Risk Cloud Use Cases

Standard Use Cases

Enterprise Risk Management, Third-Party Risk Management, IT Security Risk, Control Audit Management, Compliance Management, Incident Management, Issues Management, Policy Management, Regulatory Compliance, Internal Audit Management, Procurement & Contract Management, Business Continuity Management, Data Privacy

Risk Cloud Platform

Application

An Application is a distinct set of rules and logic built in Risk Cloud supporting a singular use case, as determined by the LogicGate team. Live Applications are those used in a production setting and count towards the contracted Application amount.

Power User

Power User functionality includes all Standard User abilities (see below), in addition to the ability to create, modify, and manage Applications. This includes, but is not limited to, jobs, workflows and steps. This user has “Build” permissions in Risk Cloud. This user type was previously denoted as a “Primary User.”

Standard User

Standard Users can view and interact with records, complete tasks, view home screens, view and create reports and dashboards, and view audit history of records. Standard Users cannot create or manage Applications and cannot be assigned the “Build” permission. This user type was previously denoted as a “Secondary User.”

External User

External Users can receive email notifications and perform work using unique, tokenized links. External Users do not have their own login.

Additional Product Features

Single Tenancy

Provides database infrastructure that is not shared with other tenants.

Single Tenancy - Healthcare

Single tenant Risk Cloud® environment provisioned for customers who (i) are designated as covered entities (e.g., healthcare providers, health insurance companies, etc.), and (ii) wish to upload and/or store protected health information (“PHI”) within such environment for use with its purchased Application(s). For clarity, purchase of this SKU requires the execution of a Business Associate Agreement (“BAA”).

Risk Cloud Documents

Provides the ability to configure document templates using a template-building tool called Formstack , and enables users to automate document generation in Risk Cloud. Includes access to up to 50 Reports and 2,000 Downloads (per month).

Risk Cloud Quantify® Standard

Provides access to a risk quantification product designed to calculate potential loss exposure range in monetary terms for a given risk scenario. Risk Cloud Quantify Standard does not include advanced features.

Risk Cloud Quantify Premium

Provides access to a risk quantification product designed to calculate potential loss exposure range in monetary terms for a given risk scenario. Risk Cloud Quantify Premium includes advanced features.

Public Pages

Public Pages allow you to create publicly available forms that can be submitted by anyone with the unique link.

SCIM User Provisioning

Provides access to SCIM 2.0 supported auto-provisioning that allows integration with identity management systems. Includes support for the following functions: Create, Update, and Deactivate users.

Additional Environment

Provides a customer with access to an additional, separate Risk Cloud environment that may be used in conjunction with other Risk Cloud services purchased by the same customer.

Implementation & Professional Services

Quick Start Implementation

LogicGate’s Quick Start Implementation Option provides up to 40 hours of hands-on configuration support for an eligible Risk Cloud Application template typically within a 45-day period from the Kickoff Date. Included in the service is:

Up to two (2) Application Walkthrough sessions
Data import and mapping for up to three (3) workflows (500 records max per workflow)
One (1) Roles & Permission Matrix
Initial user account creation
Access for Power Users to the Risk Cloud Power User Certification program
One (1) live Power User training session provided via web conference and recorded
Single sign-on implementation support (if applicable)
A four (4) week HyperCare period after go-live, consisting of two 30-minute sessions with the Implementation team and minor configuration updates

Standard Implementation

LogicGate’s Standard Implementation Option provides up to 90 hours of hands-on configuration support for any of LogicGate’s Standard Use Cases, using an official Risk Cloud Application template or a custom build, typically within a 100-day period from the Kickoff Date. Included in the service is:

One (1) Process Deep Dive session
Up to five (5) Application Walkthrough sessions
Two (2) End User Testing Feedback sessions and documented testing scripts
Data import and mapping for up to three (3) workflows (500 records max per workflow)
One (1) Roles and Permission Matrix
Initial user account creation
Access for Power Users to the Risk Cloud Power User Certification program
One (1) live Power User training session provided via web conference and recorded
Single sign-on implementation support (if applicable)
A four (4) week HyperCare period after go-live, consisting of two 30-minute sessions with the Implementation team and minor configuration updates

Custom Implementation

Subject to a required scoping exercise, LogicGate’s Custom Implementation Option provides implementation services for any use case not included in LogicGate's Standard Use Cases and/or any implementation that will require more than 90 hours of Implementation Services. This implementation includes all Standard Implementation service offerings, as well as any additional services scoped and agreed upon within a Statement of Work.

