Overview

What Is It?

TrustRegister is a TrustCloud application that uses predictive intelligence to eliminate manual, unreliable processes and optimize your risk management program. We help you identify risks, streamline remediation, and assess business impact so you can maintain a proactive program.

With TrustRegister organizations can:

1. Adequately understand risks across their organizations, all while trying to explain these dangers to business stakeholders in a manner that leadership comprehends
2. Document, visualize, and manage risks leveraging straightforward self service workflows
3. Collaborate so that the right team members can help identify and mitigate risks
4. Automate connections to existing TrustCloud controls and policies to make risk mitigation even easier
5. Unlock dashboards as well as detailed reports to make risk management decisions transparent and real time
6. Shared management of risks across an organization with in built approval flows

Why is this important?

A risk register is a key artifact in a compliance program and is required for several certifications, including SOC 2 and ISO. More importantly, the overall risk management process is considered a best-practice for determining security measures that are commensurate with the sensitivity of what they are guarding, as it starts with the problem and seeks a solution. A solid risk management process is a great way to communicate gaps and improvements over time within the organization.

Who uses it?

The primary administrators of TrustRegister are typically:

1. In startups: CTOs, VPs of Engineering, or Security leads
2. In SMBs: Security or Risk leads
3. In enterprises: Leadership Teams, Risk Leaders, and GRC Leaders

Apart from administrators, any employee in an organization involved in a security, privacy, or compliance workflow can be invited into TrustRegister. These are people from engineering, DevOps, HR, finance, IT, security, and compliance.

Supported Compliance Standards

There are a number of well-known (by compliance/security professionals) NIST publications, such as the NIST 800-30 Guide for Conducting Risk Assessments and the NIST Risk Management Framework (RMF). Trust Cloud’s TrustRegister is aligned closely with the NIST RMF” guide.

Automating your Program

Apart from making it easier to update and keep track of your risks, TrustRegister enables automation for the following controls from TrustCloud’s common control framework (CCF):

1. BIZOPS-11 Risk Register
2. BIZOPS-12 Fraud Risk
3. BIZOPS-13 Business Changes Risk
4. VNDR-2 Vendor Risk Assessment

Risk Dashboards

There are a number of dashboard options available with TrustRegister to make reporting easier. Navigating to the overview page after setup is necessary to start using TrustRegister.