Diligent API

What is Diligent?

Diligent is a cloud platform for modern governance that centralizes board workflows, risk and compliance operations, internal audit, ESG reporting, and corporate entity management. Teams use Diligent to manage board meetings and materials, build and maintain risk registers, design and test internal controls, run audits from planning through remediation, track compliance obligations and policies with attestations, oversee third-party/vendor risk, and collect ESG metrics across frameworks.

Core product areas include:

• Governance & Board Management (Meetings, Agendas, Minutes, Voting, Questionnaires, Secure Document Distribution)
• Risk & Controls (Risk Registers, Control Libraries, Assessments, Issues/Incidents, Mitigation Plans)
• Audit Management (Audit Plans, Fieldwork, Workpapers, Findings, Recommendations, Remediation Tracking)
• Compliance & Policy (Regulatory Obligations, Policy Lifecycle, Attestations, Certifications, Evidence)
• Third-Party Risk (Vendors, Due Diligence, Risk Ratings, Assessments, Contracts)
• ESG & Entity Management (ESG Data Collection, Framework Mapping, Subsidiaries/Entity Records)

Common data entities:

• Organizations, Users, Roles/Permissions (Board Members, Executives, Risk Owners, Auditors, Compliance Officers)
• Risks (metadata, category, likelihood/impact, scores, status, owner, linked controls/issues)
• Controls (design/operating effectiveness, mappings to frameworks, test plans and results)
• Audits (engagements, objectives, workpapers, findings, recommendations, approvals)
• Issues/Incidents (severity, root cause, remediation plan, due dates, ownership)
• Policies (versions, lifecycle states, attestations, acknowledgements)
• Vendors/Third Parties (profiles, assessments, risk tier, contracts, remediation actions)
• Evidence & Documents (attachments, versions, checksum, access controls)

The Diligent Integration Challenge

GRC and audit teams rely on Diligent daily, but turning portal-based workflows into API-driven automation is non-trivial:

• Role-aware portals: Directors, executives, auditors, risk owners, and vendors each see different data and approval states
• Data lineage: Risks, controls, audits, and issues are interconnected across modules and frameworks (SOX, ISO, NIST, COSO)
• Compliance rigor: Attestations, evidence integrity, approvals, and sign-offs require careful handling and auditability
• Authentication complexity: SSO/MFA and session lifecycles complicate headless automation in regulated environments
• Mixed artifacts: Critical context lives in documents, workpapers, questionnaires, and approval histories, not just tables

How Supergood Creates Diligent APIs

Supergood reverse-engineers authenticated browser flows and network interactions to deliver a resilient API endpoint layer for your Diligent tenant.

• Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
• Maintains session continuity with automated refresh and change detection
• Normalizes responses so you can integrate once and rely on consistent objects across modules
• Aligns with customer entitlements and role-based permissions to ensure compliant access

Getting Started

• Schedule Integration Assessment

Book a 30-minute session to confirm your modules, licensing, and authentication model.

• Supergood Builds and Validates Your API

We deliver a hardened Diligent adapter tailored to your workflows and entitlements.

• Deploy with Monitoring

Go live with continuous monitoring and automatic adjustments as Diligent evolves.