Quick Start Details
      Back to home
      1. Trustero Support
      2. Trustero User Guide
      3. Quick Start Details

      Setting Up Your Program: Risks, Policies & Controls

      Bring your own content or use Trustero's curated content

      A strong compliance program starts with putting in place your key content: risks, policies, and controls. Trustero allows you to either import your own content OR use a curated set of pre-built compliance content (Trustero Content Stacks).

      Option 1: Use Your Own Content

        1. Importing it: 
          • Risks – Navigate to Risk > Risk Register.
            1. Click Add Risk (top-right) to bulk upload existing risks.
          • Policies – Two options:
            1. Navigate to Compliance > Policies to upload policies individually.
            2. Go to Integrations > Document Management to connect with your document management system (e.g., Google Drive)..
          • Controls – Navigate to Compliance > Controls.
            1. Click Add or Replace Controls (top-right) to bulk upload a spreadsheet.
            2. Use Replace Your Controls to replace all controls in the account..
      • Optimizing your content for AI: 
        • Include Required Evidence and Test Procedures for each control. Use this standardization format to increase the accuracy and assurance of AI results. 
        • Trustero provides automated suggestions for missing fields (required evidence and test procedures) if the control is recognized.

      Option 2: Use Trustero’s Curated Content

      Pre-built controls and policies are generated from the provided Risk Register, focusing on mitigating risks based on identified threats. These controls include detailed objectives, required evidence, and test procedures, all optimized to produce the most accurate responses for AI checks (e.g., Operating Effectiveness).

      Add Curated Content with the Framework Wizard

      To add new frameworks:

      • Navigate to Company Info > Compliance Frameworks.
      • Click the pencil icon (edit) to open the Add Compliance Framework wizard.
      • Select an additional framework (e.g., ISO 27001 or SOC 2).
      • View a breakdown of:
        • Controls – How many can be reused and how many are new.
        • Policies – Any required updates or additions.
      • Understand the level of effort (LOE) needed to mature your compliance posture as your business grows.

      The framework wizard will only bring in new controls or policies as necessary. This takes advantage of the fact that Trustero’s content is designed to be highly reusable across frameworks.

      Once your program is in place, you can assign control owners to manage risk and compliance effectively.

       

      Experience a demo of these instructions: