Partner Information Manager Supplier Guide May 2017

Similar documents
TRUST. Technology Reporting Using Structured Templates for the FCH JU. User Manual for data providers. Version 1.00

SUBMITTING TIMESHEETS AND EXPENSES

PM Created on 1/14/ :49:00 PM

Quick Start to ChequedFit and ChequedReference

ejobs Guide for Hiring Managers

How to Download PDF Invoices RR Finance Admins

ReadySub for Administrators. Administrator User Guide Version 2.0. ReadySub

Or, from the View and Manage RFx(s) page, click the Create RFx button. Create New RFx - Use this button to create an RFQ from scratch.

MyFloridaMarketPlace equote in MFMP Sourcing 3.0 State Agencies 2013

WEB TIME EMPLOYEE GUIDE

Completing an Internal Audit User Guide For the Reliance Assessment Database

ADVANTAGE 3.10 EMPLOYEE SELF SERVICE (ESS) USER GUIDE HUMAN RESOURCES AND PAYROLL DEPARTMENTS

Contractor Data Systems (CDS) Monthly Amounts Paid and EPI Submissions May 2017 v2

e-marketplace Platform for Saudi Aramco SAP Ariba Suppliers Technical Guide 11/24/2018

PIMS User Guide USER GUIDE. Polaris Interview Management System. Page 1

ARMSTRONG ATLANTIC STATE UNIVERSITY

Before continuing it is important the reader understands the key differences between Mobipaid and other forms of mobile payments :

Employee Walkthrough. Version 1.0. Last updated: 26 th January 2018 Author: Joe Sutcliffe E:

Ariba Network Invoice Guide

Infor HR Manager/Proxy Guide

Frontline Education s Absence Management Solution Reference Guide for Administrators Table of Contents

DHL IMPORT EXPRESS ONLINE USER GUIDE FOR IMPORTERS WE COORDINATE EFFECTIVE COMMUNICATION BETWEEN YOUR SHIPPERS AND YOU FOR YOU. dhl-usa.

VERSION 1.1 SEPTEMBER 25, 2017 APPRAISAL360 USER GUIDE. PRESENTED BY: HR DEPARTMENT ilink Systems, Inc

MyDHL USER GUIDE.

Hiring Manager Training Guide

User Guide. Perception-based Survey

Table of Contents. 2 P a g e

Performance Pro Employee Training

Manager Walkthrough. Version 1.0 Last updated: 14 th March 2018 Author: Joe Sutcliffe E:

Access and explore your company s Directory and organizational structure. Review and download your paystubs and tax forms

Employee Training Guide. Workday V 26.3

HSA EMPLOYER RESOURCE GUIDE. Fifth Third Bank Health Savings Account

Shift Swapping Quick-Guide

Ball State University HR-TMS Training Guide: Staff

University Human Resource Services TMS Talent Management Training Guide for STAFF

Virtual Terminal User Guide

Performance Management System Reference Guide Administrators

A. Locating the Job Requisition:

Tempworks Customer Quick User Guide

Infor HR Specialized Service Provider Self-Appraisal Guide

Your business always on. 1. Booking Management

Introduction 3. About CalUsource 3 Your Role as a CalUsource Evaluator 3 About this Guide 3

myplan MANAGER (REVIEWER)

Referral Training Exercise 3: Review and Hiring Manager

3M Ariba Light Account Network Collaboration for Suppliers

Aesop Reference Guide for Administrators Table of Contents

Requesting completion of the Work Health Assessment (WHA) Questionnaire. Monitoring completion of the Work Health Assessment Questionnaire

Log In. 1. Navigate to 2. Input Company Name, Username, and Password. Click Sign In on the top right of the screen.

Manager Dashboard User Manual

After logging into PrintGizmo create your profile and complete the information requested by navigating the menu to Configuration > Profile.

