Skip to main content

Assessment Results Exports - PDF Report & Excel Download

Katie
Updated

Framework View (previously Risk Navigator) provides the predictive and attested assessment results in addition to mapping this data to industry-accepted frameworks, threat profiles, and MITRE ATT&CK scenarios. This data can be exported in the form of a PDF report or an excel file for the purposes of sharing externally and for ensuring artifacts are maintained for auditing and clerical purposes. The PDF report provides summary level data whereas the excel file provides the most granular control level data reflected in the Framework View in platform table, in addition to summary level data. Here is a video walkthrough of this process: Downloading my Organization's Report

 

Table of Contents

 

How to Download a Shared Report

To download a shared report, log in to the Global Risk Exchange platform (https://portal.cybergrx.com/login) and navigate the “Third Party Portfolio” icon (shaped like a snowflake) on the left side menu. Find the name of the Organization that shared their report with you in the requests/share table. Click 'approve' (if applicable). Click on the organization's name to go to their company profile page (you may need to utilize the search function on the table)


 

Clicking the name will take you to the 'Risk Profile', on the Framework View tab, of their Company Profile where you can download their shared report. Within the Framework View feature on this page, you may download the selected mapped framework data in the form of a PDF, an excel, or a CSV:

  • By default, selecting "Download (PDF)" will initiate a PDF report generated using the selected mapped framework. This Cyber Risk Analysis Report provides Third-Party risk data in a consumable, formal downloadable report that contains summary-level information to provide a quick overview of a given company’s risk posture.
  • To download an excel file, select the drop down next to the download button, then select "Download (XLSX)".  Select the download button, and it will download an Excel file onto your device containing the mapping contents and additional data not found on this table. The Excel file contains summary risk data, framework control data, and a list of helpful definitions for the terms and data found throughout.
  • Select the 'Export' button, and it will download a CSV file onto your device containing the mapping contents.

For more information on the Framework View feature, refer to this article

 

How to Download my Organization's Report

Simply sign in to the platform (https://portal.cybergrx.com/login) and click your My Company profile icon Screenshot 2025-10-07 at 10.23.55 AM.png on the left side panel of the page. This will drop you on the 'Risk Profile' tab of a Company Profile Page. You will want to click into the Framework View tab. Within the Framework View feature on this page, you may download the selected mapped framework data in the form of a PDF, an excel, or a CSV:

  • By default, selecting "Download (PDF)" will initiate a PDF report generated using the selected mapped framework. This Cyber Risk Analysis Report provides Third-Party risk data in a consumable, formal downloadable report that contains summary-level information to provide a quick overview of a given company’s risk posture. 
  • To download an excel file, select the drop down next to the download button, then select "Download (XLSX)".  Select the download button, and it will download an Excel file onto your device containing the mapping contents and additional data not found on this table. The Excel file contains summary risk data, framework control data, and a list of helpful definitions for the terms and data found throughout.
  • Select the 'Export' button, and it will download a CSV file onto your device containing the mapping contents. 

For more information on the Framework View feature, refer to this article

 

PDF Report Information

The PDF report, the Cyber Risk Analysis Report, is a formal artifact containing summary-level information to provide a quick overview of a given company's risk posture. Additionally, this data reflects the selected mapped framework, supporting your organization in evaluating a company's risk through a "lens" that is meaningful to your business and its needs. This report replaced the in-platform legacy PDF assessment report, which was lengthy and was only available for completed assessments. This new version allows for report generation throughout any stage of a third party's assessment lifecycle, both before and after attested results being made available. 

 

This report includes important data points and insights such as the following, but not limited to: 

  • Assessment and Validation Methodology Statements
    • provides context into the questionnaire and validation process completed by third parties
  • Mapped Framework Name and Framework Description
    • provides information on the mapped framework, further contextualizing the results included in the report
  • Critical Dates
    • Attested date, if applicable
    • Validated date, if applicable
    • Predictive last generated date
  • Company Meta-Data (Industry, URL, etc.)  
  • Inherent and Residual Risk Data
  • Overall Framework Score
  • Framework Group Scores
  • Overview of Findings
    • Includes list of all high findings
  • Overview of Validation outcomes
    • This data is only displayed if applicable based on company data available
    • Note: Validation data is a reflection of outcomes at time of validation completion. Since third party's can update their control responses at any time following completion of validation, in order to ensure consistency between current answers and validation outcomes it is possible that a critical control that was "not selected" to be answered "yes". This means that at time of validation completion, the given control was answered "no", therefore it was not selected for validation. Then at some point in time after that the control answer was changed from a "no" to a "yes". Since we do not perform validation again in response to changed answers, this will be indicated in the validation outcomes visual as such. 

 

Excel File Information

The Excel file is an artifact that contains summary-level information in addition to the most granular control data. Additionally this data reflects the selected mapped framework, therefore supporting your organization in evaluating a company's risk through a "lens" that is meaningful to your business and its needs. This excel file replaced the in platform legacy assessment excel export. This new version allows for excel generation throughout any stage of a third party's assessment lifecycle, both before and after attested results being made available. 

 

This excel file includes important data points and insights such as the following, but not limited to: 

  • Mapped Framework Name
    • Summary context into volume of mapped controls 
  • Critical Dates
    • Attested date, if applicable
    • Validated date, if applicable
    • Predictive last generated date
  • Company Relationship data (attested data available based on accumulative requests)  
  • Inherent and Residual Risk Data
  • Overall Framework Score
  • Framework Group Scores
  • Granular Framework Mapping Data at the Control/Metric Level
    • Framework Control Scores
    • Cyber Control Scores
    • Mapping of framework controls to cyber controls
    • Finding Severity
    • Score Basis (predictive or attested)
    • Cyber Control Question Prompt
      • Control Level
      • Metric Level, if applicable
    • Cyber Control Answers
      • Control Level
      • Metric Level, if applicable
    • Maximum Impact
    • Mitigation recommendations
    • Validation Outcomes, if applicable
  • Framework Risk Guide containing definitions and possible outcomes per dataset

 

Was this article helpful?

2 out of 3 found this helpful
Return to top

Related articles