Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Content Layer
id861184405


Content Column
width32.4462%
id872120869


Content Block
padding0px 5px
margin15% 10% 2%
id758600416
classblockLabelSideNav

Page Contents


Content Block
background-color$secondaryColor
border-radius0 0 10px 10px
margin-3% 10%
id872120870
classsideNav

Table of Contents
minLevel2
indent15px


Content Block
padding0px 5px
margin15% 10% 2%
id758592736
classblockLabelSideNav

Jump to...


Content Block
background-color$secondaryColor
border-radius0 0 10px 10px
margin-3% 10%
id454125876
classsideNav



Content Column
width35.053806%
id861184409


Content Block
not-tabbedtrue
id88817709
alternate-stylefalse

Overview

Exostar’s Partner Information Manager (PIM) is a risk management tool that leverages information from trusted sources to provide a partner (buyer) with a supplier’s current and potential risk and impact. PIM allows a company to complete a questionnaire (Cybersecurity Questionnaire or NIST SP 800-171) once for the partner organization, and then later share, with the company’s approval, the same results with other contractors using the company’s products and services. This ask once and share model reduces the burden of completing multiple questionnaires. Additionally, PIM provides contractors with a consistent set of minimum cyber security expectations for suppliers.   

If your company was invited to use PIM and complete a questionnaire, there is no fee to use the application. Please see the Form Resources page and PIM FAQ page for additional information. If your company is ready to explore PIM and would like to start assessing companies they do business with, please see additional resources below.


Info

Click the arrows below to read further about the overall process, benefits of PIM, and roles available to users.



HTML Wrap
classexpandList
Expand
titleWorkflow

Workflow

The chart below offers the overview of steps required to set up your company's access to the PIM solution. Please select the image to enlarge:

Image RemovedImage Added

Expand
titleBenefits

Benefits

The National Institute of Standards and Technology (NIST) has strengthened language to position its cybersecurity controls as prescriptive rather than voluntary. The Office of Management and Budget (OMB) and Department of Defense (DoD) are reinforcing the message by incorporating these controls into Federal Acquisition Regulation (FAR) and Defense FAR (DFAR) policies, making them a contractual requirement for organizations wishing to do business with the Federal Government. 


The DFAR even accounts for Covered Defense Information (CDI), stating that prime contractors are responsible for ensuring all their suppliers meet CDI requirements for information protection against cyber threats. 


The heart of the PIM platform is a powerful engine that propels ongoing information gathering, analysis, and display features including:

  • Pre-built questionnaires
  • Integration to leading data providers
  • Email and portal templates
  • Workflow and approval processes
  • Role-based dashboards


Expand
titleRoles and Responsibilities

Roles and Responsibilities

Buyer: Someone who is a part of a company that is inviting a supplier (a company that provides goods or services) to use PIM.

    • Standard User: Can view their Supplier forms, run reports, download Supplier feedback reports, download blank forms, and search for Supplier partners.

    • Application Administrator: Can view Supplier forms, run reports, download Supplier feedback reports, download blank forms, search for Supplier partners, create/ manage groups of Suppliers, manage their PIM Buyer user roles, and deactivate/ activate  their Buyer PIM users.


Supplier: Provides goods or services to a buyer. The supplier can access PIM after receiving an invitation from the buyer to complete a questionnaire.

    • Standard User: Can view their organization forms, download feedback reports, download blank forms, complete & submit forms assigned to them by an Application Administrator, and view form scores.
    • Application Administrator: Can accept/ deny form sharing requests, assign forms to Supplier users, view their organization forms, download feedback reports, download blank forms, manage Supplier user roles, deactivate/ activate their Supplier PIM users, and submit requests to opt – out of form sharing.


Any MAG user can be assigned the PIM Application Administrator role in MAG. To see who performs this role in your company, follow the below path to navigate to the list of your company’s Application Administrators: My Account tab > View Organization Details > see section titled Application Administrators.


Please note the individual performing the role of an Organization Administrator within your company is responsible for handling all tasks related to assigning administrative roles to other team members, adding users to MAG, or granting access to applications.  




Content Column
width32.5%
id676338629


Content Block
padding3px 7px
margin15% 10% 2%
id1289089475
classblockLabelSideNav

News and
Announcements


Content Block
background-color$secondaryColor
border-radius0 0 10px 10px
margin-3% 10%
border-color$lightGrayColor
border-width1px
id88791570
border-stylesolid
classblockNews



...