Timekeeper s Manual. for. Using the. Time and Attendance System (TAS)

Editing an Existing Account on an Invoice Payment Creating a New Account on an Invoice Payment... 47

DIRECT SUPPLIER ROSTER TOOL HOW TO GUIDE

Employer Self Service Portal. Employer Self-Service Handbook AASIS Employer Users Version

COST ASSESSMENT DATA ENTERPRISE. CSDR Submit-Review Website: Reviewer Guide

Findmyshift - Getting started with Findmyshift

Quick Reference for Project View Managers

HR APPROVALS. Version 5.5

Welcome to AcqDemo CAS2Net 2.0 for Employees and Supervisors

Supervisor Overview for Staffing and Scheduling Log In and Home Screen

CHAPTER 21: SCHEDULING SERVICES FOR YOUR CUSTOMERS

2015 Kelly Services, Inc. 02/18

PRISM SPro Submitting a Candidate Quick Reference Guide

Marketing Cloud Advertising Studio

ROCs Initiators Quick Start Guide Pilot Group Staff (Class 1)

UC LEARNING CENTER Manager Guide

Supervisor Training Supervisor Training

FCL Electronic Facility Clearance System (e-fcl) Submission Site User Guide

Transportation Management System Vendor Operating Manual Version 8.0 July 2017

E-Recruitment HOW-TO GUIDE

Deltek Touch Time & Expense for Vision. User Guide

Ball State University HR-TMS Training Guide: FACULTY

Next, switch from your browser to the inflow Cloud for Windows app and log in.

EMPCENTER 9.6 USER GUIDE

VOLUNTEER MANAGEMENT SYSTEM COORDINATOR MANUAL

3Gtms Supplier User Guide REFERENCE GUIDE

HIA Timesheets - User Guide for Hosts

Alberta Prorate IRP System. Online Services User Guide

PO Boxes Online Key Navigation Steps

This document gives a high level overview of CCM and instructions on how to submit a payroll or EE maintenance or census Work Order.

Office of Human Resources. PittSource Navigation Guide

Manager Self Service User Reference Guide for Hiring Managers

Zebra s Repair Order Portal for Partners COURSE CODE: RPE01

Supervisor/Manager. 1. Go to Performance Management website: cornerstone.wm.edu. 2. Log in using your W&M network credentials

Contents General Information... 1 CTE Portal Login... 2 Acquiring Access to the CTE Portal... 2 Logging into to the CTE Portal... 4 Home Page...

VENDOR USER GUIDE Fall 2018

MEANINGFUL SELECTIONS REFERENCE GUIDE. Funeral Home Admin Module March 2016

CETRA s Resource Portal Translation. Plunet Business Manager

SUPERVISOR: OTHER TASKS QUICK START GUIDE

Welcome to the BetterOnline Web Portal System!

Taleo Enterprise. Taleo Compensation Manager Guide

User Guide. User Guide. Inside the User Guide:

2015 Kelly Services, Inc. R7/15

TABLE OF CONTENTS. Introduction... 18

MyPerformance Employee Guide. MyPerformance. (DoD Performance Management and Appraisal Program) Employee User Guide. March 7, 2016

Employer Guide to CONNECT

Training Guide. isupplier Training Guide. Oracle E-Business Suite eprocurement Training isupplier Portal for End-Users. Page i

Bloomberg Ariba Network. Online Invoice Guide

Jacksonville Aviation Authority (JAA)

Juniper Newsletter. User Manual Booking Engine - Update April st of March, Juniper Innovating Travel Technology

Transcription:

Partner Information Manager Supplier Guide May 2017 1

Contents About Exostar s Partner Information Manager (PIM)... 4 About the Cybersecurity Questionnaire... 4 About the NIST SP 800-171 Questionnaire... 4 About the Conflict Minerals Questionnaire... 4 About Exostar s Managed Access Gateway (MAG)... 4 Roles within MAG... 5 How to Access PIM... 5 Roles within PIM... 6 About the PIM Home Dashboard and Viewing Notifications... 6 Recent Activities... 8 Partner Profile... 9 New Partners... 11 My Organization... 12 Managing Users... 13 Groups... 14 Forms... 16 Completing the Conflict Minerals Questionnaire... 17 Forms Activities Widget... 19 Forms Widget... 20 About Sharing Requests... 20 How to Accept, Deny or Opt-Out of a Sharing Request... 20 About Opting-Out... 21 About Denying... 22 About Accepting... 23 Determining Who Your Organization is Sharing a Request With... 24 Assigning a Questionnaire... 25 How to Assign a Questionnaire to a User... 25 Completing and Updating a Questionnaire... 27 Partners Widget... 31 About the Partners Profile View... 32 About the Users Profile View... 36 About the Forms Profile View... 36 2

