Friday, December 13, 2019
Corporate Compliance Insights
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home News

Shared Assessments Announces TPRM Framework to Aid in Creating, Improving and Managing Third-Party IT Security Risk

by Corporate Compliance Insights
June 18, 2019
in News
concept of network security

TPRM Framework Provides Wide Range of Best Practices and Strategies for Improving Outsourced Oversight Processes

Santa Fe, NM (June 18, 2019) – The Shared Assessments Program, the member-driven leader in third-party risk assurance, today announced a new Third Party Risk Management (TPRM) Framework designed to help organizations of all sizes effectively build, improve and execute best practices in today’s fast changing third-party risk environment. The first two modules, the Framework Introduction and a module focused on Risk Management Basics, are available to members on the Shared Assessments website (www.sharedassessments.org) today.

As the practice of third-party risk management has evolved, it has become increasingly evident that a fully developed TPRM framework could provide valuable assistance to organizations working to improve outsourcing oversight processes.

Shared Assessments has addressed the need for more detailed guidance by creating the Program’s TPRM Framework, which was developed with the collective intelligence of the Shared Assessments’ membership, a global community of experienced third-party risk management practitioners in a broad array of industries. Framework content is designed to be useful for board members, C-level executives and both beginning and advanced practitioners.

“There has been a significant increase in third-party-related vulnerabilities in recent years, which has in turn resulted in increased demand for Shared Assessments Program resources, so the development of the TPRM Framework is needed now more than ever,” said Shared Assessments Chairman and CEO Catherine A. Allen. “Increasing third-party risks, together with new and changing regulatory mandates, require a new approach for providing the knowledge and practical skills necessary to help organizations more effectively manage third-party risk. The new TPRM Framework represents a critical and effective step forward to help organizations move toward best risk management practices.”

TPRM has emerged as an important practice area within organizational risk management programs where annual benchmarking research indicates only 40 percent of all organizations have fully mature TPRM programs (The Santa Fe Group, Shared Assessments Program and Protiviti, Inc., 2019). The TPRM Framework encompasses all aspects of operational risk, including information security.

Gary Roboff, Senior Advisor at The Santa Fe Group, and the lead on the development of the Framework, noted, “The TPRM Framework is designed to provide guidance for organizations seeking to develop, optimize and manage third-party risk best practices. The Framework also provides guidance about how to implement meaningful incremental improvements in TPRM practice maturity in organizations where resources may be constrained. Resource allocation is a significant obstacle for almost every organization in the current environment.”

Third-Party Risk Management Basics Module

For practitioners, TPRM Risk Basics introduces the importance of a robust program governance and tactics to drive a strong organization-wide risk culture to earn senior management approvals for resources. Additionally, TPRM Risk Basics features a short primer that examines concepts including:

  • Inherent and residual risk
  • Risk appetite statements and frameworks
  • Risk tolerance metrics and other foundational elements
  • Program prerequisites and process factors to be considered when building an organization’s TPRM program, including factors relevant to making a decision about whether or not to outsource a specific business function or activity

To download a copy of the Shared Assessments TPRM Framework, go to https://sharedassessments.org/framework/.

About the Shared Assessments Program

As the only organization that has uniquely positioned and developed standardized resources to bring efficiencies to the market for more than a decade, the Shared Assessments Program has become the trusted source in third-party risk assurance. Shared Assessments offers opportunities for members to address global risk management challenges through committees, awareness groups, interest groups and special projects. Join the dialogue with peer companies and learn how you can optimize your compliance programs while building a better understanding of what it takes to create a more risk-sensitive environment in your organization.

For more information, go to https://sharedassessments.org/.


Previous Post

Sanctions with Chinese Characteristics: PRC Government Threatens to Brand "Unreliable" Foreign Companies

Next Post

3 Ways to Increase Corporate Confidence in Cloud Security

Corporate Compliance Insights

Related Posts

ericsson logo on building exterior

Ericsson Agrees to Pay Over $1 Billion to Resolve FCPA Case

December 6, 2019
black and white image of businessman paying bribe

Former CEO of Brazilian Petrochemical Company Charged for FCPA Violation

November 20, 2019
laptop screen featuring Office 365 migration in progress

Moving Communications to the Cloud? Consider Compliance Before Migrating

November 5, 2019
man using risk management software on tablet

NAVEX Global Announces Upgrade to Lockpath Risk Management Platform

October 28, 2019
Next Post
cloud in the shape of an IT security shield

3 Ways to Increase Corporate Confidence in Cloud Security

Free Downloads

OFAC whitepaper cover
Compliance Job Interview Q&A
Reputation Risk Management Research

RSS SEC Litigation News

  • John Special, Defendant, and Michael Murphy, Relief Defendant, John Kenneth Davidson December 12, 2019
    SEC Obtains $3 Million Settlement in Insider Trading Action
  • Palm Beach Atlantic Financial Group, LLC and William A. Smith December 11, 2019
    SEC Charges Florida Resident and His Corporate Entity for Fraudulent Securities Offerings
  • Nanotech Engineering, Inc., Michael James Sweaney (also known as Michael Hatton), David Sweaney, and Jeffery Gange December 11, 2019
    SEC Obtains Asset Freeze to Halt Alleged Offering Fraud

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks Big Data blockchain board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management corporate culture corporate governance culture of ethics cyber risk data analytics data breach data governance decision-making Dodd-Frank DOJ due diligence fcpa enforcement actions GDPR GRC HIPAA information security internal audit internet of things (IoT) KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • Audit
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • HR Compliance
  • Leadership and Career
  • News
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights