What is TrustRegister?

TrustRegister continuously scans your business to test and measure your level of risk based on the status of your controls and treatment plans across your entire business in real time. It helps you proactively identify gaps and make informed decisions to safeguard every inch of your business.

With TrustRegister, organizations can:

1. Adequately understand risks across their organizations, all while trying to explain these dangers to business stakeholders in a manner that leadership comprehends.
2. Document, visualize, and manage risks leveraging straightforward self service workflows
3. Collaborate so that the right team members can help identify and mitigate risks
4. Automate connections to existing TrustCloud controls and policies to make risk mitigation even easier
5. Unlock dashboards as well as detailed reports to make risk management decisions transparent and real time
6. Shared management of risks across an organization with in built approval flows
7. Articulate risks in terms that resonate, so you can request budgets, communicate liability, and justify spending with confidence with the help of TrustRegister’s board of directors and management dashboards. 
8. Bridge the gap between the CISO and the board, so you get the resources to protect your business and reduce liability.
9. Programmatically monitor and forecast risks, align your board with crystal-clear reports, and ensure your customer and contract obligations are met. 

Why is TrustRegister important?

A risk register is a key artifact in a compliance program and is required for several certifications, including SOC 2 and ISO. More importantly, the overall risk management process is considered a best-practice for determining security measures that are commensurate with the sensitivity of what they are guarding, as it starts with the problem and seeks a solution. A solid risk management process is a great way to communicate gaps and improvements over time within the organization.

Who uses it?

The primary administrators of TrustRegister are typically:

1. In startups: CTOs, VPs of Engineering, or Security leads
2. In SMBs: Security or Risk leads
3. In enterprises: Leadership Teams, Risk Leaders, and GRC Leaders

Apart from administrators, any employee in an organization involved in a security, privacy, or compliance workflow can be invited into TrustRegister. These are people from engineering, DevOps, HR, finance, IT, security, and compliance.

Supported Compliance Standards

There are a number of well-known (by compliance or security professionals) NIST publications, such as the NIST 800-30 Guide for Conducting Risk Assessments and the NIST Risk Management Framework (RMF). Trust Cloud’s TrustRegister is aligned closely with the NIST RMF” guide.

Automating your Program

Apart from making it easier to update and keep track of your risks, TrustRegister enables automation for the following controls from TrustCloud’s common control framework (TCCCF):

• BIZOPS-11 Risk Register
• BIZOPS-12 Fraud Risk
• BIZOPS-13 Business Changes Risk
• VNDR-2 Vendor Risk Assessment

There are a number of dashboard options available with TrustRegister to make risk reporting easier.

To learn more about TrustCloud’s TrustRegister, click here!