About the Group Profile View... 38 Partner Lookup... 38 My Account... 41 Scoring... 41 About the Capability Assessment... 43 About Capability Levels... 44 Scoring... 44 Email Notifications... 45 Support... 45 3

About Exostar s Partner Information Manager (PIM) Exostar s Partner Information Manager (PIM) is a risk management tool that leverages information from trusted sources to provide a buying partner with a supplier s current and potential risk and impact. PIM allows suppliers to complete a form (e.g. Cybersecurity Questionnaire or the NIST SP 800-171 Questionnaire) that has been requested to them by a buyer and then continue to share that form and form results with additional buyers as requested. This ask once and share model reduces the burden of completing multiple questionnaires. Additionally, PIM provides prime contractors with a consistent set of minimum cyber security expectations for suppliers. About the Cybersecurity Questionnaire The Cybersecurity Questionnaire was developed to measure a partner s cybersecurity capability. The information that a supplier partner provides will help them understand their organization s cybersecurity posture. The questionnaire will also help buying partners manage risks with sharing sensitive information. Please visit the Cybersecurity Questionnaire Support page for additional information. About the NIST SP 800-171 Questionnaire The Department of Defense (DoD) now requires all of its contractors to protect Covered Defense Information (CDI). The department modified its Defense Federal Acquisition Regulation Supplement (DFARS) to address the safeguarding of CDI. The DFARS clause 252.204-7012 requires covered companies to use the cyber safeguards described by the National Institute of Standards and Technology (NIST) in Special Publication (SP) 800-171, which NIST created specifically for commercial companies who do not operate federal information systems but who receive or create CDI to perform defense contracts. The information that a supplier partner provides in the NIST SP 800-171 questionnaire is used by buying partners to determine a business s security posture with respect to the required NIST security controls. Please visit the NIST SP 800-171 Questionnaire Support page for FAQs and additional information. About the Conflict Minerals Questionnaire As a buyer, you may request that suppliers complete the Conflict Minerals Questionnaire. The Conflict Minerals Reporting Template is a free, standardized reporting template developed by the Conflict-Free Sourcing Initiative that facilitates the transfer of information through the supply chain regarding mineral country of origin and smelters and refiners being utilized. The questionnaire is used to determine that suppliers are using smelters recognized by and meeting the CFSI standards. About Exostar s Managed Access Gateway (MAG) Exostar s Managed Access Gateway (MAG) is a consolidated portal that provides identity and access management as a cloud service for the Aerospace & Defense industries. The PIM application is 4

available through Exostar s Managed Access Gateway. You will be required to have a MAG user account and an approved security credential to access PIM. Please see the How to Access PIM section in this guide for access instructions and credential requirements. Roles within MAG Responsibilities for a MAG Application Administrator can found in the MAG Application Administrator Quick Reference Guide. If you do not have a MAG user id, you will need to work with your organization s MAG Organization Administrator. Responsibilities for a MAG Application Administrator can found in the MAG Organization Administrator Quick Reference Guide. How to Access PIM A person who is assigned the role of PIM Application Administrator from your organization will receive an invitation to PIM and the required questionnaire(s) that is submitted by a buying partner organization. After the invitation has been accepted and the questionnaire(s) have been accepted, your organization will be subscribed to PIM. The PIM Terms and Conditions will need to be accepted by your Exostar MAG Organization Administrator or your Exostar MAG PIM Application Administrator. Once the Terms and Conditions are accepted, anyone from your organization will have the ability to request access to the PIM application through their MAG account. If you are unsure on how to use MAG and require assistance, please visit http://www.myexostar.com/managed-access-gateway. Before accessing the PIM application, you will need to log into your MAG account with an approved multi-factor credential such as a Phone-based OTP, OTP Hardware Token with Proofing Upgrade, Federated Identity Service Medium Level of Assurance Hardware Certificates, Government-Issued Common Access Cards, Northrop Grumman OneBadge, NASA PIV Card or the Enterprise Access Gateway solution. To log into MAG with your approved multi-factor credential and access the PIM application, you will need to go to https://portal.exostar.com. You must use Internet Explorer. 5

