Testing Controls

Estimated reading: 6 minutes 1212 views

Testing controls can be performed in two ways: automated and manual. Once you have set up your integrations, you can leverage automated tests. Automated tests run automatically at the set evaluation frequency for each control. For self-assessment, you need to run the test and collect the required evidence manually.

Automation Indicators

A majority of automation activities take place as part of the onboarding and setup processes. Also, we are frequently adding new integrations, allowing your list of automated controls to grow. To easily find these controls, an orange robot icon next to a connected control indicates that potential automation is now available.

  1. Go to “Controls” from your TrustOps program.
  2. You can view “Automation Status” on this page.
    The following screenshot shows the automation status on the “Controls” page.TO Controls Testing Controls Automation Status 01
  3. Clicking on the control will open up the details and integrations that are now automated.
    The following screenshot shows the available automations for a particular control.
    TO Controls Testing Controls Automation 02
  4. Clicking each automation button will direct you to the integration setup page.
    For example, the following screenshot shows the integration set-up for Checkr.
    TO Controls Testing Controls Automation Integration Setup 03

Automated Tests

After setting up the integrations, you can leverage automated tests. Automated tests run automatically at the set evaluation frequency for each control. Once an automated test is run, the evidence for that control is fetched automatically. If an automated test fails, you can click on the view activity icon to see the failed resources and how to remediate the test.

The following video will guide you through running automated tests in TrustOps.

Video: Running Automated Tests on TrustOps

A step-by-step guide to running automated tests

  1. Go to “Controls” page.
  2. Click on the control and go to control’s details page.
  3. Click on the ‘Run Test’ icon (play button) under the action items to run tests one by one.
    The following screenshot shows how to run single automated test.TO Controls Testing Controls Automation Run Test 04
  4. To bulk select all tests to run at once, check the box at the top of the “Automated Tests” page and click on “Run Tests”.
    The following screenshot shows how to run bulk tests.
    TO Controls Testing Controls Automation Run Bulk Tests 05
  5. For the failed tests, click on the ‘View Activity’ icon for the details. There are recommendations on this page to help you pass the test.
    The following screenshot shows the details of a failed tests via ‘View Activity’ icon.
    TO Controls Testing Controls Automation View Activity 06
  6. You also can choose to exclude test. Select test or tests you want to exclude with the help of checkbox.
  7. Click on “Exclude Tests”.
    The following screenshot shows how to exclude tests.

Alternative way to run automated tests

  1. Go to “Programs” and select “Systems”.
  2. Click on the system. Click on the ‘Run Test’ icon (play button) under the action items to run tests one by one.
    For example, the following screenshot shows how to run automated tests from Cloud Storage system’s details page.TO Controls Testing Controls Automation Systems Automated Tests 07
  3. To bulk select all tests to run at once, check the box for each test to run and click on “Run Tests” button.
    The following screenshot shows how to bulk run automated tests.
    TO Controls Testing Controls Automation Systems Run Bulk Tests 08

  4. For the failed tests, select the ‘View Activity’ icon to see why they did not pass. There are recommendations on this page to help you pass the test.
  5. You also can choose to exclude test.
    1. Select test or tests you want to exclude with the help of checkbox.
    2. Click on “Exclude Tests”.

Self Assessments

Not all tests can be automated due to the fact that some require human judgment or are not yet automated. For self-assessments, you will need to run the test and collect the required evidence manually.

The following video will guide you on how to take a self-assessment.

Video: Running Self Assessments on TrustOps

A step-by-step guide to completing a self-assessment

  1. Go to “Controls” page.
  2. Click on the control and go to “Self-Assessment” section.
    The following screenshot shows how to take self-assessment.
    TO Controls Testing Controls Take Self Assesment 10
  3. Select self-assessment or multiple assessments that you want to take and click on “Take Assessment” button or click on the play icon in front of the assessment.
    The following screenshot shows the assessment.
    TO Controls Testing Controls Take Self Assesment 11
  4. Answer and click on “Finish”.
  5. You can also exclude self-assessments. Select assessments and click on “Exclude Assessments” button.
  6.  Click on the “View Activity” button to get a better understanding of the self-assessment.
    TO Controls Test Controls Selft Assessment View Activity 12

Adding Evidence

If you have certain controls in place, the only way to prove them is by providing documentation. Your auditor will go through the evidence to make sure that you are actually doing what you say you are doing.

The following video will guide you on how to add evidence to a test.

Video: Adding Evidence on TrustOps

A step-by-step guide to adding evidence

  1. Go to “Controls” page.
  2. Click on the control and go to “Self-Assessment” section.
  3. Select the assessment and click on “Take Assessment” button or action icon (play button).
  4. Answer yes or no, and add any relevant comments. Click on “Finish”.
  5. Click on the “plus” button
    The following screenshot shows how to add evidence.
    TO Control Testing Assessment Add evidence 13
  6. While uploading evidence, you have the following options:
    1. Upload from Google Drive: You can add evidence from google drive.
    2. Attach from Inventory: Select records from your connected systems to use as evidence.
    3. Add from Document: Any files associated with the document you select will be attached as evidence to this test.
    4. Link: Add a link to a file or a folder.
    5. Upload: Upload an individual file or a ZIP file.

Adding Multiple Pieces of Evidence at one Time 

TrustOps allows your to upload multiple pieces of evidence at the same time. Simply add or upload your file and then click the ‘Add’ button to upload an additional set of files. You will also be presented with the option to assign individual descriptions to each or consolidate under one description statement.

 

Screenshot 2024 01 18 at 11.29.03 AM

History of Tests

You can view the who, what, and when of your test history and reports for automated self-assessments with just one click.

To view History of tests,

  1. Go to “Controls” page in your program.
  2. Click on the “View Activity” button in front of the control.
    The following screenshot shows the “Test History” of test.
    TO Controls Test Controls Test History 14

For automated tests, this activity includes the latest test report along with a history of reports, who ran them, when they were run, and the result. The history page allows you to filter by dates in case your auditor or control owner is looking for a specific entry.

  1. Go to “Controls” page.
  2. Select control to view automated tests.
  3. Under the “Automated Tests” section, click on view activity icon.
  4. Go to “History” tab.
    The following screenshot shows the test history for automated test.
    TO Controls Test Controls Automated Test History 15

For self-assessments, this activity includes a detailed list of what evidence was uploaded, when, and by whom. You can access historical evidence and filter by dates in case your auditor or control owner is looking for a specific entry.

Join the conversation

ON THIS PAGE
SHARE THIS PAGE

SUBSCRIBE
FlightSchool
OR