Vendor Risk Management Add-Ons

Lite User Auto-Provisioning

ProcessUnity’s Auto-Provisioning capabilities streamline access management for customers with large or fluctuating Lite User populations. The platform add-on allows organizations to self-provision Lite Users automatically in Single Sign-on (SSO) environments, reducing administrative overhead and potential IT development and support.

Lite User Auto-Provisioning Datasheet

Shared Assessments SIG Connector

ProcessUnity’s SIG™ Connector provides embedded automation with the Shared Assessment Program’s SIG Core™ and SIG Lite™ questionnaires and ProcessUnity’s Vendor Portal. VRM administrators can quickly import SIG workbooks to create ProcessUnity questionnaire templates that can be used as the scope for Vendor questionnaire assessments. Vendor contacts can then easily import their responses at the click of a button. The SIG™ Connector for ProcessUnity is SIG-version agnostic, allows documentation to be imported as requested at the question level, and even allows for custom-defined (hybrid) questionnaire templates to be used.

SIG Connector Datasheet

Service-Level Agreements (SLAs) & Metrics

Metrics are hierarchically-stored collections of performance indicators and other captured information used to measure any organizational aspect of risk management (including KRI, KPI, SLA, SLC, etc.). Metrics provide configurable mechanisms and workflows to schedule ownership-based data collection and the ability to create notifications when results exceed defined thresholds or escalation levels.

Terms (for Agreements)

ProcessUnity’s Terms add-on extends the power of the Agreements document facility, giving customers greater oversight into contract risk as business conditions, procedures, regulations or legal frameworks change. By effectively linking risk management with the contracting process, ProcessUnity helps customers protect their interests in a business relationship, measure results against expectations and perform in-depth analyses of contracts across vendor populations.

Terms (For Agreements) Datasheet

External Content Connectors

Augment vendor onboarding and ongoing monitoring with by incorporating external content feeds and intelligence into your third-party risk processes. ProcessUnity's pre-built connectors integrate cybersecurity ratings, financial health scores, negative news feeds, watchlist screening services and more into your program, affirming vendor responses and providing continuous monitoring in between periodic due diligence.

Learn More: Integrations & Content Connectors

Platform Add-Ons

Archive Instance

The Self-Service Database Archives feature provides administrators the ability to preserve a read-only copy of a production instance and all of its data for future audit purposes. A separate archive instance allows the administrator and designated users to view the read-only archive data alongside their production instance.

Business Elements Hierarchy

A customer-defined subject area in ProcessUnity allowing records to be represented in a hierarchy (tree structure) comprised of nested folders with custom names to organize customer-defined data. Business elements can easily represent customer assets, buildings, applications, systems, etc. For ERM customers, these are also auditable entities in (can be the scope of periodic Assessment processing).

Configurable Email Gateway

A custom delivery mechanism in which all ProcessUnity-generated emails are routed to a single, customer SMTP gateway and then routed to the recipient according to customer-defined delivery workflows and protocols. Enabled in conjunction with the customer’s IT department, benefits include enhanced legitimacy and credibility to recipients, customer-controlled email handing, and visual branding / reformatting. Allows your IT organization to own the email lifecycle and incorporate Out-of-Office handling, specialized routing, and message archiving needs.

Document Request Workflow

A subject are that facilitates workflow of formal requests made to specific people to provide necessary documentation as either uploaded files or external links to URL-accessible external information sources. Works in conjunction with recipients’ ProcessUnity Inbox to fulfill requests. Document Requests can be linked (related) to any type of record in ProcessUnity. Sample uses: Request test evidence, request policy or service offering documentation, request vendor compliance documentation, etc. Also includes bulk document request and fulfillment capabilities.

External Components

Customize your ProcessUnity instance with data widgets from outside systems, allowing users to view relevant business data in context and within the ProcessUnity framework. Some examples include market data, Google maps, news feeds, social media, etc. These components can be accessed directly from external websites or built in-house to support customer needs.

Import / Export Services

Enhance Import Template and Custom Report processing by using batch scripts (such as cURL) that can be scheduled to automate the migration of data into and out of ProcessUnity.

Incidents

Many compliance programs require that certain types of incidents be captured, reported, and tracked to closure. ProcessUnity’s configurable Incidents module provides mechanisms by which users can report incidents of various types, assign ownership for incidents, engage in a dialog about incidents, and finally close incidents and maintain them for historical reporting.

Integration Hosting Service

ProcessUnity provides hosted hardware to support your custom integration requirements. With the help of our professional services team to build your integration requirements, your import and/or export job(s) reside on our hardware and run on a schedule of your choosing. All hardware is secured in our data center, and jobs are monitored and managed by ProcessUnity technical resources for your convenience.