Once you have logged into your MAG account with your multi-factor credential, you can confirm that you have successfully logged in with your credential by verifying the credential strength in the upper right hand corner. The below example shows that the user has logged in with a Medium Level of Assurance Hardware Certificate. If the credential strength says Username and Password, this means that you are currently only logged in with username and password and have not logged in with a multifactor credential. On your Home Dashboard, you will need to locate the PIM application. You will need to click on Open Application. NOTE: If you see a different status other than Open Application for PIM, please use the legend or reference the PIM FAQs for assistance. If you see a message that says Login Requirements Not Met, this means that you have not logged in with the correct credential strength to access the application. If you do not see PIM on your Home Dashboard view, please contact Exostar Customer Support for assistance. Roles within PIM If you are an Exostar Managed Access Gateway (MAG) Application Administrator for PIM, you will be designated as an Application Administrator within the PIM application. The Application Administrator role within PIM allows you to manage users of your organization within the application. The Application Administrator can change a user s role within PIM, deactivate a user s PIM access, create and edit groups. Additional information about completing these functions can be found in the Manage Users and Groups section. About the PIM Home Dashboard and Viewing Notifications The Home Dashboard contains widgets (such as Partners, Recent Activities and My Organization) that enable you to access information or perform a function. Widgets are clickable which will allow you to obtain additional details. There are several widgets that are connected. For example, clicking on the Partners widget will allow you to access forms and groups. Clicking on the Forms widget or Groups widget will take you directly to these sections. 6

From the Home Dashboard view, you can view things like the number of buying partners that are connected to your organization, the number of users from your organization that are subscribed to the PIM application and more. Top navigation includes Partners, Forms and Groups. The time and date will display your local time. 7

Vertical navigation includes Home, Partner Lookup, My Account and Reports. This navigation will display regardless of where you have navigated within the application. PIM can be used both by buying and supplying organizations. When logged into PIM, you will notice that you will be using PIM as a supplier. Recent Activities Recent Activities provides a 30 day timeline of all activities that have taken place with a buying partner. Activities include status of your organization s response to an invitation and status of your organization s response to a questionnaire. For example, if your organization has accepted an 8

invitation to PIM from a buying partner, the status of that request will appear in Recent Activities. The status of acceptance or opting out of a questionnaire will also display in this widget. Partner Profile Clicking on a buyer partner name will take you a buyer partner s profile. The profile provides you with additional information about the buyer partner such as the organization address, what forms have been shared and your organization s capability score for a questionnaire. The map indicates where the buyer partner is located. Selecting the drop-down arrow will provide you with status of forms that your organization has shared with a buying partner. 9

Forms that you have shared with a buying partner will appears in the Forms Shared With column. Clicking on the form name (e.g. Cybersecurity Questionnaire) will allow you to see if a form has been completed, view a questionnaire and how your organization scored. Scores will only be calculated only after a questionnaire is completed and submitted to a buying partner. Additional information about completing or updating a questionnaire can be found in the Completing and Updating a Questionnaire section. 10

If a questionnaire has been assigned to you by a PIM Application Administrator, you will have the ability to complete or edit the questionnaire. New Partners The New Partners widget provides a 30 day timeline of buying partners that your organization has connected with. When your organization has been invited to the PIM application by a buying partner, the status of the request will appear in the New Partners widget (and in the Recent Activities widget). For example, if your organization has accepted a PIM invitation from a buying partner, the status of that request will appear in the New Partners widget. The same functionality exists when clicking on a buying partner s name for New Partners as it did for Recent Activities. You will be provided with a partner s profile. 11

To filter the information that you want to display in the New, click on Filter to set the criteria. My Organization My Organization provides you with details about buying partners that you are connected to and users that are associated with your organization. 12

Clicking on your organization name or the buyers section in the My Organization widget will provide you with information about the partners that you are connected to. Clicking on the users section in the My Organization widget will provide you with information about users within your organization. If you have the role of Application Administrator within the PIM application, you will be able to manage users associated with your organization. Managing Users If you have been designated with the Application Administrator role within the PIM application, you will be able to manage users within the application. The Application Administrator can change a user s role within PIM, deactivate a user s PIM access, create and edit groups. 13

