Vendor Cloud Platinum Package: Included Capabilities

Similar documents
10/18/2018. London Governance, Risk, and Compliance

THE 8 REPORTS YOU NEED FOR EFFECTIVE AND EFFICIENT VENDOR RISK MANAGEMENT

10/16/2018. Kingston Governance, Risk, and Compliance

Solutions Implementation Guide

_ PRODUCT OVERVIEW EFFECTIVE AUGUST 6, 2018 PRODUCT OVERVIEW

The LBi HR HelpDesk. The Features of a Solution Engineered to Empower Employees and Maximize HR in Companies of Any Size. LBiSoftware.

Decision Maker s Guide

_ PRODUCT OVERVIEW EFFECTIVE MARCH 6, 2019 PRODUCT OVERVIEW

INTRODUCTION TO PREVALENT SYNAPSE 0

Oracle Policy Automation The modern enterprise advice platform

ServiceNow Order Form Product and Use Definitions

Index. Sarah Critchley 2018 S. Critchley, Dynamics 365 CE Essentials,

efacility - Maintenance Management System

Fulfilling CDM Phase II with Identity Governance and Provisioning

Contact us for the full, detailed 20-page CRM Software Review for Goldmine Premium Edition CRM or any of 30 other major CRM applications.

How do you respond when you encounter...?

Jakarta ServiceNow Governance Risk Compliance. Last updated: February 13, 2019

REQUEST FOR PROPOSAL (RFP) FOR CONTRACT MANAGEMENT SYSTEM ISSUED BY THE RFP INFORMATION

AGILE ITIL SOFTWARE. Data Sheet AGILE ITIL SERVICE DESK AND ITSM JUMP START YOUR SERVICE DESK ITIL CERTIFIED PROCESSES WHOSE ITIL?

Case Study Webinar: Vendor Risk Management at Global Lending Services

SIMPLIFIES AND STREAMLINES THE CLAIMS SUBMISSION, MONITORING AND RESOLUTION PROCESS

The Leading Low-code Application Platform For Modern Work Management

Office 365 Governance & Security

Appraisal Order Management Suite (OMS) For AMC Organizations.

Office 365 Governance & Security

Streamline the Claims Management Process

New Features in Primavera Unifier 15.1

NetSuite Certified Administrator Exam

New Features in EnterpriseTrack 16.1

SAP BusinessObjects Enterprise BI Platform

BI Portal User Guide

APM Health Classic from GE Digital Part of our On-Premise Asset Performance Management Classic Solution Suite

Reading Sample. SAP Risk Management Implementation. Contents. Index. The Authors. First-hand knowledge.

Be Remarkable. CONTRACT LIFECYCLE MANAGEMENT SOFTWARE. Software Overview OVERVIEW. Additional Available Professional Services

collaborative solutions core product features and benefits Construction Collaboration Software. SaaS.

Best Practices: Vendor Risk Questionnaires PROCESSUNITY WEBINAR SERIES

Vendor Due Diligence: Keep The Risk Out!

Analytics Cloud Service Administration Guide

IBM Exam C IBM SmartCloud Control Desk V7.5 Change Configuration Release Management Implementation Version: 6.0

Crowe Caliber. Using Technology to Enhance AML Model Risk Management Programs and Automate Model Calibration. Audit Tax Advisory Risk Performance

SOLUTION BRIEF DOSSIER MANAGEMENT

A BPTrends Report. March

Oracle Enterprise Manager

EVM-11-G-001 Does the tool use ITIL 2011 Edition process terms and align to ITIL 2011 N/A. Edition workflows and process integrations?

IBM TRIRIGA Version Getting Started User Guide

WHITE PAPER GOOGLE AND SALESFORCE

DETAILED COURSE AGENDA

CRM Boot Camp for Dynamics 365

1. A Sales Manager would like to get a report of opportunities grouped by sales stage. What kind of report meet this requirement:

GROUP AND LOCAL LIBRARY SYSTEM NEEDS Private Academic Library Network of Indiana 8/29/2016

AppExchange Packaging Guide

Infor VISUAL 9 Features & Benefits through VE 9 R3. Copyright Infor. All Rights Reserved.

SAP BusinessObjects Access Control 5.3 Support Pack 9. Functional Overview SAP BusinessObjects Access Control Solution Management September 30, 2009

SAP SuccessFactors Foundation

Starfish Solutions. Monitoring, Auditing and Optimizing Resources for Avaya Communication Manager Starfish Associates, LLC. All Rights Reserved.

A SURVEY AS UNIQUE AS YOUR AUDIENCE.

