CyberGRX and ProcessUnity Combine to Form the Most Complete TPRM Platform in the Market

4 minute read

July 2023

July 12, 2023 – CyberGRX and ProcessUnity announced today that the Third-Party Risk Management (TPRM) leaders have joined forces, creating the industry’s most powerful software and data platform to accelerate customers’ ability to identify, assess, analyze and ultimately reduce risk within their ecosystem. The combined company, which will continue to offer both products  to new and existing customers, will merge the best-in-class TPRM workflow platform with the world’s  largest global cyber risk exchange to centralize and standardize vendor risk management and directly  respond to the most significant risks facing global enterprises today – third-party and cybersecurity. 

“The combination between ProcessUnity and CyberGRX is an opportunity to revolutionize Third-Party  Risk Management. We are in a unique position to transform how organizations assess their service  providers while becoming the world’s largest database for vendor assessments and cyber risk data,” said  Sean Cronin, CEO, ProcessUnity. “In the short term, our customers gain program workflow, validated  vendor assessment data and artificial intelligence in a single solution – safeguarding their critical assets  while significantly reducing program costs. Over time, our unparalleled expertise and forward-thinking  innovators will introduce next-generation technology that will seismically shift how we manage  cybersecurity and third-party risk. We’re thrilled to combine two customer-first teams and two market recognized platforms to amplify our value to the ecosystem.” 

The Future of Risk Management

The combination offers global enterprises a vision for Third-Party Risk Management, where three key  stakeholders – procurement teams, cybersecurity teams and external third-party service providers – work in concert to reduce both internal cyber risk and external third-party risk. The aim is to eliminate  friction and obstacles for business adoption of products and services while ensuring organizations  maximize protection. The joint ProcessUnity-CyberGRX platform will be the only integrated, end-to-end  solution for third-party and cyber-risk assessments in the market. 

ProcessUnity and CyberGRX deliver highly complementary capabilities that, when combined, offer  immediate and measurable value to both customers and vendors. Customers will benefit from  ProcessUnity’s assessment engine and vendor monitoring tools as well as CyberGRX’s standardized  exchange containing more than 14,000 attested and validated assessments and cyber risk data on more  than 250,000 companies to: 

  • Onboard vendors faster via more efficient pre-contract due diligence 
  • Complete periodic post-contract due diligence on-demand 
  • Assess traditionally hard-to-assess vendors that typically don’t respond to assessment requests 
  • Reduce cycle times, lower staffing requirements and significantly decrease program costs 
  • Minimize risk from external sources

More Efficient Use of Cybersecurity Resources

Vendors, overburdened and fatigued due to resource restraints and the exponential growth in  assessment requests each year, gain the means to: 

  • Complete fewer assessments while satisfying more customer assessment requests 
  • Keep complete control over what assessment information is shared with each customer 
  • Lower customer due diligence and compliance costs 
  • Win new business faster and retain more clients 

The companies’ artificial intelligence, machine learning and natural language processing abilities work  alongside third-party risk teams to provide unparalleled vendor insights as well as significant time and  cost savings. Use cases include: 

  • Predictive Risk Profiling: Anticipate how a given third party will answer assessment questions  with up to a 91% accuracy rate. 
  • Automated Inherent Risk Scoring: Prioritize assessment strategies based on the likelihood a  vendor will have a cyber incident and its potential impact. 
  • Policy Evaluation: Scan and score vendors’ policies, procedures and supporting documentation against common frameworks, regulations and standards to reduce inconsistent, time-consuming,  manual document reviews. 

“Since inception, CyberGRX has advocated for and improved upon methodologies to reduce risk and  enable security and risk professionals to collaborate on the cybersecurity and risk management  challenges experienced at the highest levels of the enterprise,” said Fred Kneip, CEO, CyberGRX. “Joining  forces with ProcessUnity will push this endeavor farther and faster, allowing these professionals to more  effectively demonstrate the value of their own risk management program, while also offering a new level  of collaboration between companies and their trusted vendors to reduce risk on a global scale.” 

Under the terms of the transaction, ProcessUnity and its investors acquired CyberGRX, whose existing  shareholders participated in the deal and will retain a minority stake. Latham & Watkins served as legal  advisor to ProcessUnity. Piper Sandler acted as financial advisor, and Cooley LLP served as legal advisor  to CyberGRX. 

Related Articles

About Us

ProcessUnity is a leading provider of cloud-based applications for risk and compliance management. The company’s software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. ProcessUnity’s flagship solution, ProcessUnity Vendor Risk Management, protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Headquartered outside of Boston, Massachusetts, ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. For more information, visit