OneTrust acquires Shared Assessments to grow the SIG and global third-party risk standardization

May 31, 2021

Orange and yellow gradient

We are excited to announce that OneTrust has acquired Shared Assessments, the global membership organization dedicated to developing best practices, education, and tools to drive third-party risk management (TPRM). 

We’re committed to keeping Shared Assessments an open and vendor neutral industry organization. And the company, including the Standardized Information Gathering Questionnaire (SIG), Shared Assessments Summit, and Shared Assessments certifications, and will continue to work with vendors, licensees, and members across the industry.


On-demand webinar coming soon...


OneTrust has a longstanding commitment to streamlining and automating complex third-party risk management obligations for organizations across sectors, jurisdictions, and industries. With the acquisition of Shared Assessments, we will further scale the availability and adoption of the SIG to assist it in becoming the facto third-party risk standard globally. 

Watch the Webinar: OneTrust to Acquire Shared Assessments: Fueling the Global Demand for Third-Party Risk Standardization

Making SIG the global TPRM standard

The Shared Assessments SIG is one of the most widely used standards to help organizations build, customize, analyze and store vendor assessments for third-party risk management. From people to processes, to procedures, the SIG helps over 15,000 businesses uncover liabilities, weaknesses, and areas of improvement across all vendors.  

With the support of OneTrust, Shared Assessments can advance the SIG’s adoption worldwide in critical areas, including: 

  • Global reach: Make the SIG globally available in languages around the globe 
  • International alignment: Align the SIG more deeply with international frameworks 
  • Real-time updates: Adapt the SIG in real-time based on industry news and events (e.g. COVID, Schrems II) 
  • Adjacent risk domains: Advance the SIG adoption across multiple risk areas, including ESG 
  • Technology enhancements: Build a technology platform to make it easier for organizations to adopt and apply the SIG in their programs 


Growing the community for third-party risk management

Shared Assessments has built its membership ecosystem of cross-industry organizations from outsourcers to vendors to regulators to technology providers. This wider perspective creates a collective intelligence that is the foundation of their third-party risk certifications and thought leadership.  

The Shared Assessments Certified Third Party Risk Professional (CTPRP) and Certified Third Party Risk Assessor (CTPRA) certifications will continue to be offered live and on-demand for professional credibility, recognition, and marketability in third party risk. Additionally, the Shared Assessments Summit will remain the premier global, multi-industry event third-party risk management event, bringing together leading experts to network, review business practices as well as new and enhanced technology tools and services. Shared Assessments will also continue to deliver its popular toolkits, research, and resources to this member community and the third-party risk industry at large. 

Combined, OneTrust’s investment and active customer base will also help build a broader community of CTPRP and CTPRA certified professionals globally, increase access to thought leadership resources, and drive greater attendance to the industry-leading Summit.

A vendor-neutral alliance that benefits businesses and vendors 

Shared Assessments will continue its role as a vendor-neutral industry organization with an open community that can drive the adoption of TPRM standardization globally.  The challenges of third-party risk far outweigh what one vendor can do alone, and it’s critical we work together. Shared Assessments will plan to review and update its policies and procedures to make sure they are in line with licensee expectations to continue vendor-neutral collaboration. We are committed to executing on this acquisition with high ethics and integrity, and make sure the community that has invested so heavily in the SIG standard continues to be comfortable and thrive.

“The third-party risk industry is in need of more collaboration to drive innovation and this announcement represents a bold move in that direction. Reliance on standards like the SIG makes establishing trust and transparency easier for both buyers and sellers in the Whistic ecosystem and across the industry in general. As a long-time Shared Assessment Member and Licensee, I’m confident that this acquisition will help accelerate this trend and benefit all of us.” – Nick Sorensen, CEO, Whistic

We’re excited to grow the development and adoption of the SIG and make third-party risk easier for everyone involved, both businesses and vendors. 

Update on May 31, 2021: On May 4, we announced our definitive agreement to acquire Shared Assessments. As of May 31, the acquisition closed.

To learn more,  watch our webinar  hosted by Shared Assessments and OneTrust CEOs.  

You may also like


Third-Party Risk

Staying vigilant: 7 practical tips for ongoing third-party risk monitoring

In this webinar, we'll share seven practical tips for effective third-party risk monitoring, helping you to identify new risks and take timely action to protect your business.

August 02, 2023

Learn more


Third-Party Risk

Automating third-party management workflows: 5 ways to drive alignment across teams

Join us as we explore how automating third-party management workflows streamlines processes, drives alignment across teams, and reduces reduntant work.

July 19, 2023

Learn more


Third-Party Risk

Are your third parties a privacy compliance liability? 5 tips to reduce your exposure

Join our webinar and learn how to create an effective, privacy-focused third-party risk management (TPRM) program that streamlines recordkeeping and reduces your risk exposure.

July 05, 2023

Learn more