Skip to main content
πŸŽ‰ Check out our latest May Release πŸŽ‰ Here

Search

Welcome to Whistic Support

Free User Guide: Assessment Requests and Trust Center Shares

  • Updated

Table of Contents

Summary

Whistic is a security platform that helps businesses assess vendor and partner risk. As a free user, you may receive assessment requests or invitations to review security Trust Centers from Whistic subscribers. This guide covers both scenarios and helps you navigate the platform efficiently.

Key Points:

  • You'll create your own company account in Whistic (not guest access)
  • Assessment requests can include questionnaires, documents, or both
  • Trust Center shares provide comprehensive security information from vendors
  • All interactions happen through your personal Whistic dashboard

If you need assistance, contact support@whistic.com or visit our Support team page.

πŸ“‹ Assessment Requests

Companies use Whistic to request security evaluations from their suppliers. These requests may include industry-standard questionnaires (like CAIQ) or document requests (like SOC 2 reports).

πŸš€ Getting Started with Assessment Requests

Email Notification and Registration

  1. You'll receive an email with a "Start Assessment" link
  2. Click the link to either log into your existing account or register for a new one
  3. If you need to reassign the request to a colleague, use the reassignment link below the "Start Assessment" button
  • Important Notes:
    • Only the current assignee can share completed assessments with requesters
    • Check your Dashboard for any requests - if you don't see expected requests, contact the requester about reassignment
    • Reassignment using the email link is a one-time action - if the recipient assigns more than once, it can cause issues displaying the assessment. The requester can reassign multiple times if needed.
    • If you need to collaborate with a colleague (or multiple colleagues) on this, see this article about Adding a Collaborator

βœ… Completing Assessment Requests

Dashboard Navigation Your dashboard contains three main sections:

  • Dashboard: Where action items and requests appear
  • Questionnaires: All available questionnaires including industry standards and custom requests
  • Trust Center Exchange: List of companies sharing security Trust Centers publicly

Types of Requests

Document Only Requests

  1. Select "Upload" from your dashboard
  2. Choose the requested file from the dropdown menu
  3. Some requests allow alternatives if you cannot provide the primary document

Questionnaire Requests

  1. Select "Start" under Outstanding Customer Requests
  2. Answer all questions completely (100% completion required)
  3. The platform automatically saves your progress
  4. Attach files (blank word doc ok if needed) to questions when required, even for "Not Applicable" responses
  5. You can assign questions to teammates or add collaborators by clicking the "+" at the top

Mixed Requests Complete both document uploads and questionnaires as outlined above.

πŸ“€ Sharing Completed Assessments

For Documents: Simply upload the correct file using the dropdown menu in your dashboard request.

For Questionnaires:

  1. Ensure 100% completion (check the percentage indicator)
  2. Click the "Share" button when it appears
  3. Review your answers in the pop-up confirmation
  4. Click "Share" to submit to the requester
Note: Assessors cannot view your responses until you click "Share."
  • You can assign questions to teammates.
  • You can add teammates or collaborators.
    • This article details how. How to Add a Collaborator
    • Assigning a question creates accountability for the person it is assigned to, whereas adding a collaborator does not.
    • All team members will have access to the complete questionnaire and can submit it.

πŸ›‘οΈ Trust Center Shares

Trust Center shares provide comprehensive security information from vendors, including documentation, certifications, and completed questionnaires.

πŸ”— Accessing Shared Trust Centers

Getting Started

  1. Receive an email invitation with a "View Security Trust Center" button
  2. Click the button to register or log in to Whistic
  3. If you're not the right person, use "Click Here" to reassign to a colleague
  1. Complete registration to access the shared Trust Center

Important Considerations:

  • Verify your company website URL is correct in the registration
  • Some Trust Centers require NDA acceptance before access
  • Confirm you have the authority to accept NDAs on behalf of your company

πŸ—ΊοΈ Navigating Shared Trust Centers

Trust Center Types

  • Subscription: Remains up-to-date for the duration of the share
  • Snapshot: Shows Trust Center information at the time of sharing only

Trust Center Features

  • View completed questionnaires and supporting documents
  • Download available documents (sender controls download permissions)
  • Request clarifications on questionnaire responses
  • Access certifications and audit information

πŸ’¬ Requesting Clarifications

  1. Click the information icon next to specific questions
  2. Select entire sections if needed (ensure icons are yellow)
  3. Check clarification tally at bottom of screen
  4. Click "Send" to submit clarification requests

Trust Center Expiration

  • Senders set expiration dates for Trust Center access
  • Request extensions directly from the sender if needed
  • Contact sender for access to updated Trust Center information
  • If the Trust Center has expired and you click on the link to view the Trust Center again, you will see the following:

❓ FAQ

Why can't I share my completed questionnaire?

First, ensure 100% completion by checking the percentage indicator. If not 100%, use "Filter By Unanswered" to find incomplete questions. Some questions require comments or file uploads even for "Not Applicable" responses. If showing 100% but no Share option appears, the request may be reassigned to someone else.

Can I update the answers after sharing them with the requester?

Shared questionnaires become static copies. Updates to your version don't affect the requester's copy. Contact the requester for clarification requests on specific questions, or they can send a new request that will map your previous answers.

What is Whistic's role in assessments?

Whistic is a third-party platform facilitating secure Trust Center sharing and assessment requests between buyers and sellers. We don't participate as assessors but provide the technology to streamline the process.

Can Whistic provide documents not included in a shared Trust Center?

No. All documents and information come from the company that shared the Trust Center. Contact the sender directly using the email address shown on your dashboard next to the "View Trust Center" button.

Why can I download some documents but not others?

The sending company controls which documents are available for download. Generally, documents become downloadable after NDA acceptance.

Can I get additional documents added to a shared Trust Center?

Companies often maintain multiple Trust Centers (basic and comprehensive). Contact the Trust Center sender to request access to additional documentation or a more comprehensive Trust Center.

Can I download audit certificates?

Audit certificates appear as emblems and aren't directly downloadable. Click on the certificate folder to view the attached file or image in the right panel of the Trust Center.

Where can I find a reference guide for viewing Trust Centers?

Visit our detailed article: How to Navigate a Trust Center Shared with Me for comprehensive guidance on Trust Center navigation.