Team Collaboration and Project Management Capabilities

Empowering SMBs with Big Business Tools

Service Manager Simplifying modern ITSM

SAP SuccessFactors Recruiting

Optimize your Service Cloud Data Best Practices, Data Extraction and NextGen Reporting

Principal Toolbox Release Notes 9.5

ARIS 10 SR4 FEATURES OVERVIEW

GOVERNANCE. Overview. The Governance Module can address all applicable standards and regulations.

Contract Manager Data Sheet

Top 5 Things to Transform your Business Continuity Program

Whitepaper: Enterprise Vault Discovery Accelerator and Clearwell A Comparison August 2012

INSTRUCTIONS Column A: Column B: Mandatory Preferred Optional Information Column C: Column D: Column F:

The HubSpot Growth Platform

Closed-loop Performance Management

Strategy Integration Design Training

Deltek Touch Time & Expense for GovCon 1.2. User Guide

Audit Management - Software. Internal Audit Refresher Course Technical Session 6 27 August, 2016

DAM Requirements Checklist

FCS e-connect. The Comprehensive Call Center Solution Managing Guest Requests and Inter-department Work Orders

BP(A S) Taleo Performance User Guide

A single platform. Your many investment ideas. Comprehensive Alpha Research and Portfolio Management Platform

AVANTUS TRAINING PTE LTD

BAYPORT BUSINESS ONLINE BANKING USER GUIDE TABLE OF CONTENTS

Work.com Implementation Guide

Admin Training. August 2017

AvePoint Online Services vs Office 365 Sites, Files, s, and Groups Backup, Management and Archiving

Productivity Management INTELLIGENT COLLABORATION SOLUTION

1 Vendor Management Module v6.0 User s Guide

Request Fulfillment Management. ITG s CENTRE Service Record Screen

Compare Zoho CRM editions.

Introduction. Highlights. Prepare Library Sequence Analyze Data

Skelta. Capital Expenditure Management. Business Process Management for All POWERED BY SKELTA BPM

Systems Management of the SAS 9.2 Enterprise Business Intelligence Environment Gary T. Ciampa, SAS Institute Inc., Cary, NC

data sheet ORACLE ENTERPRISE PLANNING AND BUDGETING 11i

QPR ScoreCard. White Paper. QPR ScoreCard - Balanced Scorecard with Commitment. Copyright 2002 QPR Software Oyj Plc All Rights Reserved

SAS Human Capital Management 5.1. Administrator s Guide


Salesforce Training in Chennai. Salesforce.com Course Syllabus

Introduction to Hyperion Financial Reporting

RiskyProject Lite 7. User s Guide. Intaver Institute Inc. Project Risk Management Software.

CENTRE (Common Enterprise Resource)

GENERAL PLATFORM CRITERIA. General Platform Criterion Assessment Question

Hello and welcome to this overview session on SAP Business One release 9.1

Reduce the time & labor to process and archive documents. Reduce document cycle times. Create audit trails of document handling activities

Transcription:

Solution Overview Third-Party Risk Management Vendor Cloud Platinum Package: Included Capabilities The Vendor Cloud Platinum package provides the highest level of risk management capabilities, offering customers a sustainable, long term platform to improve the effectiveness and efficiency of third-party risk management programs. Features include: Vendors, Facilities & 4 th Parties Vendor Cloud s built-in vendor management capabilities allow organizations to define third parties, capture their related facility locations and identify their fourth parties. The system captures and manages basic vendor information, contact information, risk summary, contract information and includes an optional calculated score card. Use this base-level functionality to plan and conduct risk assessments, run reports for analysis and mitigate risks posed by third-party service providers. Vendor Portal The Vendor Portal provides a secure and proprietary (context-filtered) environment accessible by registered vendor contacts in a ProcessUnity Vendor Cloud implementation. Vendor contacts use this environment to complete third-party risk questionnaires, as well as consume vendor-specific reports, respond to remediation requests and/or complete vendor-specific action items. Vendor Services Vendor Services provide a deeper level of definition for an organization s vendor risk management program. The vendor service area allows companies to track and assess multiple relationships/contracts within a single vendor. Each type of service can be separately defined with different business owners, vendor analysts and scope of assessments. When assessments are performed at the vendor service level, the results can then be aggregated to the vendor's master record for overall health and risk ratings. Vendor Request Forms The Vendor Request Form allows business users to request a new vendor or vendor service by submitting basic information to a designated vendor analyst for processing. New requests can be tracked by expected completion date and status, including notifications. Analysts can perform specific assessments or complete due diligence activities that will determine any required action by the organization before deciding to do business with the third party. Vendor Collaboration Vendor assessments and questionnaires include support for follow-up workflow, which enables analysts to communicate with vendors to collect additional, clarifying information and evidence (all within Vendor Cloud). During the review process, analysts can tag questions for follow-up and then send them for vendor response, tracking the iterations and highlighting follow-on questions for ease of completion and reporting.

