The following is a summary of all new or modified functionality or features in PIM 3.1. Each of the items listed below is explained in more detail within the following sections of this document:
- Modifications to the User Interface: Several modifications to the overall user interface have been introduced in this release including changes to the main navigation menus, as well as some additional "info" links added to provide an explanation of the various widgets, or components, within PIM.
- Addition of a "Profile" Tab in the Organization Profile Page: A new "Profile" tab exists on the Organization Profile page (accessible via the Organization menu option in the My Org top menu item). This tab provides key details regarding the currently logged-in user's organization.
- Inclusion of the "FOCI" Attribute in the Organization Profile: On the "Profile" tab of the Organization Profile page, the system now contains an editable, optional attribute that states the organization's status. Foreign Ownership, Control or Influence (FOCI)
- Addition of Form Submission Activity to Recent Activities Widget: The Recent Activities widget now shows activity information when a form has been submitted either by the user's own organization, or by a supplier who is currently sharing a form with the user's organization.
- Updates to the NIST SP 800-171 Form: The NIST SP 800-171 form has been updated with some minor text edits to include the current Revision 2 of NIST SP 800-171, as well as contain an additional validation for the Estimated Completion Date (ECD) values to ensure this date is either the current date or a date greater than the current date upon form submission.
- Additional Dates Provided in Feedback Reports: The date in which the form was submitted and the date when it expires was added to the Feedback Report of each available system form.
- Removal of Multi-Tier (N-Tier) Supply Chain Visibility Functionality: All content and functionality related to Multi-Tier (N-Tier) Supply Chain Visibility and contract forms have been removed from PIM. Updates to myExostar PIM Content - The Help content for PIM within myExostar.com has been edited and augmented to include additional FAQs, resource links relevant to PIM, and other form-related content.
Modifications to the User Interface
The main modifications to the user interface of PIM consists of changes to the overall system navigation via the new main top (header) menu. The lefthand and right-hand navigation menus and content no longer exists. Instead, all links to navigate to any location or page in PIM exist via the top menu. The top menu consists of the following:
- My Org: Contains links to systems pages (user interfaces) that have information about the currently logged-in user's own organization.
- Reports: Contains a direct link to the Reports homepage. Note that reports vary by whether in the "Buyer View" or "Supplier View" in the system.
- Supplier Lookup: Contains a direct link to the "Supplier LookUp" page. Note that this menu item displays only in the "Buyer" view, not the "Supplier" view.
- Resources: Contains a direct link to the "PIM Form Resources" page for PIM within . This myExostar page contains information myExostar.com about PIM forms, scoring-related information for these forms, and useful external links that can assist suppliers in completing these forms.
- Help: Contains a link to the main PIM help homepage within that contains help-related content and links regarding accessing and myExostar.com using PIM.
- Me: Contains a "user profile and settings" menu that displays information about the currently logged-in user, and provides functionality related to the user account within PIM.
The "Me" menu also now displays other pieces of information regarding the user's account and user's own organization including the Exostar User ID and Organization ID. In addition, a user can now toggle or switch between the Buyer View and Supplier View in the system by selecting (mouse-clicking) on the listed view within the "Me" menu. The current view has a check mark beside it in this "Me" menu. In addition, outside of the "Me" menu, the current view is always displayed via a green label in the top right-hand corner of the PIM application.
In addition to the top menu, "info" links have been added for each widget accessible via the homepage of PIM (whether in Buyer View or Supplier View), The links appear as a hyperlinked " i " icon that when clicked, displays a brief description of the widget and its contents.
Addition of a "Profile" Tab in the Organization Profile Page
A few changes have been added to the Organization Profile page, now accessible via the "Organization" option under the top "My Org" menu item. Primarily, a new "Profile" tab exists in this page in order to display some key information about the user's organization, including the organization's full name and Exostar Organization ID, the organization's address, and the organization's designated Point of Contact (POC) as captured in MAG.
In addition, a link to the organization's extended profile information is now accessible via the "Profile" tab. Users who are in the Application Administrator role for their organization in PIM may update their organization's extended profile data, except for that data which is exclusively managed in Exostar MAG (such as organization name, address, DUNS and Exostar ID). All other users may only view this extended profile data either as a user who belongs to the respective organization or as a partner (via a buyer-supplier relationship) of the organization.
