Page tree


Page Contents


Related Content



Partner Information Manager (PIM)

Overview

Exostar’s Partner Information Manager (PIM) is a risk management tool that leverages information from trusted sources to provide a partner (buyer) with a supplier’s current and potential risk and impact. PIM allows a company to complete a questionnaire (Cybersecurity Questionnaire or NIST SP 800-171) once for the partner organization, and then later share, with the company’s approval, the same results with other contractors using the company’s products and services. This ask once and share model reduces the burden of completing multiple questionnaires. Additionally, PIM provides contractors with a consistent set of minimum cyber security expectations for suppliers.   

If your company was invited to use PIM and complete a questionnaire, there is no fee to use the application. If your company is ready to explore PIM and would like to start assessing companies they do business with, please see additional resources below.


News and Announcements

PIM 2.3.1 is set for Go Live on August 31. Please see the Release Notes for more information.

Quick Reference

For more detailed information by topic, select from the buttons below to access the applicable content. 

Workflow

Benefits

The National Institute of Standards and Technology (NIST) has strengthened language to position its cybersecurity controls as prescriptive rather than voluntary. The Office of Management and Budget (OMB) and Department of Defense (DoD) are reinforcing the message by incorporating these controls into Federal Acquisition Regulation (FAR) and Defense FAR (DFAR) policies, making them a contractual requirement for organizations wishing to do business with the Federal Government. 

The DFAR even accounts for Covered Defense Information (CDI), stating that prime contractors are responsible for ensuring all their suppliers meet CDI requirements for information protection against cyber threats. 

The heart of the PIM platform is a powerful engine that propels ongoing information gathering, analysis, and display features including:

  • Pre-built questionnaires
  • Integration to leading data providers
  • Email and portal templates
  • Workflow and approval processes
  • Role-based dashboards


Roles and Responsibilities

  • Buyer: Someone who is a part of a company that is inviting a supplier (a company that provides goods or services) to use PIM.
    • Standard User: Can view their Supplier forms, run reports, download Supplier feedback reports, download blank forms, and search for Supplier partners.

    • Application Administrator: Can view Supplier forms, run reports, download Supplier feedback reports, download blank forms, search for Supplier partners, create/ manage groups of Suppliers, manage their PIM Buyer user roles, and deactivate/ activate  their Buyer PIM users.


  • Supplier: Provides goods or services to a buyer. The supplier can access PIM after receiving an invitation from the buyer to complete a questionnaire.
    • Standard User: Can view their organization forms, download feedback reports, download blank forms, complete & submit forms assigned to them by an Application Administrator, and view form scores.
    • Application Administrator: Can accept/ deny form sharing requests, assign forms to Supplier users, view their organization forms, download feedback reports, download blank forms, manage Supplier user roles, deactivate/ activate their Supplier PIM users, and submit requests to opt – out of form sharing.


Forms

Exostar Customer Support cannot assist with responses to PIM forms, but can address PIM functionality.


CyberSecurity Questionnaire:


NIST SP 800-171:

How useful was this content?

Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 9 rates