A critical component of any information security and compliance program is measuring the risk presented by, connecting to, and sharing data with service providers and partners. But measuring this risk has long been a challenge, and the process can be complicated and costly. BITS, the technology division of the Financial Services Roundtable, has developed a program and a set of controls called the Financial Institution Shared Assessments Program that includes a standard set of questions and testing procedures designed to simplify the process of measuring vendor risk. Additionally, the Shared Assessments Program questionnaires and procedures are aligned with ISO 27001/27002, a globally accepted framework for information security management.

Accuvant is a member of the Shared Assessments Working Group and offers services as a Member Assessment Firm to assist in performing assessments, as well as providing the mechanism and process for creating an automated program of reviews. Whether your goal is to have your organization assessed according to the Shared Assessment Program, or have your service providers reviewed, Accuvant can help.

Benefits. Partnering with Accuvant to provide Shared Assessments services has numerous benefits, including:

• Industry acceptance - The Shared Assessments Program approach was developed within the financial industry with membership of 45+ major US financial institutions
  
  
• Strong alignment with global standards - The ISO standards, upon which many of the controls in the program are based, represent a holistic approach to information security that is required for compliance
  
  
• Efficiency and consistency - Following a consistent, standards-based approach raises the bar for security while lowering the overall cost of assessing partners and service providers
  
  
• Automation - Accuvant can assist you in automating the assessment workflow, including deploying questionnaires, performing audit testing, and tracking remediation status through a web-based dashboard

Expertise. Accuvant is a member of the Shared Assessments Working Group as an Assessment Firm. Additionally, Accuvant compliance consultants are ISO 27001 Lead Auditor Certified and have the experience drawn from numerous engagements auditing and assessing information security practices at companies across many industries.

Process Driven. Accuvant helps clients define and adopt ongoing, manageable strategies to achieve and sustain compliance by transforming tasks from costly one-time projects into repeatable, integrated business processes. Our approach creates the template for a security program that is effective, efficient, and manageable.

If you would like more information about Accuvant's compliance solutions, please email info@accuvant.com or contact our sales department at 1-800-574-0896.