To change a user s role or deactivate their PIM access, click on the Tools ( presented with the User Management window. ) icon. You will be From the User Management window, you will be able to modify a user s role (including your own). If you change a user s role to Standard User, they will lose administrative privileges within the PIM application. If you deselect the Active status for PIM, the user will not be able to access the PIM application after they have logged into their Exostar MAG account. Click Update to complete. Groups Groups are a collection of supplier partner companies that have been invited to complete a form. Groups help simplify viewing supplier partner information. For example, if you are purchasing parts to build an airplane wing and you have 35 supplier partners that provide airplane wing parts, you can include these supplier in a single group. You can also create reports using a group. Please reference the Reports section in this guide for how to create a report. Groups can be accessed from multiple places from the Home Dashboard including the Partners and Groups widgets. 14

Groups can also be accessed by selecting Suppliers from the My Organization widget. To add a group, click Add Group. From the Details tab, you are required to enter a group name and to select the category (Buyer or Supplier) for the group. You have the option to enter a description. You can enter the industry for the group that you are creating. 15

From the Association tab, you will need to select the buyer partners that you want to include in the group by clicking on the partner name. To select multiple partners, click on the partner and the CTRL key on your keyboard at the same time. Once you have created the group, click Save. The group will be created. You will have the ability to edit or delete the group that you created or that another PIM Application Administrator created. Forms A form is a questionnaire that a buyer partner has invited your organization to complete. Questionnaires available in PIM are the, Conflict Minerals Questionnaire, Cybersecurity Questionnaire and the NIST SP 800-171. Shared forms are forms shared by your organization with a buying partner. 16

Supplier forms allows a buyer partner to view a list of forms that are shared by you as well as forms that have been requested from a supplier partner regardless of status. Forms can be accessed from the Partner, Forms and the Form Activities widgets. Completing the Conflict Minerals Questionnaire Once you have selected to complete the form, you will receive the Welcome page. To complete the form, click Continue. It is important to note that if completing and submitting the Conflict Minerals Questionnaire, you will be required to upload the 4.20 version of the Conflict Minerals form. Please remember that in order to complete any form in PIM, the form must be assigned to you the PIM Application Administrator. 17

You have the option to download a blank 4.20 version of the Conflict Minerals Form to complete from the Help section in PIM if you do not have the form. When uploading the form, the file name must be CFSI_CMRT 4.20.xlsx or xls. Acceptable file formats are.xlsx or xls. Once you have answered the questions, you need to upload the completed form. You will need to answer the questions presented on the page and click Next. Note: You will not be able to delete an uploaded form. However, you will be able to replace an existing form but uploading a new version. When you are ready to submit, you will need to enter the submitter s details. You will need to click Send Response. If you do not enter the Submitter s details, you will be unable to submit the form. 18

Any unsaved changes will not be saved and the form will be discarded. If you need to cancel the file you selected, you can close or cancel from your drive. Forms Activities Widget The Forms Activities widget provides a quick view of forms that a buying partner has requested your organization complete. It also provides a progress and score column so you can determine your organization s status for completing a form and score. If a form is not accepted, it will display as Pending in this widget. You will not see the progress column until the form is accepted. You will also have the ability to filter what results display by clicking on Filter or the filter icon available in the columns. Please note that an In Progress form cannot be viewed by your buyer partner until a user who has been assigned a questionnaire has submitted the form. 19

Clicking on the form name (e.g. Cybersecurity Questionnaire) will take you directly to a questionnaire (form). You will be able to view forms regardless of status. Selecting a buying partner in the Buyer column from the Forms Activities widget takes you to the partner s profile. Forms Widget The Forms widget allows you to see what questionnaires have been shared with your partners. To view information about forms, click Forms. The number represents the number of questionnaires. About Sharing Requests A sharing request is when you share a questionnaire with your buying partner. How to Accept, Deny or Opt-Out of a Sharing Request The buyer partner organization that you are doing business with must submit an invitation to your company in order to see your questionnaire results. By clicking on the Forms widget, a PIM Application Administrator will be able to accept or deny a questionnaire that a buyer partner is requesting your organization to complete. If you do not have this role, you will not be able to complete these actions. 20

