Compliance Questions

Each control consists of a control ID, control name, frequency of testing, control description, evidence requirements, and automated tests.

• For every control, TrustCloud provides clear recommendations on evidence requirements, what is tested, and if a test fails, what you need to do to rectify the test.
• For security purposes, there are no deep-linking capabilities turned on because TrustCloud should not store artifact-level metadata about your business with links to these artifacts.
• In addition to product-based guidance, TrustCloud’s engagement model is to conduct weekly reviews with your team (this is included in our cost) to answer any questions you have. Our in-house team of former auditors from companies like KPMG, A-Lign, PWC, Schellman, Paypal, and Cognizant provides answers.

Yes, all artifacts in TrustCloud can be assigned to different users within your organization. Compliance is a team effort, and everyone should be able to come in and take action.

• Controls are assignable to single users.
• Furthermore, individual tests can also be assigned to a single user.

Today, we have two controls pertaining to employee onboarding and offboarding processes. These controls are geared towards providing evidence that the compliance requirements have been met and completed for any new hire or termed employee.

• Our team supports you in adopting the proper systems and managing the gathering of this evidence where needed. (Ex. For the internal management of onboarding and off-boarding processes, there are many identity management providers that specialize in these processes.)

• Capability for each employee to understand their trust obligations to your company.
• Employee alerts are sent when an employee is not fulfilling their trust obligation, thereby putting the business at risk.
• Crowd-sourcing all tools and vendors being used by your employees to get control of ‘Shadow IT’ problems
• Employee on-boarding and off-boarding workflows
• Frequency-based employee policy review and attestation