Participant

Policies

While i read and get all the policies approved, there is no evidence been asked on the portal.

For ex: employee appraisal system is asked for in HR policy, or Backup policy talks about the provision to store data in a different geographical region.

I dont have all of these as a startup but i intend to get them when needeed in a few month. Will the auditor ask for evidence now on these? Trustcloud is not asking to attach evidence on any of these – just an approval.

Tagged: #policies #evidence

TrustCloud Q&A

All Replies

Viewing 0 reply threads

sharan
Participant

1 week, 3 days ago

As part of reviewing the policies, please ensure that all the controls listed on your policy is something that is currently in place within your organization and that you can provide evidence to show that those controls are implemented. For small organization like yours you can move these controls (such as performance reviews and backup zones) as planned controls (something on your roadmap to mature into rather than adopted controls and remove those linkages from the policy.
- Radhika
  Participant
  
  1 week, 2 days ago
  
  Is it possible to remove linkages from policy in free tier? I understand i need to upgrade to put my version of policy or edit anything on these documents. please let me know if theres another way to distinguish between planned controls and adopted controls. . thanks!

Viewing 0 reply threads

Learning

Platform Overview

TrustOps

TrustShare

TrustRegister

AuditLens

Changelogs

TrustCloud API

Courses

GRC Launchpad

Forums

Welcome

TrustCloud Q&A

GRC Q&A

Champions

Companies

Resources

Trusted Partners

Articles

Glossary

Code of Conduct

Support

Report a bug

TrustCloud Blog

Go to TrustCloud.ai

Policies

All Replies

Join the conversation

Want to see how to turn GRC into a profit center?

Resources

Platform

TOPICS

ABOUT US