About Opting-Out If your organization has shared a form with a buyer partner, PIM Application Administrators will have the ability to opt-out. If you do not have the role of PIM Application Administrator, you will not be able to submit an opt-out request. To opt-out, the PIM Application Administrator will need to submit a request to opt-out by submitting an online request to Exostar. Opting-out will discontinue form sharing with the buyer partner organization. The buyer partner organization will no longer have access to the form that was opted-out. You will be unable to click on the form to open it if it has been optedout. If you are doing business with Lockheed Martin, the opt-out option is unavailable. Upon the submission of your request, an auto generated email will be sent to the provided email address with an embedded link for the PIM Application Administrator to view and confirm your opt - out request. The PIM Application Administrator must confirm the request by clicking on a URL embedded in the email which will take them to a page that will display their request information. The PIM Application Administrator will be required to confirm the request via the provided link in order for your case to be submitted to Exostar. Exostar will process the request to opt-out. Once the request has been completed, the PIM Application Administrator will receive a notification via email. The email will be sent to the email address that was provided at the time of the case submission. The email will provide notification that the request is complete and the desired form has been unshared with the specified buyer(s). No action is required from the supplying organization at this time. It can take up to five business days for the request to be completed and notification received. Note: If your organization would like to share an opted-out form with the same buyer; the buying organization will be required to submit another Form Sharing request to your organization and your organization will be required to accept the sharing. 21

About Denying If you want to deny a sharing request from your buyer partner for the form, your PIM Application Administrator will have the ability to deny the form sharing request. You will need to click on the X to deny. To accept, click on the check box. If you are denying a questionnaire, you will need to provide a reason. 22

About Accepting If you are accepting a questionnaire, select Accept. In the example, the Conflict Minerals form that was Boeing EGRC Buyer Org requested be completed is being accepted. You will need to confirm acceptance. After accepting the form, it will no longer display under My Shared Forms. A notification of form acceptance will display in the Recent Activities widget on your Home Dashboard. It will display under 23

My Shared forms by going to the Forms widget on your Home Dashboard. Additionally, the buyer will receive notification that your organization has accepted the form. Determining Who Your Organization is Sharing a Request With You will be able to determine what forms are being shared with a buying partner by clicking on the Forms widget from the Home Dashboard. 24

You will be able to view the buyer partner you are sharing with and the status of the sharing request. You will be able to view the status of the questionnaire in the status column. If the request says that it is pending, you have not accepted or denied request yet. If you do not accept the sharing request, the buyer partner you are doing business with will be unable to see the responses to your questionnaire. Assigning a Questionnaire Only users with the role of PIM Application Administrator can assign questionnaires. Assigning a questionnaire to a user allows the user to complete or edit a questionnaire. If you completed the invitation for PIM access from your buyer partner, you will be required to assign the questionnaire to yourself if you will need to complete or edit the questionnaire. A questionnaire can only assigned if a buyer partner organization has requested that your organization share the form. PIM Application Administrators can assign an unlimited number of users to a questionnaire as desired. If you have completed the invitation for your organization to use PIM, you will be required to assign the questionnaire to yourself. When a questionnaire is assigned to a user, the user will receive a notification email. How to Assign a Questionnaire to a User To assign a question, select the Forms widget from your Home Dashboard. 25

Select the questionnaire you want to assign to the user by clicking on the questionnaire you want to assign. You will be presented with the questionnaire that you selected. Scroll to the User Assignment section. Click Add to add a user. 26

Select the user and click Save. The user will be added and can now complete or edit a questionnaire. Completing and Updating a Questionnaire Questionnaires can be completed or updated by anyone who has access to PIM. However, if you are a standard user, the questionnaire must be assigned to you by your PIM Application Administrator. You only need to complete questions that are relevant to your company. Questionnaires can be completed or updated from the Forms widget from your Home Dashboard. You will need to select the form you want to complete or update. If another user is currently working on the form, the form will be locked and you will be unable to update it. A form will be locked if an assigned user is working on it. Once the user who is working on the questionnaire clicks Save & Exit, another assigned user can work on the questionnaire. 27

