Key Benefits

  • Get a complete, up-to-date view of your cybersecurity preparedness
  • Identify and track cybersecurity-related projects across the organization
  • Maintain one schedule for cyber reviews, assessments, remediation and training validation
  • Monitor both internal and third-party assets in a single cybersecurity program
  • Establish an answer bank of cybersecurity responses tied to a central control framework

Self-Configuring Control Framework

ProcessUnity’s intelligent Cybersecurity Program Architect automatically scopes an organization’s program  mapping threats, risks, controls and regulations  via a step-by-step guided assessment. The system self-configures an annual review schedule complete with pre-built content, workflow triggers, notifications and reminders. Based on this schedule, ProcessUnity CPM manages program activities throughout the year — using hands-free automation to alert stakeholders at appropriate times to make sure tasks are completed and evidence is captured.  

ProcessUnity CPM leverages a pre-built meta-model based on the Secure Controls Framework (SCF) mapped to the most common security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 and ISO 27002. Cybersecurity Program Architect uses this meta-model to intelligently select from more than 800 control standards to ensure appropriate coverageThe CISO has the option to specify the cadences of program activities, including threat, risk, and control rating reviews, asset and third-party assessments and training validation  

 

Automated Workflows & Assessments

Automated workflows and assessments keep cybersecurity program activities moving forward on time throughout the year. The predefined schedule triggers the distribution of assessments and reviews to assigned stakeholders, tracks completion status, and sends reminders when tasks are running late.  

ProcessUnity CPM automates: 

  • Threat Reviews
  • Risk Evaluations
  • Control Reviews
  • Policy Reviews
  • Change Reviews
  • Incident Reviews
  • Training Program Validation
  • Issue Remediation
  • Facility Assessments
  • Application Assessments
  • System Assessments
  • Baseline Assessments

Dynamic Reporting & Dashboards

Powerful reporting gives the CISO real-time visibility into their cybersecurity program. Interactive dashboards offer immediate insight into the status of threats, risks, policies, controls, issues and incidents — with the ability to drill down into details as needed 

Preconfigured, out-of-the-box reports include:

  • Threat History & Trending
  • Risk Remediation Status
  • Policy Control Coverage
  • Controls Effectiveness
  • Top third Parties at Risk
  • Current Cyber Review Requests
  • Risk Prioritized Projects
  • Top High-Value Assets at Risk
  • Organization Training Coverage
  • Due diligence requests
  • Issues Summary Status
  • Major Incidents Status

Custom reporting lets the CISO create tailored reports for the C-suite, risk committee, the board of directors and other key stakeholders. Plus, with the click of a button, the CISO can export a customized, board-ready report on the state of the entire cybersecurity program that covers all relevant risks, threats, control reviews, assets, issues, incidents, projects and policies.