“The founders of the company are detail-oriented individuals and this attribute permeates in everything we do. Our attention to the details enable the company to see patterns in the marketplace that are constantly changing, allowing us to capitalize on them, and to bring the values derived from such capabilities to our end-users,” says Tri Phan, Managing Director, Product Management, Trusted Integration. The company’s flagship product, TrustedAgent GRC, provides organizations with a highly scalable and configurable approach to standardize business processes, reduce complexity, and lower costs in the management, analysis, and remediation of risks across the enterprise. TrustedAgent GRC excels in highly regulated industries where there is a need to address a high demand of oversight from audit and compliance reviews, regulatory reporting, formal management of non-conformities, and continuous reviews of controls.
“This boutique focus has landed us deals with several large government agencies and companies including CDC, NIH, FDA, and CACI,” explains Phan. One of their large client leverages TrustedAgent GRC to support their IT security program across multiple locations. This is a massive deployment with nearly a thousand entities of several hundred major IT assets per entity across 300+ named users. Prior to TrustedAgent GRC, the organization was using a combination of spreadsheets, Word documents, Sharepoint, and homegrown applications for managing the various activities relating to security authorization. The organization’s oversight staff was constantly under time and resource pressure, and faced many challenges to manually manage the security authorization process. With TrustedAgent GRC the client migrated legacy data, automated the workflows, and efficiently managed existing compliance and authorization activities with ease— freeing the oversight staff to address more impactful security and risk concerns.
Looking ahead, Trusted Integration plans to integrate additional automation for TrustedAgent GRC to address real-time monitoring and remediation of cybersecurity threats. Unique automation offered by TrustedAgent GRC to date include the ability to initiate vulnerability scanning, automated result collection, and reconciliation to confirm that the correction implemented to address specific vulnerabilities against an asset is truly effective. “In prior versions, we provided end-users with the capability to setup and use common controls across various regulations. As an example, Personnel Security controls can be singularly assessed and established as common controls where they can be employed to provide credit to PCI DSS, HIPAA, NIST, or other assessments performed by the organization. Our end goal for TrustedAgent is to be the GRC platform for organizations to standardize business processes, reduce complexities, and lower costs in the management, analysis, and remediation of risks across the enterprise,” concludes Phan.