Implementation Scope

Each implementation option listed above can be used to cover the implementation of one Application.

Implementation Services Bundle

Ten (10) hours of access to the Risk Cloud Implementation Team. Such hours shall be used for hands-on configuration support for any of LogicGate’s Standard Use Cases, using an official Risk Cloud Application template or a custom build.

Standard Success

Includes access to the LogicGate Help Center; core Risk Cloud training content on LogicGate Learning portal; bi-annual syncs with your LogicGate Customer Success Manager and/or Relationship Manager to review business outcomes and metrics, as well as get updates on Risk Cloud product offerings; in-app chat support; and updates related to the latest version of Risk Cloud Standards and Regulations Content provided to you, upon request, via spreadsheet within 120 days of a major release published by the authoritative source. For updates to the Secure Controls Framework, content and mapping adjustments will be made according to the latest version’s Errata.

Premier Success

Includes access to the LogicGate Help Center; core Risk Cloud training content on LogicGate Learning portal; bi-annual syncs with your LogicGate Customer Success Manager and/or Relationship Manager to review business outcomes and metrics, as well as get updates on Risk Cloud product offerings; in-app chat support; and updates related to the latest version of Risk Cloud Standards and Regulations Content provided to you, upon request, via spreadsheet within 60 days of a major release published by the authoritative source. For updates to the Secure Controls Framework, content and mapping adjustments will be made according to the latest version’s Errata.

Professional Service Bundles

Ten (10) hours of access to the Risk Cloud Consultant Team, in addition to either of the Success packages listed above. Can be used for additional configuration, system administration, content update, or GRC process design and enablement support; and support with applying updates to existing control mappings for Risk Cloud Standards and Regulations Content.

Documents Report Configuration Bundles

Ten (10) hours of access to the Risk Cloud Consultant Team to provide initial setup of report(s) based on Customer-provided template(s) and basic training on how to utilize reports. Customer is responsible for providing template(s) for any report(s) created.

Implementation Add-Ons

Project Plan Development & Management

Risk Cloud Implementation Team will collaborate with Customer to provide guidance on key project activities and milestones, along with expected timing based on Customer’s timeline requirements, if applicable. Risk Cloud Implementation Team will work with Customer throughout the implementation to track towards the expected timeline and adjust as needed. Includes up to 8 hours of services.

Data Structure Diagram

Risk Cloud Implementation Team will collaborate with Customer to confirm Customer’s overarching vision for the in-scope interconnected workflows and applications to be built in the LogicGate Risk Cloud platform. The development of the data structure diagram will be facilitated via virtual whiteboard sessions, during which the teams will align on the high-level data structures (i.e., workflows) and how they will be related. Includes up to 8 hours of services.

Advanced Power User Training

Risk Cloud Implementation Team will collaborate with Customer to identify advanced Power User training topics to cover. Risk Cloud Implementation Team will lead live virtual Power User training and provide a recording of the session(s) to Customer. Includes up to 4 hours of services.

End User Training

Risk Cloud Implementation Team will collaborate with Customer to identify key topics for the end user training. Risk Cloud Implementation Team will develop a training based on the agreed upon topics. Customer is responsible for gathering the correct end users and setting a time for the training. Risk Cloud Implementation Team will conduct virtual end user training via web conference and provide a recording of the session(s) to Customer. Includes up to 8 hours of services.

Custom Instructional Videos

Risk Cloud Implementation Team will collaborate with Customer to create an outline for the instructional video. Customer is responsible for providing feedback on the script and approving it. Risk Cloud Implementation Team is responsible for recording the video based on the agreed upon script. The video will be provided to Customer as an MP4 file. Includes up to 8 hours of services.

Custom Power User Maintenance Manual

Risk Cloud Implementation Team will document how the Application was created and provide steps on how to maintain and edit the Application going forward (step by step guidance may contain links to external help articles or training material). Includes up to 8 hours of services.

Workflow Narrative

Risk Cloud Implementation Team will document all of the Workflows built, how they are connected and the objects each Workflow is capturing. The Workflow Narrative will be provided to Customer at the end of the Implementation period. Includes up to 4 hours of services.

Jobs Matrix

Risk Cloud Implementation Team will provide documentation of all the applicable Jobs for the Application built. The Job Matrix will include information like Job Type, Workflow, Steps, Recipients, Conditions, and Operations. Includes up to 4 hours of services.