Questionnaires & Assessments ProcessUnity includes capabilities to define custom questionnaires (sections and questions) for use in questionnaire-scoped assessments. A questionnaire template allows any number of question types to be created (freeform, yes/no, pick lists, numbers, dates, etc.). The system supports conditional skip rules at the question or section level, required flags, tooltips and suggested attachments. ProcessUnity s flexible scoring system allows organizations to define and implement their own scoring system. Preferred Responses Preferred responses help analyze large sets of responses in shorter time by automatically classifying responses as Preferred, Not Preferred or Evaluation Recommended. Automated Assessments Bulk assessments provide automate the process for creating and launching multiple assessments for a select group of vendors or vendor services. Vendors or vendor services can be selected through search filters based upon user-defined properties such as period, service type or risk tier. The program administrator assigns dates, resources and determines the type of assessment to be used. Once created, emails are automatically sent to each vendor contact notifying them it is time to complete their assessment. Contracts & Contract Reviews Starter Questionnaires ProcessUnity provides starter questionnaires (with scoring logic) to kick-start the assessment processes for organizations without a standard questionnaire. Starter questionnaires include: Classification Assessments tier third parties into relevant risk levels (Very High, High, Medium, Low). Due Diligence Reviews provide a way to determine the overall health score of a third party by completing questions (either internally or externally). Performance Reviews are typically performed prior to a third-party s contract renewal date and are typically sent to the business to determine how the third party is delivering its services. Each third party typically has one or more contracts in place with their customer. Contracts have basic information such as contract ID, owner, approver, term date and refresh date. Included capabilities allow organizations to update contracts when required. Vendor Cloud provides version control and approval step workflows so customers can track contracts and contract revisions over time. Documents Library The Documents Subject Area in ProcessUnity is a centralized repository of file attachments, or URLaccessible links that can be shared, linked, and referenced by any internal Subject Area within the application. Documents can also be associated to an entity (using the Attachments tab), which offers a common link to standardized organizational content. Managed documents are also available to track versions and route documents via workflow. Workflow can be performed when changes occur or when review dates mature.

Issue Management Issue management provides a centralized repository for managing third-party related issues and their remediation plans. Issues can be described and categorized with a severity rating. Appropriate personnel are notified upon issue creation and can be alerted for upcoming due and past-due issues. Reporting provides complete issue status that can be used to identify and track systemic problems within the organization. Regulations & Standards Vendors and/or third parties can be associated with specific regulations or compliance mandates for which an organization is responsible. Regulations and Provisions allow organizations to define their applicable regulations, document changes against those regulations, and through relationships; and determine which third-party services are impacted by those regulatory or compliance changes. Notification rules can alert risk owners to changes in provisions. User Defined Hierarchy A customer-defined subject area in ProcessUnity allows records to be represented in a hierarchy (tree structure) comprised of nested folders with custom names to organize customer-defined data. Business elements can easily represent customer assets, buildings, applications, systems, etc. Business elements are also auditable entities (they can be the scope of periodic Assessment processing). Vendor Scoring ProcessUnity includes robust business rules that can perform calculations; translate and weight scores into ratings; aggregate information from related records; perform automated scoring during assessments; and, highlight and format data conditionally. This powerful feature provides organizations the ability to deploy ProcessUnity in a manner that best suits their specific program requirements from simple color coded scores and fields, to robust score aggregation, weighting and calculations. Users can set triggers that automatically trigger workflow notifications and can report against enterprise wide anomalies. Document Requests Document Requests is a subject area that facilitates workflows for formal documentation requests that is either uploaded to the system or available via external URLs. Working in conjunction with recipients ProcessUnity Inbox, Document Requests can be linked (related) to any type of record in ProcessUnity. Example uses include: requests for test evidence, requests for policy or service offering documentation, requests for vendor compliance documentation and more. Findings Findings are identified during the assessment review process and highlight areas of concern regarding a thirdparty review activity. Findings track anomalies against question responses and provide a rating and actionable reporting for follow-up by the third-party analyst.

