FlightSchool is the fun way to learn about compliance, trust, and TrustCloud's products



Which product are you interested in learning about?


Control automation to accelerate compliance audits


Securely share your compliance with customers, and avoid endless follow-ups


One platform for your entire team to automate security, sales, and marketing workflows


Predictive Risk Management that optimizes with AI


Connected audit management platform that allows for secure and efficient audit execution


Want to learn more about GRC?

Explore our GRC launchpad to gain expertise on numerous compliance standards and topics

Compliance 101

Enforcing compliance helps protect your company from regulatory rule violations.

All about HIPAA

Safeguard sensitive protected health information (PHI) from being disclosed without the patient’s consent or knowledge.

What is SOC 2?

SOC 2 demonstrates that your company has adequate controls in place to protect customer data in your environment.

Intro to ISO 27001

A ISO 27001 certification demonstrates that your company has an adequate information security system in place.

View the entire list of compliance articles in GRC Launchpad


What’s new in FlightSchool?

We've curated the latest FlightSchool content and articles to help you stay up to date

BIZOPS-16 Technology control

Technology control requires that a risk register be used to track the identified risks. The risks must include considerations of fraud, business changes, technology impact, vendor impact, and regulatory

BIZOPS-1 Risk Management

The Risk Management control talks about the processes to identify, evaluate, analyze, and remediate the risks, which must be


Auto-generate and suggest answers to incoming security assessments directly from your TrustCloud. Its intelligence algorithm uses ML and NLP to automatically match questions to controls and policies in your


Introducing TrustGraph in TrustShare – your program's compliance artifacts, including controls, policies, and Q&A knowledge base, come to life in a clear, interconnected view. See the data that fuels your security questionnaire responses, and


The articles outline the current TrustCloud customer support


Vendors are various companies from whom you have purchased software or services that you use to run your


TrustCloud has enabled a Risk Settings page so that users can modify their Risk settings to match their organizations needs. Below you will find the different settings that will empower you to make your TrustRegister your

Risk Register

The Risk Register Page displays all your risks in a table view where you are able to customize, sort and filter specific risks. Included are fields that highlight key info of each risk to sort

Getting Started – TrustCloud Auditors

To get access to the AuditLens application, please reach out to your Customer contact. They will be able to invite you to their AuditLens portal. The TrustCloud customer will be able to initiate the access and you will receive an invitation

Getting Started – TrustCloud Customers

The “Audit Dashboard” page is where you can enable AuditLens and manage auditor access. To access the “Audit Dashboard” page, you simply need to select the Audits icon from your left navigation

How do you maintain API Security, and why is it important?

What is API security? API (Application Programming Interface) security refers to the measures and practices put in place to protect the integrity, confidentiality, and availability of data and services exposed through APIs. APIs enable different

What type of Pen Testing is required?

Penetration testing, or pen testing, is a cybersecurity practice involving the simulation of cyberattacks on computer systems, networks, applications, or other digital devices. It is a strategic simulation to identify vulnerabilities and weaknesses