Cameron Garrity No Comments

As the longest-tenured partner, CastleHill is proud to execute the assessment service activities at the core of ProcessUnity’s newly announced Assessment as a Service offering. At CastleHill, we have been providing outsourced assessment services to our own clients under our “GRCaaS” (GRC as a Service) offering for several years.  Expanding our delivery model to support ProcessUnity’s new offering to their existing and prospective clients was a natural extension of our services, providing tremendous value to everyone involved.

We are excited to expand our partnership with ProcessUnity and supporting their goal of delivering more value-added services to their existing and future customers.

Find more information on ProcessUnity’s Assessment as a Service offering at this link.

Find more information on CastleHill’s GRC as a Service (GRCaaS) at this link.

Key Benefits of Outsourcing TPRM Assessment & Program Activities

Leveraging CastleHill’s experience in third-party risk management, our services provide built-in processes, resource continuity, program scalability, and in-depth technical and domain expertise —all at an affordable price point. With CastleHill, you can count on efficient and effective services that reduce the assessment lifecycle, identify and mitigate risk, and delivers peace of mind.

Additionally, outsourcing services free your internal resources from the administrative and technical burdens of managing the day to day activities of a TPRM program, allowing them to focus on managing risk and the many other activities core to the organization.  We provide the technology, expertise, and resources needed to make your program a success. 

What you get with Assessment as a Service

Vendor Onboarding and Risk Tiering

  • Direct support for your internal vendor relationship managers
  • Gating and Inherent Risk Questionnaire management
  • OFAC and Credit Checks (utilizing the client’s current contracted services/tools)
  • Other client-specific onboarding/compliance checks

Due Diligence Assessment Execution

  • Scoping and issuance of due diligence questionnaires 
  • Direct support for your vendors in completing in-process assessments 
  • Review of response quality and supporting documentation 
  • Vendor follow-up for response gap remediation  
  • Document and record findings 
  • Assessment closeout and logging of issues 
  • Final report issuance 

How is Assessment as a Service Priced?

Assessment as a Service is an affordable fixed-cost service. Service pricing is calculated based on a one-time setup fee and the number of assessments to be performed on your organization’s behalf. 

One-time set up fee that covers: 

  • Review and standardization of workflows and hand-offs 
  • Establishment of specific review requirements and closeout procedures 
  • Build out of assessment service reports 

Assessment Packs by Type:

  • Inherent Risk Profile (100 minimum) 
  • SIG Lite or Comparable Scope (20 minimum) 
  • SIG Core or Comparable Scope (20 minimum) 
  • Business Associate Assessment (200 minimum) 

Add-on services, including client-provided questionnaire configuration, custom questionnaire development, and non-standard assessment response analysis, are available for an additional cost.  

Learn more about the Assessment as a Service offering from CastleHill and ProcessUnity by contacting us at