Compliance Unfiltered is TCT’s tell-it-like-it is podcast, dedicated to making compliance suck less. It’s a fresh, raw, uncut alternative for anyone who needs honest, reliable, compliance expertise with a sprinkling of personality.
Show Notes: TCT Portal Is a Lifesaver Right Away — But It’s Even Better in Year 2
Quick Take
On this episode of Compliance Unfiltered, Adam and Todd talk through the value of the TCT Portal, not just for your immediate compliance needs, but as a true game changer in year two and beyond. Adam gives a full breakdown of the true meaning of helping to make compliance management suck less with the TCT Portal.
Settle in for a snapshot of the Year One benefits of TCT Portal, and then hang on tight as the CU guys really hone in on the lasting benefits in Year Two and beyond.
Curious how to get more effective and efficient in your compliance management? Then this is the episode of Compliance Unfiltered for you!
All this and more, on this episode of Compliance Unfiltered.
Remember to follow us on LinkedIn and Twitter!
Read Transcript
So let’s face it, managing compliance sucks. It’s complicated, it’s so hard to keep organized, and it requires a ton of expertise in order to survive the entire process. Welcome to Compliance Unfiltered, a podcast dedicated to making compliance suck less.
Now, here’s your host, Todd Coshow, with Adam Goslin.
Well, welcome to another edition of Compliance Unfiltered. I’m Todd Coshow, alongside the champagne to your compliance brunch, Mr. Adam Goslin. How the heck are you, sir? I’m doing great, Todd. How about yourself? Man, I can’t complain. TCT Portal is a lifesaver right away, and we’re going to talk about how it’s even better in year two today.
Talk to me. You always say that TCT makes managing compliance suck less. Tell me more. All right, very good. So if you think about this, man, I mean, when you’re going through and using kind of a simplified spreadsheet or whatever, the minute it starts getting more complex, the less efficiency you end up gaining through that process. Complex equals lack of efficiency. Yes, exactly. And so now, and before long, you’re wading through cell by cell, complicated tabs and macros, and all sorts of fun stuff. My head hurts. I mean, compliance management sucks enough, as it is, let alone having to live that through some piece of crap spreadsheet. So why not use something that’s designed for the purpose?
So that’s where really TCT Portal comes into play. It’s designed to make compliance and engagement suck less. Like all compliance or just some compliance? Every single- Is this specific certs? or what are we doing? Every single one. So well north of a hundred different security and compliance style engagements. And the interesting part is that, at least in TCT’s case, we will add new compliance standards that a paying client needs and we’ll do it for free because- Well, so like if there’s a certification that I need as a client of TCT, but you guys don’t have it on your portal, what happens? We’ll go ahead and add it for free. So the bottom line is, is that it like, so as an example, when NIST CSF came out, we had one client said, hey, I need NIST CSF. And so we said, sure, no problem. We’ll go ahead and get it added. Thank you. no sooner did we get it added and all of a sudden I’ve got another client, another client, another client saying, hey, do you have an CSF out? Why? Yes, we do. So, you know, man, that’s really how the suite of various standards that are on the TCT portal has expanded is because we’ve got existing clients that, you know, that really need additional certifications other than what they have.
I see. Now, thinking about year one benefits, tell me what that looks like. Well, the objective of the portal is to gain immediate efficiencies in year one. So, you know, in today’s day and age, you’re going to lose hundreds of man hours just trying to figure out, you know, what is your current state and, you know, and meeting up to discuss, you know, how are we going to get there, etc. You know, a single check-in meeting, if you think about it, can cost you, you know, 13 hours a pop. And, you know, assuming that your team is meeting 20 times a year, you know, you’ve got 260 man hours, boom, right out of the gate. You know, the TCT portal reduces the amount of time, you know, to maybe 52, you know, man hours or saves you 75% of that allocation, you know, just by using the portal because of the fact that it’s actually live, it’s actually sitting there, it is, you know, ready to answer questions, etc., so you end up saving a lot of internal time. So when you say live, though, you’re saying like, if I make an update, that happens in real time. Correct. So if five minutes ago you made an update and completed a particular item and moved it up the workflow, then I could go ahead and log in and, you know, whatever, you’re in California, I’m in Michigan, we could, you know, you could make that update, and I could be seeing that update five minutes later showing it moving up, showing what evidence you’ve attached to it, etc. So all the way around, you’ve got the ability to be able to see those benefits, those updates immediately. Nice. Now, as we’ve always talked about, the real benefit in having a client management software program like TCT is the year one to year two benefits.
