Conduct Continuous Risk Monitoring and Information Security Program Management.
TrustMAPP℠ provides a rapid, cost-effective information security MAPP—Maturity Assessment, Profile and Plan—for comprehensive security governance. Gather data from functional owners to assess maturity of key business and IT functions using the COBIT model. (Survey templates are pre-configured with the NIST Cyber Security Framework and ISO27001, as well as industry-specific regulations such as GLBA, HIPAA, PCI DSS, GLBA, FFIEC, FISMA, and SOX.) Profile results with a clear dashboard and underlying detail. Plan objectives in areas of weakness by seeing recommended actions with estimated costs.
How Does TrustMAPP Compare with Information Security Dashboards and GRC Tools?
TrustMAPP is not just an assessment tool or a report dashboard. It is a total management platform light years ahead in these ways:
- Customizable – TrustMAPP’s assessment templates are pre-configured with the highly recommended NIST Cyber Security Framework and ISO27001, as well as industry-specific regulations such as GLBA, HIPAA, PCI DSS, GLBA, FFIEC, FISMA, and SOX. Apply any combination to serve your business and sector.
- Actionable –TrustMAPP groups audit controls into business processes, where maturity improves long-term security capacity. Up to 40 key processes are scored, and within them, six dimensions of COBIT maturity for precise improvements.
- Prioritized – TrustMAPP automatically prioritizes recommendations by highest to lowest business impact, aiding decision-making. Security leaders can set maturity goals for weakest business processes.
- Cost-conscious – TrustMAPP calculates cost estimates—both initial and ongoing—for each recommendation. Set a maturity goal for a process (say a 2 improving to a 5), and discover the needed staff time and resources. No other tool makes one-, two-, and three-year strategic plans and budgets easier to formulate.
- Dynamic – TrustMAPP helps track and report on progress. Enter remediations in the tool, and visually see how investments strengthen security scores over weeks, months, and quarters without repeating a full assessment.
- Visual– TrustMAPP is a cloud or on-site application that is easy-to-use on any mobile device. In minutes, CISOs can generate a presentation that clearly communicates security status and needs to executives and boards in even brief meetings.