ProcessUnity are a strong and forward thinking organisation, that have proven to be an excellent Third Party and business partner to work with. They have always listened to their customers and taken action on good ideas. Their GRX and Threat and Vulnerability Response platforms (TVR) have enabled us to streamline Third Party assessments, enhance due diligence and make confident, risk based decisions at scale. Their platforms are highly flexible, with capable apis, that have allowed us to integrate into our wider third party risk management program. The GRX exchange data provides us excellent visibility into third party risks, even before an attested assessment has been completed. The TVR platform has been a revolutionary way of monitoring and managing third party cyber threats and vulnerability, at scale. The platform's ability to aggregate intelligence and present actionable insights has strengthened our operational resilience and enabled a more proactive third party security posture. We have been able to have visibility into our supply chain and take prioritised action on 4th party risk, quickly and efficiently. More recently, ProcessUnity have implemented AI workflow into GRX and we are beginning to see some real advancements in assessment turnaround time, which is key to supporting our business with faster onboarding, whilst ensuring they third party meets our security requirements.

While ProcessUnity provides a foundational GRC platform, our experience during deployment and ongoing use has presented several challenges. Implementation lacked standard deployment templates, and many issues encountered were attributed back to the customer rather than supported with clear guidance or ownership from the vendor. From a functionality standpoint, the tool is fairly basic, and enhancements or even minor updates typically require paid professional services, which adds ongoing costs for capabilities we would expect to be included as standard.