTrust Ethics - Ethics and Compliance Software
  • OneTrust PreferenceChoice - Consent and Preference Management Software
  • OneTrust ESG – Environmental, Social & Governance Software

OneTrust has raised a total of $920 million in funding at a $5.3 billion valuation from Insight Partners, Coatue, TCV, SoftBank Vision Fund 2, and Franklin Templeton. OneTrust’s fast-growing team of 2,000 employees is co-headquartered in Atlanta and London with additional offices in Bangalore, Melbourne, Denver, Seattle, San Francisco, New York, São Paulo, Munich, Paris, Hong Kong, and Bangkok.

To learn more, visit OneTrust.com or connect on LinkedIn, Twitter, and YouTube.

About Shared Assessments

As the only organization that has uniquely positioned and developed standardized industry resources to bring efficiencies to the market for enterprise risk management for more than a decade, the Shared Assessments Program has become the trusted source in third-party risk assurance. Shared Assessments offers opportunities for members to address global risk management challenges through leadership, best practices, tools, training, and special interest groups. Join the dialog with peer companies at www.sharedassessments.org.


Tags: Third Party Risk Management
Previous Post

SolarWinds: Why Companies Must Shift to a Risk-Based Cybersecurity Approach

Next Post

How to Choose the Right Registered Agent When Growing Your Business Across State Lines

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

GAN Integrity TPRM & AI

Where TPRM Meets AI: Balancing Risk & Reward

by Corporate Compliance Insights
May 13, 2025

Is your organization prepared for the dual challenges of AI in third-party risk management? Whitepaper Where TPRM Meets AI: Balancing...

robot reviewing contract

9 Emerging Use Cases for AI in TPRM

by Miriam Konradsen Ayed and Craig Moss
May 6, 2025

(Sponsored) As third-party ecosystems grow more complex, compliance teams face mounting pressure to assess and monitor external relationships effectively. Miriam...

business relationship concept hands

Relationship (Owner) Goals: Why Half Your TPRM Red Flags Stay Hidden

by Chris Audet
April 9, 2025

The front-line staff who manage vendor relationships are uniquely positioned to spot problems before they escalate, yet many organizations fail...

avengers lego figures

Uniting Forces: Cross-Functional Approaches to Insider Threat Prevention

by Rachel L. Gerstein
April 8, 2025

Creating a structured framework that brings together security, HR, IT, legal and compliance teams to fight internal vulnerabilities

Next Post
green approved medal with check mark icon isolated on blue background

How to Choose the Right Registered Agent When Growing Your Business Across State Lines

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights