/
ZenGRC Onboarding Process

ZenGRC Onboarding Process

Owned by Victoria Buhler (Deactivated)
Last updated: Feb 09, 2023
7 min read

Search ZenGRC Wiki

Overview

Reciprocity’s onboarding process is detailed below. Please reach out to your Project Implementation Manager should you have any questions.

On this page

 

Beginning Your Journey with Reciprocity

Thank you for choosing to partner with Reciprocity’s ZenGRC to help to manage all your Governance, Risk, and Compliance needs. The first step in beginning your journey with Reciprocity is completing the Onboarding process.

Our onboarding process does more than just set you up with ZenGRC — it sets you up for success throughout your entire ZenGRC journey.

By focusing on outcomes, we optimize your investment of time and resources by matching your goals with the right onboarding program.

Our Product Implementation Experts (PIEs) will coordinate & prioritize activities with customer teams with the goal of reaching your desired outcomes.

At the beginning of implementation, your Reciprocity team will scope appropriate solutions (i.e. training, solution, and consultation) and your onboarding plan will be customized for your initiatives.

 

 

 

ZenGRC Platform

Reciprocity’s ZenGRC platform supports all your GRC needs & more.

The platform includes:

→ unlimited users

→ unlimited frameworks

→ unlimited pre-built integrations

 

 

 

 

→ ZenGRC acts as your Single Source of Truth through integrating your organization’s compliance initiatives into ZenGRC’s System of Record:

Vendor Risk Management

Risk Management

Benchmarks

Vendor Risk Management

Risk Management

Benchmarks

Create a more efficient and less manual risk-based approach to vendor management

Manage Risk across threats, incidents, and vulnerabilities from a single point  

Compare performance to peers in your industry

 

Compliance

Integrations

Additional Use Cases

Compliance

Integrations

Additional Use Cases

Unified control management across frameworks for real-time control status 

ZenConnect delivers pre-built and tested integrations to empower greater efficiencies

Pre-built assets and expert support for use cases like Business Continuity, Policy Management, etc

 

 

→ ZenGRC Onboarding and Implementation includes:

Project Implementation Experts (PIEs)

Transcription Services

*GRC Expert

Project Implementation Experts (PIEs)

Transcription Services

*GRC Expert

Customize ZenGRC training to fit your organization’s unique experience, timeline, framework complexity, and program maturity.

Translating active customer data like controls, vendor list, risk register, users (currently in a variety of forms like spreadsheets, PDFs, Word docs, etc.) to ZenGRC format. Additional hours and services are available for purchase by request.

Receive Consulting from Reciprocity’s Governance Risk and Compliance Team

 

 

Platform Pricing Includes Support & Success

Please note that non-standard support requests may incur an additional fee

Once you are live in ZenGRC, our support doesn’t end there.

Reciprocity provides ongoing customer support and other services available throughout your contract.

→ Hosting & ongoing instance support

→ ZenMaster & ZenGage

*GRC Expert engagement hours for ongoing strategic guidance

*Customer Success Manager (CSM)

*Executive Advisory Board

 

Customer Success Manager (CSM), Executive Advisory Board (EAB) & GRCe engagements are available through specific platform packages

 

Back to top

ZenGRC Implementation

Your onboarding experience with ZenGRC implementation may consist of the following:

  • Dedicated Product Implementation Expert (PIE)

  • Custom onboarding plan ensures you achieve results specific to your business needs 

  • Expert-led transcription hours to prepare & import existing data

  • Access to expert GRC strategic guidance including industry best practices like writing controls and building a consolidated control framework

  • Compliance, Risk and/or Vendor Management Training

For a breakdown of the specific steps in the onboarding plan, see below on how Product Implementation Experts (PIEs) will customize your experience of getting ZenGRC to productive use.

