July 2021 TrustMAPP Release
One of our most anticipated features has been Advanced Reporting functionality. We have learned that the data in TrustMAPP is not in it’s final resting place and executives need to get that data into pixel-perfect reports.
Many of the CISOs and executives who use TrustMAPP want editable report templates that can be produced on the fly to give an update to the current state of the organization’s cybersecurity and data privacy posture.
Knowing that every company’s reporting methodologies and expectations are different, we created our Advanced Reporting module.
The Advanced Reporting module comes with stock templates that can output reports into editable files – allowing you to add details that C-levels and/or the Board of Directors are looking for.
If you want a custom template, you can engage our professional services team to create one that is then on-demand for you in your tenant (and only your tenant).
SOC 2 Template
Formally known as “AICPA 2017 Trusted Services Criteria (SOC 2) w/ March 2020 Updates”, it is a controls-based maturity template.
TrustMAPP attributes are aligned with SOC 2 at the sub-controls-based level. SOC 2’s control numbering schema has been extended an additional level to account for sub-control requirements. Respondents review and answer questions that pertain to the sub-controls. The template will initially be available in English.
It features the new, standardized 0-5 maturity score that is better aligned with CMMI, COBIT, and ITIL. This expands the 1-5 standard into the realm of “we don’t have that at all” and allows for sub-1 MAPP scores.
It also uses project tags. An example: 11 controls in the standard can be met by creating and maintaining a CMBD:
- All 11 controls are tagged with “CMDB”
- Costs and labor for a CMDB are placed in the Totals column
- The totals are then divided by the 11 controls to give granular, but accurate numbers.
We have also cross-mapped it into and out of NIST CSF v1.1.