There are two different options to edit the questionnaire. If you want to edit the entire questionnaire click on Click to Edit. If you want to edit an individual section, click on Edit in the specific section. The Progress column indicates that status of your questionnaire. Please note that there is a guidance section on the right that can assist you with questions that you may have about the questionnaire. NOTE: Exostar Tier I Support is unable to assist you with providing answers to any questions found in any of the questionnaires. If you are unsure on how to answer a question that is relevant to your business, please work with your IT Department or the company you are doing business with as they may be able to assist you. 28

When are you ready to proceed to the next page, or if the question is not relevant to your business, click Next. NOTE: If you are not ready to proceed to the next page, click on Save & Exit. Your questionnaire will not be submitted if you select this option. Save & Exit will retain the information you completed and take you back to the Dashboard. When you select the questionnaire, you will be directed to the last page you were on. Your information will not be saved if you do not click on Save & Exit or Next. As you navigate through the questionnaire, your progress bar status will change. This shows what percentage of the questionnaire you have completed so far. 29

After you have completed the questionnaire, you will need to enter the name of the person that completed the questionnaire. Once you have completed this, click the Send Response. Note: In order for the company you are doing business with to see your questionnaire results, a user with the PIM Application Administrator role will need to accept a sharing request. Please reference the How to Accept, Deny or Opt-Out of a Sharing Request section for additional information. Once you have sent a response, you will be taken back to the questionnaire where you will have the ability to edit the completed questionnaire and resubmit for updating scoring. 30

You will also see the status of the questionnaire in the Forms activity widget from your Home Dashboard. Partners Widget The Partners widget provides you with information about buyer partners and users that your organization is connected to regardless of their status. The number represents the number of active connections to your organization. To view partner and user information, click Partners. You will have the ability to view details about buyer partners that your organization is doing business with, users that are a part of your organization, status of a sharing request for questionnaires and groups. 31

About the Partners Profile View Partners allows you to keep track of your buying partners and allows you to view them. Partners also allows you to track the status of your organization s response to a form that has been shared between your organization and your buyer partner(s). This also allows you to keep track and view your buyer partners. When the radio button is set to List, you can view the status of a sharing request by viewing the Status column. You also have the ability to set filters by clicking on the filter icon in each column. Selecting Summary allows you to see if a sharing request has been accepted by your organization and other details such as tracking your organization s progress for completing a form. If your organization has completed a form, the progress will show 100%. Additionally, the form (e.g. Cybersecurity Questionnaire) will be clickable for you to view the completed form. 32

Clicking on the partner name in the Name column from Partners Profile View allows you to view a buyer partner s details. It also allows you to see what forms have been shared. After you have selected the partner, you will be presented with information about the partner such as address and what forms have been shared with them. Selecting the drop-down arrow will provide the status of the form. If a supplier partner has completed multiple forms, you can click on the form name (e.g. Cybersecurity Questionnaire) to review. To close the form, click the form name again. 33

You will be able to access additional forms that have been completed by the partner supplier. An in progress form cannot be viewed until the form has been submitted by your organization. Setting the radio button to Map from Profile Details allows you to view all the buyer partners that your organization is connected and the location of the buyer partner. Clicking on the map marker will allow you to view the buyer partner details. The location pins represent all of your partners regardless of partner type (buyer or supplier). The color of the pins indicates if the specific organization is connected to you as a supplier to you or a buyer. 34

If you have created a group, setting the radio button to Connection allows you to view buyer groups that you are connected to. You will need to select the group from the drop-down menu. By clicking on the orange circle next to the buyer partner s name, you will be able to view the buyer partner s information including a list of forms that have been shared. If your organization has completed and submitted a form, you will be to select the form from the form results. 35

About the Users Profile View The Users profile view provides a summary view of users that are associated with your organization. Selecting the user allows you to view information such as email address and phone number for the user. Note: If you have an Administrator role, you will have the ability to manage users within your organization. You will see the Tools icon ( ) if you have the Application Administrator role. About the Forms Profile View The Forms profile view allows you to see the status of a form and if it has been shared with a buyer partner. 36

Clicking on a shared form will allow you to view how your organization responded to a questionnaire and how your organization scored. Additional information including how a specific question for a specific section (e.g. 1. Device Inventory) was answered can be obtained by clicking on the percentage field or by clicking on the View dropdown menu. You can download a blank questionnaire by clicking on Reports. You will then need to select Questionnaire. Additionally, you can obtain a report how partner responded by clicking on Feedback Report. 37

