Quality, Compliance, Risk & Content Management

Third-Party Risk Management Platform as a Service

Xybion’s Cloud Platform for Digital Transformation of Third Party Risk Management

In today’s global, highly interdependent and complex regulatory environments, companies both large and small face a myriad of risks derived from various third-party contractors, suppliers, distributors, and agents who perform tasks on their behalf. Noncompliance against various regulations and non-performance against Service Level Agreements (SLAs) exposes the company to significant financial and business interruption risks.

Utilizing a Single Low-Code Platform with Built-in Governance, Risk, Compliance, Quality, and Enterprise Content Management.

Typical Risk Areas

  • Anti-Bribery
  • Environment, Health & Safety
  • Quality (GMP, GLP, GCP)
  • Human Rights & Labor Laws
  • Contractor Safety
  • Animal Welfare
  • Data Privacy
  • Information Security

A global corporation undertakes 10,000+ third party regulatory audits and 20,000+ internal audits of vendors, their internal processes, and facilities to remain compliant with various regulations. This creates a continuous management challenge to understand risk exposures, patterns, controls, and mitigation plans for risks. An Integrated Third-Party Risk Management platform can make this process more efficient, reduce costs of operations, reduce the costs of noncompliance and business risks.

Key Components of the TPRM Platform:

Target list and risk identification ​

Risk Management Policy, plans and objectives​

Audit plan, execution and consolidated findings

Xybion’s TPRM solution provides end-to-end management of activities, information, templates, data libraries, files, documents, reports, notifications, and KPI from initial requests, planning and scheduling, assessments, findings tracking, CAPA, and review/approvals to the full management of the documentation throughout the various multiyear lifecycles of risk evaluation and certification processes of the third parties.  It is ideally designed for multinational, multilingual and multi stakeholder work environments.

Stakeholder Management

Manage all types of stakeholders and their contacts, organizations, and locations, including granular role-based security for users of the system.

Standards Tracking

Track standards and their related assessment matrices and checklists with the assessment results.

CAPA Management

Complete Corrective Action and Compliance Management. Manage your findings and action plan compliance.

Activities Management

Plan, schedule and manage activities incorporating assessor qualifications and calendar availabilities.

Publish Evaluation Results

Request, manage and publish detailed evaluation results per the scope of their request.


Task Management

Communication Management

Dashboard Reports

Automated Notifications

and so much more.

Target List and Risk Identification


This step entails the collection of the initial documentation from the third party to provide an adequate compliance profile and history of the organization as well as key evidentiary documents to determine potential risk sources.  The sources of the risk will vary depending upon the risk type being evaluated.

  • System Notification indicating request received.
  • Status Reports of third-party files.
  • Notifications of initial documentation reviews resulting in a recommendation of rejection.
  • Automated solution to collect third party documentation (by risk type), including dashboard.

Activity Planning, Scheduling, and Intelligent Team Mobilization


The activity of planning and scheduling commences in parallel with the Application/Documentation Process (for the new third party) and identifies all critical activities required for the complete assessment/audit of the third-party including pre-assessments, desk assessments, third-party self-assessments (or surveillance questionnaires) and onsite assessments.

  • Automated solutions with Activities Dashboard.
  • Auto-generated Assessment Plans from the activities data.
  • Intelligent Team Building by finding qualified resources. 
  • Confirmation of availability of resources.
  • Confirmation of team and dates with other stakeholders (if on-site).
  • Automated solution to collect Activity Team Membership, including intelligent member search.
  • Assembly and Release of the Assessment Matrices – Assessment Briefing: XDP automatically creates the assessment briefing, rolls up the findings and provides a checklist of objectives with ad-hoc objectives capability.
  • Self-assessments and third-party documentation.
  • Opening meeting and onsite assessment.

Findings and CAPA Dashboards

Compliance Risk Predictor - Risk Matrix

Third Party File, Ongoing Surveillance (Reassessments) and Documentation

Update each third party’s assessment plans with the and reassessments plans.

Third Party Risk Management

Ready to learn more? Book a free demo.

Heidi Krueger

Head of Quality Assurance

Heidi leads Xybion’s Quality Assurance practice. She has over 20 years’ experience in designing and implementing quality assurance policies. Since joining Xybion in 2000, Heidi worked with several clients to design quality policies and ensure compliance. She is responsible to hosting Xybion customer audits. Heidi has a BA degree in Biology from The King’s College.

James Castonguay

Product Technology Lead

James provides leadership to Xybion quality management systems including product design, development and client delivery. James started working with Xybion in 2002 in its Canadian division. He is now managing product delivery from the United States. James has a master’s degree in mathematics and minor in informatics from the University of Sherbrook, Quebec, Canada.

Dave Chiaramonte

Enterprise Assets and HSE Leader
Dave brings diverse and deep expertise to his leadership role as the leader of Enterprise Asset Management (EAM) and Employee Health & Safety line of business. Dave has over twenty years of experience within the Information Technology industry including development, implementation and integration of complex Enterprise Systems in large corporate environments. He is a highly regarded technology leader in IBM’s Maximo Asset Management Product implementation. Dave worked with BMS and Dupont pharmaceuticals before joining Xybion in 2004.

Tom Klapmuts

Digital Lab Solution Leader

Tom provides leadership in design, delivery and revenue growth of Xybion digital lab solutions. He is an experienced client solutions manager with a demonstrated history of working with many clients globally to solve their business problems. Tom has training in U.S. Food and Drug Administration (FDA), Good Laboratory Practice (GLP), Life Sciences, CRO Management, and Clinical Development. Before joining Xybion, Tom worked for pharmaceutical companies such as Merck and Schering Plough. Tom is a Purdue university alumnus.