So Adam, talk to me about the year two benefit. Well, when you get into year two, year one, yes, you’re gonna save some time, some pain, all that fun stuff. Year two is really where it starts to pay off. Year two is where when you got your year one already in TCT portal, when you go to year two, now you’ve got that entire first assessment cycle is sitting in the system. What does that mean? Well, I’ve got all of the explanations, all of the attachments, I’ve got information around who precisely did what. All of that is tracked, managed, any back and forth between the assessor and the target organization is now stored in the history on each particular item. All of that, you know, kind of realm of information available to the target organization here too. In year one, you’re effectively building up a repository of information, evidence, what happened, all that fun stuff. And in year two, you’re able to not only go ahead and take action on what’s happening in year two, but you’ve got the full compendium of what happened in year one in your hands, like immediately accessible instead of it being spread out over email, you know, voicemails, text messages, meeting minutes, all that fun stuff, you’ve got it all sitting in one spot. And what do clients tell you about that type of workflow shift? Well, what clients say is that the old world where they weren’t using a compliance management system they couldn’t locate who did what? did they do it? What did they provide? Was it good enough, etc, they didn’t have any idea because of the fact that their, you know, their Excel and their tracking mechanisms, etc, was spread all over Hell’s Half Acre. And so as they go into the portal, you know, they can find all sorts of information about, you know, who was assigned what, who actually provided the information for that item. You know, what evidence did they provide? When did they provide it? you know, where did they get it from? Did the assessor accept the evidence? And what changes were made, you know, as they went through that kind of mission process. So all of that information is accessible. You know, without the TCT portal, you’re looking all over Hell’s Half Acre, you know, for the information is the best case scenario. But more often than not, organizations will literally have to hit the reset button every year and relearn all of the things that they theoretically learned in, you know, kind of in that prior track. Sure. You know, in year two, you know, you can’t remember if the assessor accepted this evidence or that evidence. You don’t know what it was that they actually submitted the past muster, you know, but, you know, inside of the TCT portal, you’ve got direct access to exactly what happened the last go-around. the team is having to, you know, experience Groundhog Day, repetitively, etc, as they’re going through and trying to kind of recreate what happened the prior year, they’re able to take advantage of that kind of rock-solid repository of what they had in the prior year.
Okay. Well, how does having prior years help the new- I mean, obviously, there’s going to be turnover every year. How does this make a difference? Yeah, with any organization, they’ve got changes, right? You’ve got a prior person within the organization, they move up to higher levels. You’ve got people that have left the organization. New people come in and whatnot. So the cool part about using a compliance management system like the TC Portal, what that does for the organization is, and I was talking with somebody actually about this, like last week, is that last year, Bob did it for this particular realm within the compliance engagement. This year, it’s now going to be Mary. So if that’s the case, all the items that were assigned to Bob last year, you can assign them to Mary. You can say, these are all the things that you need to do. Mary can systematically look at your single repository and go through and say, what did Bob do last year for each item? What organizations did he provide? What evidence attachments did he provide? Where did he kind of step out of bounds? Where did the assessor put it back? And what did he supply? All that is instantly accessible through the system. So it basically enables those folks that you know are brought in to look at the full compendium of history that happened last year and apply it and learn from all of those experiences to apply it to this year. You basically get a markedly improved full of efficiency out of those new hires over what you would normally expect them to do because if you didn’t have that, you would, you would, they would run into a single roadblock and problem that the person ran into and they’d just be running it again needlessly.
Now, you should thinking about things here, but things specifically are directly helpful with year two. Well. with year two when you go into when you go into a second year within the TCT portal you’ve got the ability to use what we call operational mode. Operational mode is effectively it’s those items or those tasks which are to be done daily, weekly, monthly, quarterly, semiannual, etc. Continuous compliance is another phrase that people use for it. We call it operational mode. The bottom line is that it’s the ability for the organization to leverage that operational mode to stay on track throughout the year as they’re going through. So that’s one of the biggest issues that organizations can leverage in that kind of year two plus is that operational mode where they’re keeping up with the evidence that they’re supposed to be doing. You know you’d be surprised how many things need to be maintained or provided ongoing throughout their compliance cycle and you know the operational mode keeps them on track and sure there’s nothing slipping through the cracks. You know the benefits really are helpful. One, for the organization they can make sure that they’re actually producing, you know, producing information and evidence required for compliance engagement all the way through the year. And the flip side of that is that their assessor on the other hand they can see through the TCT portal they can see that the organization is keeping up on what they need to. They’re supplying the information and evidence that they need to. All of those are good positive benefits but all the way through the year the organization’s able to you know kind of continue to push items. The assessor can see that the items are being provided. In a better sense the organization has their act together and do what they need to do when they need to do it.
Parting shots and thoughts for this week, you know, the reality is, through this, you know, organizations. So you know through year one, year 2, year three. As you go through this you continue to gain a constant repository. It’s just a building of efficiencies into the overall compliance program that they’ve got you know, management is worried about needing to pay more, for more resources you know, the uppity ups worried about trying to make people more efficient. Well, guess what? Stop writing about it, employ a system that’s actually going to you know, provide you with a capability to make that vision happen more efficient, um, you know does it have uh, you know ROI calculators? If you go to the TCT website go to compliance software page, and then go to pricing, scroll down to the bottom. Whether it’s a company that’s going through compliance or if it’s an assessment firm trying to get through the process.
There are different, uh, calculators on that page It’ll give them the capability to go in and kind of queue up the dollars and hours that they could save on their engagement based on their particular circumstances.
That right there, that’s the good stuff. Well, that’s all the time we have for this episode of Compliance Unfiltered I’m Todd Coshow and I’m Adam Goslin. Hope we help to get you fired up to make your compliance suck less.
