ProcessUnity and CyberGRX Combine to Form the Most Complete Third-Party Risk Management Platform in the Market

4 minute read

July 2023

ProcessUnity Logo

Combined Company Integrates the Full Third-Party Risk Lifecycle, Enabling a Collaborative Risk Assessment Process Between Procurement, Cybersecurity and Third-Party Service Providers

BOSTON, MA & DENVER, CO, July 12, 2023ProcessUnity and CyberGRX announced today that the Third-Party Risk Management (TPRM) leaders have joined forces, creating the industry’s most powerful software and data platform to accelerate customers’ ability to identify, assess, analyze and ultimately reduce risk within their ecosystem. The combined company, which will continue to offer both products to new and existing customers, will merge the best-in-class TPRM workflow platform with the world’s largest global cyber risk exchange to centralize and standardize vendor risk management and directly respond to the most significant risks facing global enterprises today – third-party and cybersecurity.

“The combination between ProcessUnity and CyberGRX is an opportunity to revolutionize Third-Party Risk Management. We are in a unique position to transform how organizations assess their service providers while becoming the world’s largest database for vendor assessments and cyber risk data,” said Sean Cronin, CEO, ProcessUnity. “In the short term, our customers gain program workflow, validated vendor assessment data and artificial intelligence in a single solution – safeguarding their critical assets while significantly reducing program costs. Over time, our unparalleled expertise and forward-thinking innovators will introduce next-generation technology that will seismically shift how we manage cybersecurity and third-party risk. We’re thrilled to combine two customer-first teams and two market-recognized platforms to amplify our value to the ecosystem.”

The combination offers global enterprises a vision for Third-Party Risk Management, where three key stakeholders – procurement teams, cybersecurity teams and external third-party service providers – work in concert to reduce both internal cyber risk and external third-party risk. The aim is to eliminate friction and obstacles for business adoption of products and services while ensuring organizations maximize protection. The joint ProcessUnity-CyberGRX platform will be the only integrated, end-to-end solution for third-party and cyber-risk assessments in the market.

ProcessUnity and CyberGRX deliver highly complementary capabilities that, when combined, offer immediate and measurable value to both customers and vendors. Customers will benefit from ProcessUnity’s assessment engine and vendor monitoring tools as well as CyberGRX’s standardized exchange containing more than 14,000 attested and validated assessments and cyber risk data on more than 250,000 companies to:

  • Onboard vendors faster via more efficient pre-contract due diligence
  • Complete periodic post-contract due diligence on-demand
  • Assess traditionally hard-to-assess vendors that typically don’t respond to assessment requests
  • Reduce cycle times, lower staffing requirements and significantly decrease program costs
  • Minimize risk from external sources

Vendors, overburdened and fatigued due to resource restraints and the exponential growth in assessment requests each year, gain the means to:

  • Complete fewer assessments while satisfying more customer assessment requests
  • Keep complete control over what assessment information is shared with each customer
  • Lower customer due diligence and compliance costs
  • Win new business faster and retain more clients

The companies’ artificial intelligence, machine learning and natural language processing abilities work alongside third-party risk teams to provide unparalleled vendor insights as well as significant time and cost savings. Use cases include:

  • Predictive Risk Profiling: Anticipate how a given third party will answer assessment questions with up to a 91% accuracy rate.
  • Automated Inherent Risk Scoring: Prioritize assessment strategies based on the likelihood a vendor will have a cyber incident and its potential impact.
  • Policy Evaluation: Scan and score vendors’ policies, procedures and supporting documentation against common frameworks, regulations and standards to reduce inconsistent, time-consuming, manual document reviews.

“Since inception, CyberGRX has advocated for and improved upon methodologies to reduce risk and enable security and risk professionals to collaborate on the cybersecurity and risk management challenges experienced at the highest levels of the enterprise,” said Fred Kneip, CEO, CyberGRX. “Joining forces with ProcessUnity will push this endeavor farther and faster, allowing these professionals to more effectively demonstrate the value of their own risk management program, while also offering a new level of collaboration between companies and their trusted vendors to reduce risk on a global scale.”

Under the terms of the transaction, ProcessUnity and its investors acquired CyberGRX, whose existing shareholders participated in the deal and will retain a minority stake. Latham & Watkins served as legal advisor to ProcessUnity. Piper Sandler acted as financial advisor, and Cooley LLP served as legal advisor to CyberGRX.

About ProcessUnity

ProcessUnity is a leading provider of cloud-based applications for third-party risk and cybersecurity risk management. The ProcessUnity platform unifies how organizations assess, measure, and mitigate risk through automation. Built by a team of risk experts and implemented within the world’s leading enterprises, ProcessUnity solutions align programs and people to create a well-rounded defense against critical business risks. Headquartered outside of Boston, Massachusetts, ProcessUnity has earned recognition from leading analyst firms, customers and partners. For more information, visit

About CyberGRX

CyberGRX is the world’s first and largest third-party risk Exchange, equipping organizations with unparalleled cyber risk intelligence. Powered by 14,000 attested assessments, 250,000 company profiles, data on 425 of the 500 most commonly requested vendors, and 100% standardized data, only CyberGRX provides third-party threat intelligence, predictive risk insights, outside-in scanning and scoring, and a portfolio-wide view of security gaps. As a result, cybersecurity professionals can plan appropriately, make decisions confidently, and sleep soundly. CyberGRX is trusted by leading brands around the globe and was designed with partners including Aetna, Blackstone, and MassMutual. Learn more at

Related Articles

About Us

ProcessUnity is a leading provider of cloud-based applications for risk and compliance management. The company’s software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. ProcessUnity’s flagship solution, ProcessUnity Vendor Risk Management, protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Headquartered outside of Boston, Massachusetts, ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. For more information, visit