A new CISO arrived at a global telecom equipment and services company and found the team using inefficient manual processes, with multiple, disconnected spreadsheets. Creating a board report required the CISO to spend 25% of their time on it. They also couldn’t associate activities to maturity objectives or produce real-time updates.
“We were lucky not to be breached.” – CISO
The CISO bought both TrustMAPP and a GRC tool. The GRC tool was used to capture risk in granular detail, while TrustMAPP provided strategic maturity assessment data and a roll-up of risk register, analytics, dashboards, and reports. In the initial three-week effort to get started with TrustMAPP, they performed their first maturity assessment, added a risk register, and created their first board report.
The company eliminated ongoing, annual $40k assessment fees that they had been paying to consultants. The automated workflows and built-in data visualization slashed time commitment by 67%. Their overall cost savings were 42% over three years. And the CISO got to go back to the important, strategic work they needed to focus on.