Inclusion of the "FOCI" Attribute in the Organization Profile
In the "Profile" tab of the Organization Profile page, the ability to manage a new organization attribute displaying the organization's Foreign Ownership, now exists. All users within the organization can view and edit this attribute's value for their organization. However, an Control or Influence (FOCI) status email goes to all PIM Application Administrators for the organization any time that the value is edited for the organization. Input of whether an organization does have FOCI or not is not currently required for any PIM organization, and is optional. The definition of FOCI, which specifies whether an organization is considered FOCI or not, is also accessible in the user interface to edit the value via the hyperlinked "Edit" icon in the FOCI section.
Addition of Form Submission Activity to Recent Activities Widget
The Recent Activities Widget now displays a line for the activity when a form has been submitted by the user's own organization (when in Supplier View) or by any organization that is a partner (supplier) of the organization (when in Buyer View). With this addition, all users, not just PIM Application Administrators, can now be aware of a recent submission of any of their own organization's forms or forms shared and submitted by their partners (suppliers).
Updates to the NIST SP 800-171 Form
A few minor updates have been made to the NIST SP 800-171 form, primarily to update the text in the form to include the latest, current Revision 2 of NIST SP 800-171. The form is now referred to as "NIST SP 800-171" throughout PIM without any reference to the revision number in the form name since the form applies to both Revision 1 and Revision 2 of NIST SP 800-171. No actual questions regarding the NIST controls were updated. However, the introduction text in the form and the guidance (help) related text were updated where needed to ensure the form applies to the latest Revision 2 of NIST SP 800-171. In addition, the downloadable reports or PDFs for the forms, including the Feedback Reports, also reflect these minor text edits.
Along with these text edits, one additional validation was added in the form to ensure that users (suppliers) can not submit the form with an Estimated Completion Date (ECD) in the past. The ECD captures the date in which the organization plans to operationally implement all of the NIST SP 800-171 controls if they have not already. With this additional validation now, whether the form is being submitted initially or re-submitted any time after, the user will not be able to submit the form unless the ECD is the current date or a date in the future.
If the user does attempt to submit the NIST SP 800-171 form with an ECD date less than today's date, a message displays informing the user that the date must be edited to be the current date or a date in the future. This message displays along with any other validations that have triggered after the user has selected to submit the form. As with the other validations, the user must correct the date value to be able to successfully submit the form.
Additional Dates Provided in Feedback Reports
In the Feedback Reports for all available system forms, the date in which the form was submitted and the date when it expires was added. These dates can be found on the cover page of each report alongside the other relevant dates for the report.
Removal of Multi-Tier (N-Tier) Supply Chain Visibility Functionality
Previously, PIM contained Multi-Tier (N-Tier) Supply Chain functionality. All functionality associated with N-tier will no longer exist post PIM 3.1. This includes contract-related forms which were all part of multi-tier supply chain functionality. These contract forms had pertained to and were required for a specific contract in which an organization participates. The contract-related forms, as well as any information or reports concerning these forms will no longer be accessible in PIM 3.1. With this release, PIM will only maintain non-contract forms that may be shared between partners (a supplier organization and any buyer organizations with whom the supplier accepts to share a PIM form as requested).
Updates to myExostar PIM Content
Certain content regarding PIM has been updated in Primarily, the following has been updated:
- myExostar PIM Homepage: The landing or homepage for PIM help-related content has been reorganized to make it easier for the user to locate information within a few specific areas relating to PIM, including onboarding and accessing PIM via MAG. In addition, a link to this page now displays in most email communications or notifications sent directly from PIM. The page can still be accessed via the "Risk Management" section of the "Applications" link in myExostar's homepage, or directly via this link: . https://my.exostar.com/pages/viewpage.action?pageId=32016292
- PIM FAQs: Additional frequently asked questions (FAQs) under the corresponding topic have been added to provide further assistance with using PIM. This page is directly accessible via the "PIM FAQs" option in the "Help" menu item of the top header menu within the PIM application itself. Or, it can be accessed via the PIM homepage in my Exostar.( ) or directly https://my.exostar.com/pages/viewpage.action?pageId=32016292 via this URL: https://my.exostar.com/display/TE/PIM+FAQs
- PIM Form Resources: Content was added or revised in the PIM Form Resources page in order to provide the following: A description of each existing form that can be shared within PIM, as well as a copy of the current, blank form in order to view its contents. Information regarding scoring, including the calculations methodology used, for each existing, shareable form in PIM. Links to external (those not managed by PIM or Exostar) web sites or pages that can assist with completing PIM forms. These include websites containing information regarding such topics as NIST SP 800-171, Center for Internet Security (CIS) Controls, CMMC and NAICS. The PIM Form Resources myExostar page can be accessed now via the "Resources" menu item link in the top header menu within PIM. It can also be accessed via the PIM homepage in my Exostar or directly via this URL: /PIM+Form+Resources