Best Practices Configuration for ProcessUnity Vendor Risk Management (VRM) is a pre-configured Third-Party Risk Management program with turn-key workflows, assessments, calculations, risk analysis and reporting, allowing small to midsize organizations to successfully launch and maintain a third-party risk program from day one.
“More and more companies are looking to introduce Vendor Risk Management into their organization and need help in getting started with a proven process that works. With our Best Practices Configuration, we’ve built a prescriptive approach to help those companies accelerate their projects and get to compliance faster,” said Todd Boehler, Senior Vice President of Strategy at ProcessUnity. “This turn-key offering, built using our best-of-breed software, provides companies with a complete baseline program that can mature at their pace without the large time and cost investments that we see other technologies require. Whether you are new to Third-Party Risk Management or looking to reset your program, we can help by providing the necessary building blocks to stand up a systematic, repeatable program out of the box.”
Developed by Third-Party Risk Management subject matter experts leveraging knowledge from hundreds of successful customer implementations, ProcessUnity’s Best Practices Configuration delivers a complete program with high-quality, repeatable vendor assessment processes.
The low-touch, low-cost implementation gets customer programs up and running in a few short weeks, and includes the following:
Complete Data Model: Best Practice Configuration includes a sophisticated data model with pre-built relationships and workflows between data elements and system users. Key elements of the data model include Third Parties, Third-Party Requests, Third-Party Services, Service Reviews, Agreements, Assessments, Questionnaires and Third-Party Issues.
Prescriptive Workflows: Pre-configured workflows establish the repeatable processes necessary for effectively managing third-party risk – from initial service identification and onboarding, through contracts, ongoing vendor monitoring and termination. Key workflows capture new service requests, automatically calculate inherent risk, perform due diligence and manage issues and agreements.
Industry-Standard Questionnaires: Automated questionnaires featuring SIG™ Core and SIG Lite from Shared Assessments put an end to inefficient paper surveys and spreadsheets and simplify the assessment process for both organizations and their third parties.
Built-In Calculations & Scoring: Best Practices Configuration provides built-in calculations, rating tiers, scoring and other logic critical to an automated Third-Party Risk Program, including Inherent Risk, Automated Scoping, Assessment Review Ratings, Residual Risk, Issue Remediation and Automated Response Analysis. These calculations save time and remove subjectivity, identifying which vendors need further evaluation while automatically recommending assessment scope based on risk levels.
Comprehensive Vendor Portal: ProcessUnity’s Vendor Portal provides third parties with a secure, online environment to complete questionnaires, provide responses and comments, and attach supporting documentation. The easy-to-use interface, instructions and guidance improves vendor response time and response quality.
Interactive, Dashboards & Reports: Extensive built-in reports provide real-time visibility into the state of third-party risk and demonstrate to regulators the existence of a consistent, reliable and repeatable program. Interactive dashboards give visibility into ongoing risk assessment progress, the status of remediation activity and vendor ratings. Drill-down capabilities also allow risk managers to quickly find the details in areas of concern.
ProcessUnity Vendor Risk Management is a software-as-a-service (SaaS) application that helps companies identify and remediate risks posed by third-party service providers. Combining a powerful vendor services catalog with risk process automation and dynamic reporting, ProcessUnity VRM streamlines third-party risk activities while capturing key supporting documentation that ensures compliance and fulfills regulatory requirements. ProcessUnity VRM provides powerful capabilities that automate tedious tasks and free risk managers to focus on higher-value mitigation strategies.