TPRM's Thanksgiving Table

Take a moment to savor the efforts you have made in strengthening your third-party relationships this year. Like preparing a delicious meal, successful risk management requires the right ingredients: a solid strategy, the right tools, and knowledge (or the willingness to learn). In this edition, we are serving up essential tips, solutions, and insights to help you navigate risk and ensure your partnerships are cooked to perfection: satisfying and secure.?

Preparing For Success: 2025 Third Party Risk Summit

As you reflect on the progress made this year, it is time to turn up the heat for what comes next. Just as many great family recipes have their secret ingredient, success in 2025 will require fresh perspectives and strategies. That is why we are excited about the 18th Annual Shared Assessments TPRM Summit happening March 26-27, 2025 in Fort Lauderdale, FL!

On The Menu

Join us for a dynamic, hands-on experience designed to elevate your TPRM program and strategies. From risk evaluation to operational resilience, Summit offers key insights, the latest trends, and practical tools to help you navigate the ever-changing risk landscape.

Why Attend?

• Dive deep into industry-leading best practices and strategic solutions to enhance your TPRM program.
• Collaborate with top experts, peers, and thought leaders to navigate risk with confidence and build resilience in your vendor relationships.
• Discover actionable insights that will empower you to take your TPRM program to the next level in 2025 and beyond.

Interested in speaking at or sponsoring our 2025 Third Party Risk Summit? Let us know.

Registration is open make sure to catch early bird pricing before 12/31/2024. Register here.

Main Course: Product Release 2025

We just released the 2025 Third-Party Risk Management (TPRM) Product Suite and we are excited to serve you a fresh batch of tools to enhance your TPRM efforts! Our 2025 product family includes:

• Vendor Risk Management Maturity Model (VRMMM)
• Third-Party Service Inherent Risk Rating (TPSIRR)
• Standardized Information Gathering Questionnaire (SIG)
• Standardized Control Assessment Procedures (SCA)
• Data Governance Products (Data Governance Products)
• Environmental Social and Governance (ESG SIG)

The 2025 TPRM Product Suite has integrated Digital Operational Resilience Act (DORA), Network and Information Systems Directive 2 (NIS2), and National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) Version 2.0 to offer enhanced cybersecurity and operational resilience across your vendor portfolio.

Our 2025 Product Release elevates user experience through improved usability within our solutions. We’ve remained true to our previously established risk domains while giving priority to our member and subscriber suggestions. Staying current with regulations and guidance, our 2025 TPRM Product Suite gives practitioners the ability to turn risk into readiness and resilience.”

-Kelcey Reed, SVP, Technology and Products

We are on hand to show you how to evaluate the regulations or risk areas that matter most to you, your organization, and your industry. Reach out for a personalized demo here.

The Proof Is In The Pie: Shared Assessments TPRM Education

Shared Assessments delivers professional development courses and certifications to support your personal impact and career advancement in risk management. We are offering 10% off our courses from now until the end of the year. (Use code 6TPRM_Celebrate at registration.)

TPRM Fundamentals

Gain foundational knowledge in Third-Party Risk Management (TPRM). This certificate-based learning course is designed for individuals with limited or no third party risk experience. The training will provide an overview of key third-party risk concepts, program components, and processes involved in minimizing risk in third-party relationships.

On-Demand | Online | Register

Certified Third-Party Risk Professional (CTPRP)

The Certified Third Party Risk Professional (CTPRP) designation is a professional credential designed to validate knowledge, experience, and proficiency in the design, structure, and implementation of a comprehensive TPRM Program. The course includes the processes for third-party risk identification and structuring a risk-based vendor classification structure and risk assessment process.

December 4-5 | 10:00am – 3:00pm ET | Online w/ Elizabeth Dunsmoor | Register

On-Demand | Online | Register

Certified Third-Party Risk Assessor (CTPRA)

The Certified Third Party Risk Assessor (CTPRA) designation is a professional credential that validates expertise, decision making and proficiency in third-party risk and controls evaluation. The program includes the processes for identifying, quantifying, and mitigating third-party risk within an organization’s TPRM program.

December 10-11 | 10:00am – 3:00pm ET | Online w/ Nasser Fattah CCISO, CISSP, CISA, CISM, CGEIT, CDPSE, CTPRP, ServiceNow CSA, OneTrust GRC | Register

Light Holiday Reading: Effective TPRM Foundations

Our latest paper delves into how operational resilience and business continuity planning are key to building a robust, risk-resilient supply chain. It shows how organizations can enhance their Third-Party Risk Management (TPRM) by using measurable metrics to assess supplier performance, identify risks, and close gaps.

By aligning vendors with resilience goals, companies can fortify their supply chains against disruption. The paper also offers practical examples of Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to help tailor resilience metrics to specific needs.

Read it here.

After The Feast: Click Into Cyber Monday

Our Marketplace brings forward valuable member offers to our member and subscriber community. It is your chance to actually “try it before you buy it” or to “see it to believe it.” Think of these offers as the perfect side dish to compliment your Shared Assessments membership or subscription. Dig in!

Schneider Downs Business Advisory offers our members and subscribers complimentary 60-minute consultations covering an abbreviated benchmarking analysis of your current program using the Shared Assessments Vendor Risk Management Maturity Model (VRMMM).

UpGuard gives our members and subscribers free access to UpGuard’s Trust Exchange. Trust Exchange allows security teams to reduce the time taken to respond to security questionnaires using powerful AI tools and collaboration features.

Auditive offers a free CISO Consultation and the opportunity to showcase your completed SIG. Meet with Auditive’s CISO for a holistic review of your TPRM program. Generate a preview of your risk posture in minutes to share with your prospects and customers. (Shared Assessments Members and Subscribers also receive 20% off all Auditive Vendor Management Products.)

Mirato offers members and subscribers two months of complimentary use of the Mirato platform as well as added Shared Assessments benefits. Mirato AI can reduce up to 60% of your manual efforts and automatically pre-answer up to 93% of your TPRM questionnaires.

Zaviant is joining the Shared Assessments Marketplace imminently!

Interested in these offers? Consider joining us as a member.

Interested in joining the Marketplace with an offer? Reach out!