Additional Data Import & Mapping

Risk Cloud Implementation Team will import and map data provided by Customer for up to 3 workflows, 500 records per workflow. Risk Cloud Implementation Team will provide Customer with data load template(s) and Customer is responsible for providing data and mappings in the correct format. Includes up to 4 hours of services.

Integrations

Ascent Regulators

Includes obligation, rule, and metadata for a given Ascent regulator integrated into the “Regulatory Compliance Powered by Ascent” Application within the Risk Cloud.

Black Kite Vendor Monitoring

Includes a bucket of vendors monitored by Black Kite bringing over the Cyber Security Rating, Ransomware Index, Breach Index, Compliance Rating, Compliance Completeness, Compliance Confidence, and all FAIR scoring fields directly to the vendor level within the Risk Cloud TPRM application (“Black Kite Buckets”). Black Kite Buckets can be purchased for a quantity of 50, 100, 250, 500 or 1,000.

CUBE Regulatory Content

Includes regulatory information directly from CUBE to monitor changes within tracked regulatory bodies. These can be broken down based upon changes, obligations, and in some cases horizon scanning capabilities if this level of the CUBE platform is purchased. This data is integrated into the Regulatory Compliance application within Risk Cloud.

CUBE Regulatory Services

Custom-scoped services required for the implementation and integration of CUBE Regulatory Content.

Vital4 Transactions

Includes three search types (adverse media, politically exposed persons, and watchlist and sanctions), as performed by Vital4 and integrated into the Third Party Risk Management Application within the Risk Cloud, for a given record search for which up to 12 different search criteria may be input. Vital4 Transactions can be purchased for a quantity of 50,000, 100,000, 250,000 or 500,000.

Workato

Middleware platform utilized for Risk Cloud Connector integrations. Customer’s use of Workato Services is subject to Workato’s Terms of Use and Workato’s Privacy Policy.

Native Integrations

Provides access to all integrations native to Risk Cloud.

API Access

Access to the RESTful API, allowing you to connect Risk Cloud to third-party tools.

Risk Cloud Connector

Pre-built connector or custom-built connector by LogicGate’s Integration Services Team to connect to common SaaS platforms or GRC use cases.

Integration Service Bundles

Ten (10) hours of access to the LogicGate Integration Services Team, in addition to the Risk Cloud Connector above. Will be used to build out the integration to the exact specifications required by the Customer.

Technical Account Management

Technical Account Manager (Silver)

The Technical Account Manager (Silver) is a dedicated LogicGate resource who provides strategic and technical support for up to four (4) Applications in Risk Cloud. These four applications are to be agreed upon between the Customer and LogicGate once per contract Term Year.

Included in the Service for defined in-scope Applications:

Risk Cloud Training
- As needed Advanced Admin User Training for configuration owners on all in-scope Applications
- One (1) custom instructional video for end users per in-scope Application (see above for description)
Risk Cloud Configuration Support for live in-scope Applications
- Minor Configuration Updates (e.g., adding a new step, field-level updates, additional workflow mappings)
- Bulk actions (e.g., imports, record mappings, field updates, record assignments)
- Table, Visual, and Dashboard report creations and updates

Included in the Service for the Risk Cloud Environment:

Implementation and Professional Services Project Management
- Project management across all LogicGate scoped services work
- Monthly alignment call to review the status of all in-progress project
Develop and maintain system-level Access Matrix across all Applications
Support with loading the latest version of Risk Cloud Standards and Regulations Content within 60 days of a major release published by the authoritative source, as well as mapping the new version to the “primary control set” (i.e., Secure Controls Framework or HITRUST) within 60 days of a major release from the primary control set’s authoritative source, to maintain relevant control mappings.

Additional Service Details:

Account Strategy
- Semi-Annual (every 6 months) Health Checks
- Annual Executive Business Review
- Semi-Annual (every 6 months) update of Risk Cloud data diagram
Technical Account Manager will be available during the hours of 8am - 6pm CST during normal business days and will have a targeted response time of eight (8) hours.
Three (3) tickets to annual user conference Agility + Build Bash

Technical Account Manager (Gold)

The Technical Account Manager (Gold) is a dedicated LogicGate resource who provides strategic and technical support for up to eight (8) Applications in Risk Cloud. These eight applications are to be agreed upon between the Customer and LogicGate once per contract Term Year.