One of the biggest snares of many compliance management tools is the ability to think you’re covered when you aren’t. You think you have what you need, but there’s no proof of it. Instead, the software lets you rely on your assumptions, and move onto the next item on the list.
Many simplistic compliance management tools just ask yes or no questions, with no mechanism to associate actual evidence with the response. They’re designed to encourage you to flip the indicators to the pretty green “YES” all the way down the line.
And that’s where people get into trouble — they believe they have each item in place, and because there’s no burden of proof, they can just go from item to item and check things off the list.
Just getting started with compliance? 6 Keys to Building a Kickass Compliance Program
That’s why it was one of our priorities to make sure that TCT Portal users actually have a way to associate evidence with every single response — and to do it in a way that’s quick and easy to use.
In the TCT Portal compliance software, there are two main data capture areas to keep you out of trouble. One is used for attaching evidence and the other is for explanations. Let’s take a look at how easy it is to provide evidence and explanations in TCT Portal.
Quick Tour: Attaching Evidence
It’s one thing to say that you have something in place, but it’s another to prove it with a screenshot, a policy document, or some other piece of evidence. Attaching that evidence to the line item itself gives empirical proof that you’re doing what you’re supposed to do, and that each requirement is actually in place.
In TCT Portal, each line item requirement has a set of tabs. The Attachments tab lets you associate actual evidence at line-item level, so that you can legitimately say this item is officially cleared.
From the line item screen, just upload the file you need to associate it with the item. If the file is already uploaded to TCT Portal, you can select it from a list of already loaded files. It’s as simple as that!
The great thing about Attachments in TCT Portal is that you can attach a single file to as many requirements as you need to. You could have a single consolidated security policy that’s connected to more than 100 requirements within the system. With TCT Portal, you can easily link that document to every one of those requirements. Upload it once, and link it to each associated line item. And it’s stored in one central location that’s easy to get to.
Better yet, let’s say you realize after 80 line items that you need to make a small adjustment to the document. Simply replace the old version once, and it’s automatically updated everywhere you’ve already linked it. Because there’s only one instance of the document (with 80 links), you only need to replace it once.
Related: Dread Checking Compliance Engagement Status? Do It in Under 15 Minutes.
Quick Tour: Providing Explanations
Sometimes you need to clarify something you’ve attached to a requirement, or provision additional details for a requirement that doesn’t apply to your organization. TCT Portal’s Explanations tab comes in handy here.
For example, if you’re required to provide a certain policy statement, you can use the Explanations tab to call out where it’s covered in the documentation. If you don’t need to fulfill a requirement, you can add an explanatory note to declare an exception.
Turbo Boost Your Attachments and Explanations
The place where explanations and attachments really stand out is when you get past your first year in TCT Portal.
There will come times when you have turnover of personnel, or shifting of roles. Key players from last year aren’t involved in your compliance engagements anymore, and they aren’t available to answer questions about how things were done last time. TCT Portal ensures you still have a clean, clear repository that you can go back to, so you’re never stuck trying to cobble together a sense of what worked last year.
he system lets you see which were the final documents that got attached to particular requirements. You can review precisely what screenshots passed muster and what evidence was provided for each line item. All of that information is in one spot — there’s no hunting and pecking, no digging through other people’s emails, no playing interpreter to stored file naming conventions. Everything is right at your fingertips, and it saves an astronomical amount of time.
Compliance is never as easy as simply going down a checklist and clicking “YES” on every item. But with TCT Portal, it doesn’t have to be onerous work to provide evidence, either. Protect your organization without a lot of pain or chaos.