Compliance Questions

Estimated reading: 2 minutes 1843 views

Each control consists of a control ID, control name, frequency of testing, control description, evidence requirements, and automated tests.

  • For every control, TrustCloud provides clear recommendations on evidence requirements, what is tested, and if a test fails, what you need to do to rectify the test.
  • For security purposes, there are no deep-linking capabilities turned on because TrustCloud should not store artifact-level metadata about your business with links to these artifacts.
  • In addition to product-based guidance, TrustCloud’s engagement model is to conduct weekly reviews with your team (this is included in our cost) to answer any questions you have. Our in-house team of former auditors from companies like KPMG, A-Lign, PWC, Schellman, Paypal, and Cognizant provides answers.

Yes, all artifacts in TrustCloud can be assigned to different users within your organization. Compliance is a team effort, and everyone should be able to come in and take action.

  • Controls are assignable to single users.
  • Furthermore, individual tests can also be assigned to a single user.

Today, we have two controls pertaining to employee onboarding and offboarding processes. These controls are geared towards providing evidence that the compliance requirements have been met and completed for any new hire or termed employee.

  • Our team supports you in adopting the proper systems and managing the gathering of this evidence where needed. (Ex. For the internal management of onboarding and off-boarding processes, there are many identity management providers that specialize in these processes.)
  • Capability for each employee to understand their trust obligations to your company.
  • Employee alerts are sent when an employee is not fulfilling their trust obligation, thereby putting the business at risk.
  • Crowd-sourcing all tools and vendors being used by your employees to get control of ‘Shadow IT’ problems
  • Employee on-boarding and off-boarding workflows
  • Frequency-based employee policy review and attestation

Join the conversation

You might also be interested in

Documentation Templates

Documentation Templates are documents that provide a content outline to meet certain documentation needs....

Backup policy template – Download for free

The Data Backup Plan template helps you document in detail the data backup needs...

HR-13 Employee Handbook/Code of Conduct

HR-13 Employee Handbook or Code of Conduct communicates the organization’s values and ethics. It...

AUTH-1 Single Sign On (SSO)

Single Sign On (SSO) Control is a best practice recommendation for critical systems....

Security Incident Report Template

The Security Incident Report template helps you document the steps used to assess and...

BIZOPS-6 Disaster Recovery Testing

BIZOPS-6 Disaster Recovery Testing control refers to the exercise of identifying the critical systems...

PDP-10 SDLC – Separation of environments

PDP-10 SDLC Separation of Environments is important to maintain separate environments to develop, test,...

Privacy Committee Charter Template

Privacy Committee Charter serves as a foundational document, establishing the framework for the committee's...