Issues Tracking

Incorporate an Issues Tracking database and workflow into your current ProcessUnity system as a new subject area. Issues are defined as documented concerns or identification of potential problems related to some aspect of an organization’s business that are typically subject to a pre-defined, target resolution – with assigned ownership for resolution. Issues can be linked (related) to any type of record in ProcessUnity. Sample uses: New control needed, control deficiency found, new or changed risk discovered, client complaints, product/service gaps, etc.

Microsoft Excel™ Connector

Desktop integration technology that powers seamless data sharing between Microsoft Excel and ProcessUnity’s cloud-based solutions. The ProcessUnity Excel Connector allows licensed users to quickly load data into ProcessUnity from Excel, as well as access data stored in their ProcessUnity instance to support external workflows – all via a simple to use Excel toolbar extension.

Microsoft Excel Connector Datasheet

Microsoft Word™ Connector

Create formatted Microsoft Word™ documents within ProcessUnity, based on customer-defined templates that access context-based content and reports for a specific ProcessUnity record. Examples include customer-formatted welcome letters, statements of services, third-party contracts, assessment summary documents, and more.

Microsoft Word Connector Datasheet

Notices

A subject area to define and manage one-way communication to one or more individuals, initiated and closed by the originator, and published via Custom Reports. Notices can be linked (related) to any type of record in ProcessUnity. Sample uses: bulletin-board style postings, organizational or team announcements, upcoming new service offerings.

Process Library

The Processes subject area provides a framework that allows organizations to enumerate internal business practices and the related sets of steps/activities that a business carries out to achieve its various objectives. The Process hierarchy provides a blueprint for internal and/or external audits. Being auditable entities, advanced implementations of the Process library include the ability to perform assessments to meet SOX or Clause 49 compliance reporting requirements.

Projects Tracking

A subject area that provides definition, storage, and workflow for managing projects, defined as formal activities, typically involving multiple participants that have a defined deliverable or outcome, assigned responsibility, target start and end dates, and status. Sample uses: Correct a control deficiency, develop new controls, update/manage a system or business process.

Regulations & Standards

The Regulations and Standards subject area provides a framework that allows organizations to capture and categorize regulatory provisions that require organizational adherence, and form the blueprint for eventual external regulatory audits. This subject area streamlines the process of managing programs and processes that, through reporting, ensure compliance with industry standards, government regulations, and corporate policies. Once defined, this regulatory content can be scoped for regulatory assessments using ProcessUnity’s ERM solution.

Risk Register / Controls Library

The building blocks of a robust risk management solution begin with cataloging institutional risks and defining controls that mitigate those risks. A good starting point for an overall GRC/ERM solution is to start simple. The ProcessUnity Risk Register and associated Controls Library is just what you need to get started, as these elements define the risk framework by which your organization operates. Over time, these subject areas can be the scope of assessments and audit.

Sandbox / Test Environments

Non-production, test instances allow customers to host data in an environment suitable for development, testing, and training – without compromising the data and configuration in a production environment. Test environments are completely isolated from the ProcessUnity production instance, so testing will not affect live system work (and vice-versa). Customers can refresh their test environment data at any time.

Single Sign-on

SSO authentication enables all your users to bypass the ProcessUnity Login screen by authenticating via your corporate network. This provides convenience by eliminating the need to remember and maintain different user name and password combinations, increases productivity, increases security, and facilitates collaboration amongst in-house applications. ProcessUnity supports SAML 2.0, which is an industry standard for SSO.

User-Defined Objects

A Custom Object is a renamable subject area that can be used to enhance existing ProcessUnity implementations in terms of extended data collection, additional related items, and custom workflow. In addition to the subject area name, customers may optionally request configuration requirements of each custom object in terms of state lifecycles and review/approval functionality. Like other subject areas, customers can easily define necessary properties and relate these new custom objects to other subject areas, build custom reports, and set up custom notification rules as necessary.

Web Services

For custom integration requirements, ProcessUnity’s Web Services API allows customer IT organizations to programmatically design an integration workflow to push and/or pull data to/from ProcessUnity. This Web Services capability provides an easy-to-use WSDL making programmatic data exchange with ProcessUnity technically straightforward.

Web Services Datasheet

Work Items

A subject area that allows definition, storage, and workflow of general (light weight) tasks or to-dos to be performed within a specified time frame. Work Items can be assigned to people or teams and have open/closed states. Work items can be linked (related) to any type of record in ProcessUnity. Sample uses: reminders to update risk profile within a defined period, review owned controls to identify potential changes, track client adoption to new services, track status on functional data integration tasks from CRM.