Table of Contents
Summary
The Assurance Center assists visitors to your Trust Center in quickly accessing information on the security status of your product or organization.
To use the Assurance Center on a Whistic Trust Center, the following criteria must be met:
- It is only available for paid Trust Centers (Basic Trust Centers are not eligible)
- The Whistic Trust Center must be set to Subscription (Snapshot Trust Centers are not eligible)
The Assurance Center is specific to each selected Trust Center. If you have multiple Trust Centers, you will need to set up the Assurance Center for each one individually, as different products may have unique content you wish to highlight.
🛠️ Steps
-
Navigate to the Whistic Trust Center section in Whistic and select the Trust Center on which you would like to enable the Assurance Center:
-
Click "Edit Trust Center" and scroll down to the Assurance Center section. Click the arrow to expand the section if it is collapsed:
-
When the Assurance Center is expanded you will see "Domains" and "Sub-domains" in a table with toggles next to the name of each. The toggles control the visibility of the Domain or Sub-domain.
If the toggle is grey then that Subdomain or entire Domain will not be visible in your Trust Center. There is also a toggle at the top to turn off the visibility for the entire Assurance Center.
Make sure the top level toggle is in the On (blue) position and all Domains and Subdomains have the toggle turned on so that the Assurance Center will appear as you intend within your Trust Center.
-
To add content, click on a Domain and then click a Subdomain that you would like to show in your Assurance Center. When you click the Subdomain, a panel will appear with:
Control Definition
Compliance Selection drop-down
Comment Section
Documents
Audits and Certifications -
For a subdomain to appear in the Assurance Center, you must add at least one of the following in the panel:
- Select a Compliance Status
- Add a Questionnaire Answer
- Add a Comment
- Add at least one DocumentNote: If you turn the visibility toggle for a subdomain to the ON position but do not add at least one item from the list above, then the subdomain will still not be visible in your Assurance Center as there is no content to show. - Select a Compliance Status (Not Required)
-
Add a Comment
Click the check box to include a Comment. You can type or copy/paste a comment in the provided text box. The comment section also accepts hyperlinks, feel free to include those here as well. -
Add a Document
Click the "+" icon to add a document as evidence.
The documents must be added to your Trust Center and available in the Additional Documents section of your Trust Center to be included.
After clicking the "+" icon a popup will appear. Select the document you want to add as evidence and click "Submit".
Click the Trash icon to remove the document from the evidence - Repeat these steps for all Domains and Subdomains you want to showcase in your Assurance Center and make sure to turn all the visibility toggles to the ON position.
-
Check by Downloading from the Assurance Center
If you want to check all the information that you have included in the Assurance Center, click the Download icon to download a CSV where you can verify all the domains, subdomains, and evidence that will be visible in your Trust Center.The download functionality will only download information that you have completed and turn the toggle to the ON position. The download functionality will also be Trust Center viewer-facing so that customers can download all content you have made visible as well.
- Click "Done" at the top to publish the Assurance Center to your Trust Center.
📋 Current Mapped Questionnaires
Below is a list of the questionnaires currently supported for mapping to the Assurance Center if added to your Whistic Trust Center:
- Custom BCBS Questionnaires
- CAIQ
- CAIQ Lite
- CIS Top 5
- CIS Top 20
- SIG
- SIG Core
- SIG Lite
- SIG Full
- VSA
- VSA Core