About the Group Profile View Groups are a collection of supplier partner companies that have been invited to complete a form. Groups helps simplify viewing partner information. For example, if you have the role of Application Administrator, you will be able to create, edit or delete a group. For additional information about Groups, please see the Groups Section in this guide. Partner Lookup Partner Lookup allows you to search for a supplier partner. From the Result view, you can select the search criteria that you want to use from the drop-down menu. Partial organization name searches can be completed. However, special character (e.g. asterisk) searches cannot be completed. You can filter the information that you want displayed by using the filters in the columns. If the name does appear in the list, you can still use the Search button. If the required supplier does not appear after the Search, there may be a name or spelling problem. You can then try other searches (e.g. Group, Partner Type, etc.). 38

Selecting the Exostar ID or organization name allows you to view a partner s profile. Selecting Export to Excel allows to you download the displayed information into an Excel file. Selecting Summary allows you to determine the status of a sharing request. The summary view provides other details such as tracking your organization s progress for completing a form. If a form has been completed, the progress will be 100%. Additionally, the form (e.g. Cybersecurity Questionnaire) will be clickable for you to view the partner s completed form. If you are using the Map view from Partner Lookup, you can select the search criteria that you want to use from the drop-down menu. Partial organization name searches can be completed. However, 39

special character (e.g. asterisk) searches cannot be completed. You may need to zoom in before the marker appears. To zoom in, click the + sign or use the scroll wheel on your computer mouse. To learn more about the organization, hover over the map marker to view organization details. 40

My Account From My account, you can determine what role you have in PIM, update phone numbers and update your email address. To complete an update, click Edit. Complete your changes and click Update to save them. Scoring The Cybersecurity Questionnaire capability score is calculated based upon the responses provided to each control family. A partner supplier is required to implement all control activities contained within a capability level to attain that capability level. Before a partner supplier can meet the next capability level, they are required to have implemented all control activities from the prior control family. 41

Score Summary allows you to review a summary of your capability results. The overall score is a collection of all capability level scores. Clicking on the icon in the Score Summary field provides you with a legend that you can use to analyze your results. 42

Compliancy for the NIST SP 800-171 Questionnaire is determined from how a supplier partner responded to the questionnaire. If you organization has scored a percent score of 100% for the overall score, compliance is Compliant. If the overall score is less than 100%, compliance is Not Compliant. The Control Score is the score that your organization received for that control family. The score summary is the combined score of all control families. About the Capability Assessment Further analysis by control family can be viewed in the Control Score section of a questionnaire. You can see the control score next to the individual control family. The illustration below shows that a capability level of 4 was achieved for the Device Inventory control family. 43

About Capability Levels Capability levels shows the number of questions asked and the number of questions that you answered. In the illustration below, Capability Level 1 shows that 28 questions were asked and 28 questions were answered. Scoring The Cybersecurity Questionnaire capability score is calculated based upon the responses provided to each control family. A partner supplier is required to implement all control activities contained within a capability level to attain that capability level. Before a partner supplier can meet the next capability level, they are required to have implemented all control activities from the prior control family. Compliancy for the NIST SP 800-171 Questionnaire is determined from how a supplier partner responded to the questionnaire. If a partner supplier has scored a percent score of 100% for the overall score, compliance is Compliant. If the overall score is less than 100%, compliance is Not Compliant. The Control Score is the score that a partner supplier received for that control family. The score summary is the combined score of all control families. Compliancy for the Conflict Minerals Questionnaire is determined from how a supplier partner responded to the questionnaire. The result of this questionnaire will determine if your company is compliant or not compliant. 44

Email Notifications The following notifications are sent to a PIM Application Administrators: When form sharing has been requested by a buying organization. Reminder email 30 days prior to the expiration of a form you have completed. Reminder emails to complete a form which has been requested by a buyer partner. When a capability score of less than three is received on a submitted Cybersecurity Questionnaire. The following notifications are sent to a Supplier User: When a form has been assigned to you for completed by your PIM Application Administrator. Support Additional information including FAQs, Cybersecurity and NIST SP 800-171 Questionnaire resources and more can be found at http://www.myexostar.com/pim/. 45

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback