Granular Ownership and Access Control

Tejas Ranade

26 May 2021

At TrustCloud, our mission is to make it effortless to earn trust in every business relationship. We enable simple, intelligent, truthful, and valuable compliance to help a business implement, measure, and confidently share its compliance program with customers.

Granular Ownership and Access Control

Compliance is a team sport. As a caretaker of your company’s security obligations, you should feel confident that your team members’ access to your program reflects their job responsibilities.

With this update, we’re rolling out three initial roles:

  • Compliance Admins are in full control of your team and program. This role enjoys unrestricted access to everything TrustOps has to offer, and as such should be reserved for the one or two people in charge of your compliance program.
  • Business Unit Owners are highly-trusted individuals who lead one or more of your company’s business units, such as HR or Engineering. They have a slightly lower permission set than that of the Compliance Admin. In the future, we will be introducing additional functionality surrounding business functions, granting Business Unit Owners more control over the people who make up their own team.
  • Lastly, Compliance Team Members are colleagues who can view and contribute to your TrustOps. Their responsibilities may include owning a particular set of compliance artifacts such as systems, controls, and policies, and their access is limited to the artifacts they own.

roles

Appropriately assigning roles lets you rest easy knowing that access is restricted to those who need it, and limits the consequences of unforeseen events such as leaked credentials or compromised access. As TrustCloud expands its capabilities over the coming months, you can look forward to additional roles and new capabilities within your instance.

TrustCloud is as much your product as it is ours. What else would you like us to work on?

Let us know by sending an email to kira@trustcloud.ai