Overview

What Is It?

TrustRegister is a TrustCloud application that uses predictive intelligence to eliminate manual, unreliable processes and optimize your risk management program. We help you identify risks, streamline remediation, and assess business impact so you can maintain a proactive program—good riddance to that pesky spreadsheet.

With TrustRegister companies can:

• Adequately understand risks across their organizations, all while trying to explain these dangers to business stakeholders in a manner that leadership will comprehend
• Document, visualize, and manage risks leveraging straightforward self service workflows
• Collaborate so that the right team members can help identify and mitigate risks
• Automate connections to existing TrustCloud controls and policies to make risk mitigation even easier
• Unlock dashboards as well as detailed reports to make risk management decisions transparent and real time
• Shared management of risks across an organization with in built approval flows

Why does this matter?

A risk register is a key artifact in a compliance program, required for several certifications including SOC 2 and ISO. More importantly, the overall risk management process is considered a best-practice for determining security measures that are commensurate with the sensitivity of what they are guarding, as it starts with the problem and seeks a solution. Finally, a solid risk management process is a great way to communicate gaps and improvements over time within the company.

Who uses it?

The primary administrators of TrustRegister are typically:

• In startups: CTOs or VPs of Engineering, or Security leads
• In SMBs: Security or Risk leads
• In enterprises: Leadership Teams, Risk Leaders, GRC Leaders

Apart from admins, any employee in a company that is involved in a security, privacy, or compliance workflow can be invited into TrustRegister.  These can be folks from engineering, DevOps, HR, finance, IT, security, and compliance.

Supported Compliance Standards

There are a number of well-known (by compliance/security professionals) NIST publications such as NIST 800-30 Guide for Conducting Risk Assessments and NIST Risk Management Framework (RMF). Trust Cloud’s TrustRegister is aligned closely with the NIST RMF” guide.

Automating your Program

Apart from making it easier to update and keep track of your risks, TrustRegister enables automation for the following controls from TrustClouds common control framework (CCF):

• BIZOPS-11 Risk Register
• BIZOPS-12 Fraud Risk
• BIZOPS-13 Business Changes Risk
• VNDR-2 Vendor Risk Assessment

Risk Dashboards

There are a number of dashboard options available with TrustRegister to make reporting easier. Get started by navigating to the overview page after setup.