This Months Focus
The Boards Role in Third Party Risk
|
Expert Advise for Directors on Managing Risk
Risk management is a hot topic in the boardroom, and "third party risk is one of many risks that a board of directors needs to look at," Catherine A. Allen, chairman and CEO of The Santa Fe Group, told Erica Salmon Byrne during an episode of NYSE This Week in the Boardroom. "In fact," she added, "the newest regulations hold the board responsible for third party risk." Most boards, she said, understand their organization's risks and the risk management program, with a focus on more critical risks. "Then they'll notate that in the minutes of the board that they have addressed these particular risks," she said.
Annie Searle, Risk Universe columnist and principal of ASA Risk Consultants, offered advice to boards of directors about better managing their companies' risk. Board members cannot take at face value executives' assurance that risk is being properly managed, she reported. They need to educate themselves and "be sure you get real answers to your questions," she said.
Read Ms. Searle's letter to board members.
|
ADDITIONAL INFORMATION
The following links provide additional information related to this months topic:
|
2015 Shared Assessments Summit
Join us for the 2015 Shared Assessments Summit
Schedule of Events
April 27: SA 101 Fundamentals of the Shared Assessments Program Tools workshop 1 (AM) ; SA 201 Overcoming Implementation Challenges workshop 2 (PM)
April 28: Effective Contracting for the Entire Vendor Lifecycle workshop 1 (AM); The New Normal - Best Practices for Consumer Protection & Regulatory Compliance Assurances workshop 2 (PM); Evening VIP Reception for members and invited guests only (evening)
April 29: Shared Assessments Summit (full day session); Evening reception for all speakers and attendees
April 30: Shared Assessments Summit (morning session); CTPRP Workshop (PM)
Click here to learn more about the 2015 Shared Assessments Summit
Click here to learn more about the Pre-Conference Workshops.
Shared Assessments Certification
Sponsorship and Exhibitorship Opportunities
Your organization is invited to participate as a sponsor/exhibitor at the Shared Assessments Summit 2015 and Pre-Conference Workshops on April 27-30, 2015, at the Four Seasons Hotel in Baltimore, Maryland. Now in its eighth year, the Shared Assessments Summit is the premier event for all stakeholders in the vendor risk assessment process from a range of industries including financial services, healthcare, telecommunications, energy and higher education.
Click here to view the sponsorship brochure.
|
|
Hear from Shared Assessments Members at these upcoming events:
Jonathan Dambrot, CEO and Co-founder, Prevalent, Inc.
Steering Committee member, Glen Sgambati, Chief Risk and Security Officer, Early Warning Services; and Tom Garrubba, Senior Director, The Santa Fe Group
Tom Garrubba, Senior Director, The Santa Fe Group
- ISACA North America CACS Conference: Contracting For the Full Vendor Lifecycle - March 16 - 18, Orlando, FL Learn more
|
|
|
Dear Member of the Board
By Annie Searle, Principal, ASA
Whether you're a board member of a retailer like Starbucks or sitting on a large financial services board like JPMorgan Chase, I'll bet you're pleased at this point that you said no to SONY board membership.
... Read more
|
Did You Know?
With the latest regulatory requirements from the OCC, the Fed, and others, the identification of "critical" vendors is on the rise at financial institutions as these are now required to have board-level approval. What does this mean to your organization? Whether you are a financial institution or not, you should be prepared to identify 1) who these vendors are, 2) what data they have access to, 3) what they are actually doing for you (that is, the scope of work), and 4) where are they performing this work. It's the first and most logical step in solidifying your vendor inventory.
|
Interested in becoming a Shared Assessments Member?
|
Shared Assessments would like to welcome our newest Members and Partners:
|
|
PCI DSS AND PA-DSS VERSION 3.0
| |
|
|
Federal Reserve Guidance on Managing Outsourcing Risk
| |
|
|
NIST: Framework for Improving Critical Infrastructure Cybersecurity
| |
|
|
Future Topic Suggestions
| |
Do you have a topic you'd like to see covered in an upcoming newsletter or presented on a future monthly Member Forum call?
Send your ideas to Kelly Wagner, Project Manager for Shared Assessments.
|
|
Guest Bloggers
|
Interested in serving as a guest blogger on the Shared Assessments Authorities on Risk Assurance blog? Contact Kelly Wagner, Project Manager for Shared Assessments.
|
|
Members Only
|
To promote your upcoming speaking events here, please send details to Kelly Wagner, Project Manager for Shared Assessments.
|
|
 |
|
