Table of Contents
New Trust Center Content
New AI card available for your Trust Center
With our new AI card, you can meet your buyers’ growing need for transparency around AI and its usage. Add the AI card to your Trust Center to proactively provide visibility into your organization’s AI posture:
Share your approach to responsible AI, AI training data, AI governance, monitoring, and security
Communicate how you’re training employees, contractors, and customers on using AI
Explain how risks are identified, measured, and named
New compliance badges
We’ve added the following compliance badges to our growing library of Trust Center compliance items:
ISO/IEC DIS 42001: Designed to ensure responsible development and use of AI, ISO/IEC DIS 42001 is the international standard that outlines specific requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS).
ISO 27305-1:2023: Provides guidance on the information security incident management process, including incident preparation, detection, reporting, assessment, and response.
ISO 13845: Outlines regulatory requirements for managing quality throughout medical device lifecycles, from design and production to installation and servicing.
ISO 20000-1 CSA STAR L1 and L2: A part of CSA’s STAR program for cloud service providers, Level 1 certification demonstrates self-attestation of self-assessment whereas Level 2 establishes third-party certification.
SecNumCloud: Developed by the French National Security Agency, SecNumCloud is a French security qualification that provides a framework for good security practices based on the ISO 27001 standard.
CyberGRX: Provides independent cybersecurity risk assessments for a holistic view of a company’s third-party cyber risk posture.
eIDAS: The electronic Identification, Authentication and Trust Services (eIDAS) regulation establishes a framework for safe, fast, and efficient electronic transactions.
G-Cloud Framework: The Government Cloud (G-Cloud) Framework is a UK government cloud-first policy for public sector organizations evaluating and procuring cloud-based services.
FSQS: The Financial Supplier Qualification System (FSQS) accreditation is a standard used by major UK banks and financial organizations for gathering and managing suppliance assurance information across the financial sector.
NIST 800-54 Rev. 5: The latest version of the Security and Privacy Controls for Information Systems and Organizations standard that outlines how organizations should implement and maintain their cybersecurity practices.
NIST 800-171 Rev. 2: A framework designed to protect Controlled Unclassified Information (CUI) where managed by non-federal organizations.
NIST 800-172: Provides a broader selection of security controls for Controlled Unclassified Information (CUI) stored on non-federal systems.
PCI-SFF: The Payment Card Industry Software Security Framework (PCI-SFF) establishes a standard for the development and distribution of secure payment applications.
PCI-3DS: The Payment Card Industry Three Domain Secure protocol allows customers making online purchases to authenticate themselves and enables an additional layer of security to prevent online fraud.
BSI C5: The German Federal Office of Information Security (BSI) Cloud Computing Compliance Criteria Catalogue (C5) establishes guidelines and a minimum level of security for cloud services.
AWS Public Sector Partner: The AWS Public Sector Partner program validates AWS partners with cloud-based solutions supporting the public sector.
Don’t see a badge you need? Submit a feature request to our team, the steps to do that are documented here.
Feature/Functionality Updates
Trust Center account feedback analytics
Account feedback analytics helps you quantitatively measure your buyers’ experience with your Trust Center. Through a short survey sent via email 7 days after a visitor’s initial login, you gather insight into their experience and identify areas for improvements to your Trust Center, like content that may be particularly helpful to both current and future buyers.
As you start collecting survey data, you can view responses and account feedback by user in the Dashboard section of your Trust Center under the Account Activities tab.
Custom Rules Engine support for NDA contract attributes
With additional rules engine support for contract-related data points, you can now use NDA contract-related fields in Salesforce to automatically handle access request workflows, including support for Ironclad’s Salesforce integration.
Trust Center Preview enhancements
As an extension of our current Trust Center ‘Preview Mode’, our new ‘preview as’ functionality allows you to preview Trust Center changes from the lens of a public user, a specific account, or a specific permission profile before publishing.