Trusted Integration: Delivering GRC Solutions for Highly Regulated Industries

Tri Phan Managing, Director, Product Management
The Governance, Risk, and Compliance (GRC) market is traditionally a complex realm with a rapidly changing landscape. Companies that compete within the current GRC landscape must be able to develop and market solutions that strike balance among many factors. Organizations require solutions that encompass the current or updated requirements, thereby reducing the load on their own compliance staff, and allowing them to focus on assessing the impact of their compliance programs and assets. More than ever, companies are leveraging cloud infrastructure to achieve this as it reduces operating costs and complexity. In this environment, companies must safeguard individual, financial, transactional, and intellectual information across multiple platforms and ensure their protection. With intent to alleviate these concerns, Trusted Integration was founded in 2001 as a boutique software development company with a core focus on delivering GRC solutions for highly regulated industries. The business focus of Trusted Integration remains unchanged since the company’s inception however expands into other regulatory landscape including HIPAA, PCI, FFIEC, and NIST Cybersecurity.

“The founders of the company are detail-oriented individuals and this attribute permeates in everything we do. Our attention to the details enable the company to see patterns in the marketplace that are constantly changing, allowing us to capitalize on them, and to bring the values derived from such capabilities to our end-users,” says Tri Phan, Managing Director, Product Management, Trusted Integration. The company’s flagship product, TrustedAgent GRC, provides organizations with a highly scalable and configurable approach to standardize business processes, reduce complexity, and lower costs in the management, analysis, and remediation of risks across the enterprise. TrustedAgent GRC excels in highly regulated industries where there is a need to address a high demand of oversight from audit and compliance reviews, regulatory reporting, formal management of non-conformities, and continuous reviews of controls.
In addition to core modules like audit management and enterprise risk management, TrustedAgent GRC offers add-on capabilities to further streamline governance and cybersecurity management.

“This boutique focus has landed us deals with several large government agencies and companies including CDC, NIH, FDA, and CACI,” explains Phan. One of their large client leverages TrustedAgent GRC to support their IT security program across multiple locations. This is a massive deployment with nearly a thousand entities of several hundred major IT assets per entity across 300+ named users. Prior to TrustedAgent GRC, the organization was using a combination of spreadsheets, Word documents, Sharepoint, and homegrown applications for managing the various activities relating to security authorization. The organization’s oversight staff was constantly under time and resource pressure, and faced many challenges to manually manage the security authorization process. With TrustedAgent GRC the client migrated legacy data, automated the workflows, and efficiently managed existing compliance and authorization activities with ease— freeing the oversight staff to address more impactful security and risk concerns.

Looking ahead, Trusted Integration plans to integrate additional automation for TrustedAgent GRC to address real-time monitoring and remediation of cybersecurity threats. Unique automation offered by TrustedAgent GRC to date include the ability to initiate vulnerability scanning, automated result collection, and reconciliation to confirm that the correction implemented to address specific vulnerabilities against an asset is truly effective. “In prior versions, we provided end-users with the capability to setup and use common controls across various regulations. As an example, Personnel Security controls can be singularly assessed and established as common controls where they can be employed to provide credit to PCI DSS, HIPAA, NIST, or other assessments performed by the organization. Our end goal for TrustedAgent is to be the GRC platform for organizations to standardize business processes, reduce complexities, and lower costs in the management, analysis, and remediation of risks across the enterprise,” concludes Phan.

Company
Trusted Integration

Headquarters
Alexandria, VA

Management
Tri Phan Managing, Director, Product Management

Description
Provider of Governance, Risk, and Compliance (GRC) management solutions for highly-regulated government and commercial organizations.