The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Cloud Industry Forum Joins Third Party Assurance Initiative

The Cloud Industry Forum (CIF) today announced it has partnered with the Third Party Assurance Centre (TPAC), a business assurance initiative, formed to help minimise outsourcing risks. Other industry bodies partnering with TPAC include the Information Security Forum, Cloud Security Alliance, Common Assurance Maturity Model, and the Payment Card Industry board of advisers.

A recent whitepaper collectively produced by these industry bodies entitled, “Business Assurance for the 21st Century,” highlights that third parties managing data should be asked questions about the security systems they have in place and the standards they adhere to. TPAC aims to combat security risks faced by organisations that manage third-party suppliers by introducing transparency into the supply chain.

Raj Samani, founder of the Common Assurance Maturity Model (CAMM), and chief technology officer Europe, Middle East and Africa for security firm McAfee, commented: “Organisations should create contracts which outline the level of security that they expect from their third parties, whether data is being managed in the cloud or on-premise. This way, when organisations get tenders for business coming through, they are assured that third parties are transparent about risk levels. Transparency is heavily encouraged by CIF as are contracts. We are delighted they are coming on board with TPAC to advocate best practice across the wider IT sector.”

Andy Burton, chairman of the Cloud Industry Forum commented: “CIF fully supports the initiative of providing a third party assurance framework to help establish trust online, and we see this as complementary to the CIF Code of Practice which was launched in 2010 to engender best practice within the Cloud Service Provider market by requiring Certification against the inter-dependent pillars of Transparency, Accountability and Capability. Both the CIF Code of Practice and the Third Party Assurance initiative have a common aim of providing end users with a frame of reference to make informed decisions in their use of online services. To that end we are keen to work alongside our industry peers to see if we can help make this a reality.”

A website will shortly be launched for the initiative under the following url: www.the-third-party-assurance-centre.com.

Related content

WEBINAR

Recorded Webinar: Evolution of data management for the buy-side 2021

The buy-side faced a barrage of regulation in 2020 and is now under pressure to make post-Brexit adjustments and complete LIBOR transition by the end of 2021. To ensure compliance and ease the burden of in-house data management, many firms turned to outsourcing and managed services. But there is more to come, as buy-side firms...

BLOG

Don’t Miss It – A-Team Group’s Data Management Summit USA Virtual is Just Weeks Away

Data monetisation, data strategy to drive business outcomes, data discovery and intelligence, the power of data lineage, how to deliver an ESG data strategy and, necessarily, regulatory reporting challenges and the data management response, are just some of the key topics that leading capital markets’ participants and innovative solutions vendors will discuss at A-Team Group’s...

EVENT

TradingTech Summit London

TradingTech Summit London will explore how trading firms are innovating in today’s cloud and digital based environment to create flexible, scalable trading platforms to support speed to market and business agility. Leveraging the cloud, AI and ML technologies to get an edge, automate processes and simplify operations in a cost effective way is the name of the game and will share practical insight from practitioners and technology leaders who are innovating and driving forward change in trading operations.

GUIDE

ESG Handbook 2021

A-Team Group’s ESG Handbook 2021 is a ‘must read’ for all capital markets participants, data vendors and solutions providers involved in Environmental, Social and Governance (ESG) investing and product development. It includes extensive coverage of all elements of ESG, from an initial definition and why ESG is important, to existing and emerging regulations, data challenges...