Priya Rajesh

Head of Sales: APAC | Head of Operations: India

Priya is responsible for Xybion business growth in APAC region. She brings over two decades of experience in Business Consulting and Operations Management. Her deep expertise in diversified areas, including strategic alliance and partnership management, diversity and inclusivity initiatives and employee development, will amplify Xybion’s global strategic relationships and will strengthen the company’s executive leadership in India. In her last role at Conduent, she served as Director-Marketing & Bid Management. Prior to this, Priya has worked with Infosys and Covansys (now CSC). Priya holds degrees in microbiology & health management.

Raji Bijur

Head of Quality Control & CSV

Raji leads Xybion Quality Control function. She has over 22 years of experience in software quality management, CSV, SQA, software process & KPI development and industry benchmarking. She has strong process implementation knowledge including ISO, CMMI, Agile, Scrum, Six Sigma, Lean. Certified CSQA, CSV, GCP, and GAMP. Raji has led implementation of QC processes in Robotic Process Automation (RPA) projects. Before coming to Xybion in 2019, she worked with IQVIA (Former Quintiles), Infosys, Aris Global, Mphasis and serving clients across different market segments. Raji has a bachelor’s degree in information science & technology and MBA from Indian Institute of Management, Ahmedabad.

Bob Friedman

Chief Solution Architect

Bob Friedman has over 25 years of experience in Preclinical information systems at Xybion Corporation as a developer, development manager and Chief Solution Architect. He has been an active member of the CDISC SEND standards consortium for five years as well as the PhUSE / FDA Industry Collaboration. Bob has previously worked for Synthes Orthopedics, NYU Medical Center and the New York State Department of Health. He has a master’s degree in Biomedical Engineering from Rensselaer Polytechnic Institute.

Gokul Panda

Head of Platform and Product Development

Gokul is the Head of Platform and Product Development, responsible for developing new and critical platforms and products. He has over 20 years of enterprise software development in the life sciences industry and related fields. Gokul holds both a Bachelor’s Degree and Master’s Degree in Engineering from the Indian Institute of Engineering, Science, and Technology. Gokul’s unrivaled expertise in enterprise software architecture and solutions provides Xybion’s clients with leading product functionality, innovation, and platform stability.

Anu Roy

Chief Solutions Delivery Officer

Anu manages project delivery and relationship. She has over 18 years of Life Sciences industry and IT services experience. Anu has a strong track record of designing and developing digital solutions, management consulting, quality & compliance Management, CLM, process & key metrics design, program execution & improvement and account management. Anu is a recipient of the STEM WOC ‘Technology Rising Star ‘by US Women’s magazine in 2014. She has received several other awards including Infosys Consulting Architect Award for outstanding achievement in 2011, RCL Crown Golden Brain Award in 2013. Anu is a guest columnist at Pharmaceutical Compliance Monitor and published in several international business magazines. Anu has a bachelor’s degree in Biochemistry and MBA in marketing.

Keith Dempsey

Chief Information Officer

Keith Dempsey has joined Xybion as our global CIO. He brings 20+ years of progressive Information Technology experience from Merck, AIG, Barclays and PriceWaterhouse. Focusing his career on building global strategies that capitalize on progressive technologies that scale in accordance to realized business growth. His experiences range from introducing new technologies that facilitated a competitive advantage for Merck, introduced new and scalable technologies for AIG Investments, and created progressive global organizational improvements for Barclay’s Capital. Keith has a degree in Chemical Engineering from Clarkson University and an MBA from William Paterson University.

Steve Porfano

Executive Vice President & Chief Financial Officer

Steve manages Xybion corporate function which includes Finance, HR, Legal and QA. Steve joined Xybion in 1989 as Corporate Controller and was promoted to Chief Financial Officer in 1991. As Chief Financial Officer, Steve is responsible for the establishment, enhancement, coordination and administration of the Company’s financial systems, internal controls, and related areas. Additionally, he is the corporate liaison to the Company’s bank, independent certified public accounting firm and governmental compliance and financial auditors.

Kamal Biswas

President & Chief Operating Officer

Kamal joined Xybion as its President and Chief Operating Officer in 2018. He is an acknowledged leader in the life sciences industry and has over 20 years’ experience in management consulting and pharmaceutical business. Very recently, Kamal was a Partner and leader of the global Life Sciences practice at Infosys Consulting. Before that, he spent several years working with pharma companies including Novartis Pharma and Ciba Geigy to manage manufacturing and late-stage R&D functions.

Pradip K. Banerjee, Ph.D., MBA

Chairman of the Board & Chief Executive Officer

Dr. Banerjee is an entrepreneurial senior executive with 30+ years of in-depth experience in the global Life Sciences, Healthcare and Services industry in global operations, strategic management, business development, investments and new ventures creation, M&A and Buy-outs. Prior to acquiring Xybion in 2008, Pradip served as President and CEO of Science Center in Philadelphia focused on creating, incubating, managing and investing in science based new companies. He was the Partner-in-Charge of the pharmaceutical Research & Development unit of Accenture where he created the R&D consulting unit and had grown it to become $100+ million worldwide business. Dr. Banerjee holds a Ph.D. in Pharmaceutical Sciences from University of Wisconsin-Madison and an MBA from the Wharton Business School of University of Pennsylvania.

Employee Name

Job Title

Job Description