 

Planning

Prior to the kick-off meeting, we will perform the following:

→ Gather data

→ Determine stakeholders

→ Prepare business goals 

 

 

Stage 1. Kick-off

Team member Introductions & onboarding kick-off

→ Confirm goals & prioritize applications/solutions

→ Establish onboarding timelines

→ Introduce ZenGRC University, which contains step-by-step videos for administrators

Confirm any additional objectives

→ SSO set-up

→ Storage Solution integration / custom storage set-up
Integrations

 

Stage 2: Alignment

Begin ZenGRC University

→ Before this milestone, admins will complete ZenU courses on admin training and mapping structure, if applicable

→ Ensure understanding & proper setup of application(s)

Build system of record

Data Alignment

→ Review data for import/results of transcription (if applicable)

→ Import/Export Review:  manual vs import template

Reporting/ Other goals

Review selected solution / demo

Working session(s) to import controls & stand up frameworks    

 

 

 

Stage 3: Solution Training

Solution Training: Compliance, Risk, Vendor, or Other (see dropdowns below)

Review business workflows tied to use cases

→ Audit Setup/compliance

→ Risk / Risk Register

→ Vendor Registry / Questionnaire Data

 

 

Compliance Trainings

Risk Trainings

3rd Party Vendor Management Trainings:

Compliance Trainings

Risk Trainings

3rd Party Vendor Management Trainings:

Training for Audit dashboard

Types of audits (internal & external)

Audit Setup Wizard

Requests for evidence

Assessments

Issues/tasks

To-do-list

My Dashboards & reports

Risk Settings/Scoring Methodology

Risk Registers

Risk Workflows

Importing Risk content

Mapping Risk objects

Risk Heatmap and Risk Reporting

Import Questionnaire Templates in instance Training

Vendor Management & Vendor Workflows Training

Sending questionnaires

 

Stage 4: Go Live!

Complete application setup & training

→ Conduct a Q&A overtraining and implementation process

→ Review list of accomplishments & implemented use cases

→ Confirm readiness & Sign off on onboarding

→ If assigned a CSM, begin the next steps with your Customer Success Manager, who can schedule ongoing support.

 

 

Succeed

Join ZenMasters Program

ZenGage is an online community of passionate infosec, risk, and compliance professionals. Join industry thought-leaders, newcomers and ZenGRC customers to ask and answer questions, grow your network and have a good time learning together.


If a CSM is included in your package:

→ Establish next goals, set a cadence for Health Checks, and plan for ongoing success

 

Back to top

 

 

 

 

Onboarding Project Plan

The sample timeline provided in the drop-down below helps visualize the onboarding experience and some of the tasks we manage to meet important implementation milestones and outcomes: 

 

 

 

Back to top

 

 

Support & Success

While Reciprocity’s comprehensive ZenGRC platform drastically simplifies the process of managing the ever-evolving business, risk, and regulatory challenges, it’s the hands-on, personalized approach of our industry-leading Customer Success Team that takes your GRC programs to the next level.

 

Our specialized teams are also with you each step of the way in your ZenGRC journey, which [may] include:

GRC Expert consulting hours

Hosting for your ZenGRC instance and ongoing instance support

Training & co-working

Audit & Risk training through your first Audit

ZenMaster & ZenGage

*Customer Success Manager

*Executive Advisory Board

Please note that non-standard support requests may incur an additional fee

Customer Success Manager (CSM) and Executive Advisory Board (EAB) are available through specific platform packages

 

 

Back to top

 

Please contact Reciprocity support by emailing support@reciprocity.com

 

 

GRC Experts

*Included with onboarding is guidance from our GRC Experts, who are CISOs, CROs, DPOs, Chief Audit Executives, Compliance Managers, IT Governance Specialists, Information Security Managers, Architects, and Engineers. 

GRC Expert services are available only in specific packages as well as through consulting services for an additional fee.

With decades of vast real-world experience across risk and compliance regulations and frameworks, the strategic guidance of our GRC Experts is unparalleled in the market and they’ll consult with you on new standards as well as tactical advice on existing and maturing initiatives, including:

 

Back to top

 

→ Governance Initiatives

From policy statements and procedures to risks, controls, audits, and organization information, we’ll help you best organize and document good governance so that your organization appropriately implements governance and actively performs and monitors corrective actions.

 

→ Risk Management

Our GRC Experts provide real-world scenarios to reliably execute your organization’s risk program.  If you already have a robust program, they’ll explain the various calculation methods and workflows to empower your team.

 

→ Compliance Procedures 

Having implemented, supported and audited nearly every information security compliance or privacy framework available, our GRC Experts ensure your planning and execution is correct from the start.  In addition, they keep abreast of framework updates and alert you to upcoming changes and new initiatives.

 

 

 

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com