Skip to main content

Request Data

Aly Helstrom
Updated

In this article, you'll learn how to place a data request on your third-party as a customer on the Global Risk Exchange. You're able to request three different types of data: 

  • Assessment Request
  • Validation Request 
  • Document Request

Note: Each request is handled separately for approval and delivery, even if they require the same control answers. Third-parties can approve, deny, or fulfill each request individually. 

 

Data Request Steps

Fill out and submit the request form: 

1. Login at https://portal.cybergrx.com/login

2. Go to your Third Party Portfolio by clicking the Screenshot 2025-03-03 at 10.42.36 AM.png icon in the left hand panel which will bring you to your Requests/Shares tab of the Third-Party Portfolio. 

3. If the third-party you wish to request data from is not yet part of the portfolio, click Add Company.

4. If the third-party you wish to request data from is already in your portfolio table, click the Screenshot 2025-03-03 at 10.57.11 AM.png button to open the request form. Note: If you want to place an additional request on a third-party, click the Screenshot 2025-03-03 at 1.11.32 PM.png icon. 

5. Once in the request form, you should see the third party company information at the top. Use this to confirm you are requesting from the correct organization.  

6. Select the assessment scope you would like to request. You'll have four assessment scope options to choose from. The first three of these options are curated groupings we've developed to help you align your request with the most relevant level of data needed by your organization. The fourth Advanced option allows you to select from a range of established industry-standard security frameworks to tailor the assessment to your specific needs:

  • Essential - 60 ProcessUnity Critical Cyber Risk Questionnaire​. Focuses on the most essential controls necessary for standard security hygiene. 
  • Core - 209 ProcessUnity Cyber Risk Questionnaire​ (Most commonly requested assessment. Commonly paired with a validation request). Cover the full set of all cybersecurity control questions to provide broad insight into a third party's risk posture. 
  • Core Plus - 209 ProcessUnity Cyber Risk Questionnaire with 627 metrics​. Includes performance metrics for each control to support deeper analysis and regulatory requirements.
  • Advanced - Select an alternate framework from the drop down list of 60+ different frameworks by either typing in the box to help search or use the carrot to open the drop down list of frameworks. 

7. Select Validation Request if you would like to request validation in addition to requesting an assessment. Note: Validation is only available for the ProcessUnity suggested frameworks. 

8. Check the Document Request (all documents) check box if you would like to request access to a third-party's documents. Allows access to all uploaded documents for the third party for 28 days. Note: Can be requested independently from an assessment or validation request

9. Select a Data Recency option (Up to 12, 24, or 36 months, or No recency requirement) from the drop down that aligns with the timeframe in which you're requesting the third-party to update their data. Choosing a recency option ensures all data must be attested or validated within the specified timeframe. If the selected timeframe is exceeded, the system will prompt the third-party to update and resubmit their questionnaires, or to reinitiate the validation process. 

10. Add a new recipient by clicking Add Recipient and/or select a contact or two from the registered users or the previous recipients listed. It is always highly recommended to include a recipient who is registered, if available. Note: The form will show up to 5 registered users, if available, with the account administrator or data request authorizer role

11. Click Submit Request and this will prompt a confirmation pop-up window. You can review the information you filled out and confirm it is correct by clicking Submit Request, or if you need to update the information you can click Keep Editing. Tip: A Request Sent Successfully window will pop up once you click Submit Request. It will give you information on where to track your requests, and where to find the third-party's predictive data while you're waiting for your request to be fulfilled. 

 

Screenshot 2025-09-02 at 5.34.17 PM.png

Tracking: 

1. Return to your Request/Shares tab of the Third Party Portfolio. Review the Status column for the request you are tracking. It will be in one of these different statuses: 

  • Pending: The request was sent and is awaiting the third party's fulfillment/approval. 
  • Approved: The third-party has approved access, but there are still outstanding actions required for the request contents to be available. 
  • Denied: The third-party has denied access to the request. It will remain in this state unless the third-party approves it. 
  • Delivered: The third-party has fulfilled and approved the request. 
  • Revoked: The third-party removed access to the request after it was delivered. Customers who previously had access to its contents will no longer be able to access it. 
  • Archived: The request was previously delivered, and since then a new request has been created of the same type. Customers still have access to the previously delivered data. 

2. Click the Screenshot 2025-03-03 at 2.52.07 PM.pngicon to view additional details of the request as well as progress. 

 

Was this article helpful?

0 out of 1 found this helpful
Return to top

Related articles