Standard Dashboards Built-in standard Dashboards consolidate and visualize the status of third party risk, assessments, findings, and more. Each system user has the ability to configure their personal dashboard to maximize productivity. Any user defined report can be delivered in graphical format with drill down capability to detailed information. In addition, selected users can copy their dashboard to other users, roles, or teams to instantly share valuable analytics with others. User Defined Notifications Notifications are pre-defined communications that can be triggered automatically when data certain conditions are met. Notifications can be issued as email messages and/or ProcessUnity Inbox entries. System users (with appropriate permissions) can specify the condition, the triggering method, the notification content (text) and recipients. Notifications can be as simple as indicators or reminders, or can feed more robust workflows such as review and approval requests and/or escalations for overdue items. User Defined Properties ProcessUnity includes default properties all system areas to help organizations get started. In addition, user defined properties can be easily defined and configured to extend the system for customer-specific program requirements. Standard Reports Built-in Standard Reports provide the basic information required to manage third-party risk. Out-of-the-box reports include: Vendor Risk Criticality, Vendor Assessment Status, Vendor Assessment Schedule, Findings Summary, Contract Exposure by Vendor Type, Vendor Health Summary, Vendor Risk Tier Summary, Questionnaire Definitions, Assessment Responsibilities and more. Standard Properties Standard properties are provided for Vendors, Facilities, Fourth Parties, Assessments, Assessment Types, Questionnaires, Contracts, and Findings. Standard properties can be disabled - or renamed to suit a particular customer's nomenclature. Non-standard properties are also available (see user defined properties) User Defined Reports ProcessUnity allows system users (with permission) to author custom reports against system data via a simpleto-use reporting building interface. Custom reports can access any customer-defined properties/attributes, and can be grouped/sorted/totaled according to customer preference. Design-time or interactive filters can also be applied, as well as calculated columns. Charts can be added to visualize reports, and finalized reports can be published to specific roles or teams for easy access to view or export their content.

Import/Export Services Import Templates provide an easy way to add or update system data in bulk via the CSV (comma separated values) file format. Bulk data migration supports "relationship" imports (allowing existing records to be linked together), as well as a variety of single-purpose import template types. Also provided is the ability to execute automated import/exports via batch scripts (such as CURL) that can be scheduled to automate the movement of data into and out of ProcessUnity. These easy-to-define templates are also the basis for integrations to web-services, the Salesforce Connector, or the Excel Connector. Test Instance Non-production, test instances allow customers to host data in an environment suitable for development, testing, and training without compromising the data and configuration in a production environment. Test environments are completely isolated from the ProcessUnity production instance, so testing will not affect live system work (and vice-versa). Customers can refresh their test environment data at any time. Limited to 10 users and refresh from 1 production instance. On-site Control Assessments Controls require periodic testing to ensure effectiveness. Controls Assessments provide a way for organizations to route control activities to designated owners, have those controls tested for effectiveness, gather evidence of the controls effectiveness, and provide a pass/fail status that can be used to define issues requiring attention. Controls Assessments and related Policy reports demonstrate and communicate effective Policy and Procedure management. Service-Level Agreement Tracking Metrics are hierarchically-stored collections of performance indicators and other captured information used to measure any organizational aspect of risk management (including KRI, KPI, SLA, SLC, etc.). Metrics provides configurable mechanisms and workflow to schedule ownership-based data collection, and the ability to create notifications for results that exceed thresholds or escalation levels. Incident Management Many compliance programs require that certain types of incidents be captured, reported and tracked to closure. ProcessUnity s configurable Incidents module provides mechanisms by which users can report incidents of various types, assign ownership for incidents, engage in a dialog about incidents and finally close incidents and maintain them for historical reporting. Risk Register The building blocks of a robust risk management solution begin with cataloging institutional risks, whether at the operational or enterprise level. A good starting point for an overall ERM solution is to start simple. The ProcessUnity Risk Register provides the ability to define risk categories, risk families, determine both inherent and residual risk, and then aggregate that risk to organizational groups within the organization. Over time, these subject areas can be the scope of assessments and audit. Control Library On-site control testing is a key requirement for managing high risk third parties. The Control Library provides a central location for controls categorization and test procedure definition, and can be linked to Regulations or Third Parties to best support the organization s needs for a formal on-site control testing approach.

External Components Customize your ProcessUnity instance with data widgets from outside systems, allowing users to view relevant business data in context and within the ProcessUnity framework. Examples include market data, Google maps, news feeds, social media, and more. These components can be accessed directly from external websites or built in-house to support customer needs. MS Excel Connector Seamlessly share data between ProcessUnity and Microsoft Excel. The ProcessUnity Excel Connector allows licensed users to quickly load data into ProcessUnity from Excel, as well as access data stored in their ProcessUnity instance to support external workflows all via a simple to use Excel toolbar extension. Single Sign-On Single Sign-On (SSO) authentication enables all users to bypass the ProcessUnity Login screen by authenticating via a corporate network. This provides convenience by eliminating the need to remember and maintain multiple username and password combinations, improving productivity and security while facilitating collaboration between in-house applications. ProcessUnity supports SAML 2.0, which is an industry standard for SSO.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback