SHARE THIS TOPIC  
Ask a Question
Q:

TrustCloud is not asking to attach evidence on any of these – just an approval

While I read and get all the policies approved, there is no evidence been asked on the portal.

For ex: employee appraisal system is asked for in HR policy, or Backup policy talks about the provision to store data in a different geographical region.

I don’t have all of these as a startup but i intend to get them when needed in a few month. Will the auditor ask for evidence now on these? TrustCloud is not asking to attach evidence on any of these – just an approval.

docs icon TrustCloud Q&A
All Replies

Viewing 0 reply threads

  • As part of reviewing the policies, please ensure that all the controls listed on your policy is something that is currently in place within your organization and that you can provide evidence to show that those controls are implemented. For small organization like yours you can move these controls (such as performance reviews and backup zones) as planned controls (something on your roadmap to mature into rather than adopted controls and remove those linkages from the policy.

    • Is it possible to remove linkages from policy in free tier? I understand i need to upgrade to put my version of policy or edit anything on these documents. please let me know if theres another way to distinguish between planned controls and adopted controls. . thanks!

Viewing 0 reply threads

Join the conversation

OR