at Financial Technnology Year
Please contact them if you have any questions.
LogicGate Risk Cloud from LogicGate
Customizable workflows for compliance and risk management, comprehensive audit trail capabilities, and integration with existing systems to maintain consistency in risk reporting.
Product analysis by function
Audit Trail Systems for Compliance and Risk Management
Software that maintains comprehensive records of all client interactions, recommendations made, and the basis for those recommendations to demonstrate compliance with fiduciary or suitability standards.
More Audit Trail Systems
More Compliance and Risk Management ...
Data Capture & Recordkeeping
(7 Yes /7 Known /10 Possible features)
|
Comprehensive Interaction Logging Records all types of client interactions (email, call, in-person, digital). |
Product documentation indicates all user actions and interactions (e.g., workflow steps, user communications) are logged comprehensively for audit and compliance. | |
|
Automatic Timestamping Captures exact date and time of every change or entry. |
Official feature descriptions and user guides confirm all entries and changes are timestamped automatically. | |
|
Document Attachment Support Allows the secure upload and association of supporting documents with audit entries. |
LogicGate Risk Cloud supports document upload and secure association with any record per platform documentation. | |
|
Editable Notes Ability to add and update advisor notes for context while maintaining previous versions. |
Users can add/edit notes on records and view version histories, supporting audit and context. | |
|
Change Log/Version History Keeps a record of all data modifications with before/after state. |
Change history (before/after state) is available for all record modifications (audit trail feature). | |
|
Immutable Ledger Ensures records cannot be altered or deleted after entry for audit integrity. |
No information available | |
|
Volume Capacity Maximum number of records or interactions system can reliably store per year. |
No information available | |
|
Data Retention Period Length of time records are retained according to regulatory guidelines. |
No information available | |
|
Bulk Import/Export Supports mass upload and export of records for migration or backup. |
Bulk import and export are explicitly mentioned as core functions for data migration and backup. | |
|
Multimedia Storage Ability to store audio, video, and multimedia communications as part of the audit trail. |
Supports storing attachments including multimedia files as part of audits, per official documentation. |
Search, Retrieval & Reporting
(8 Yes /8 Known /10 Possible features)
|
Advanced Search Robust filters (date, client, advisor, event type, etc.) for quickly finding records. |
Platform offers robust filtering and advanced search tools for rapid record retrieval. | |
|
Customizable Reporting Build and export tailored reports for compliance reviews, audits, and investigations. |
Users can build and export custom reports tailored to compliance and audit needs. | |
|
Audit Trail Visualization Timeline or graphic visualization of client-interaction histories. |
Audit history may be visualized in the form of timelines or similar graphical presentation. | |
|
Export Formats Available formats for exporting data (CSV, PDF, Excel, etc.). |
No information available | |
|
Saved Reports Ability to save and schedule common audit reports. |
Supports saving and scheduling regular audit/compliance reports. | |
|
Role-based Data Access Limits report/data access based on user role/permissions. |
Role-based access and permissions are described as standard features. | |
|
Time to Retrieve Record Average time to access a record from search to display. |
No information available | |
|
Bulk Data Extraction Allows mass export of historical audit trails for regulatory requests. |
Platform enables mass export for regulatory or legal requests. | |
|
Keyword Tagging/Search Tag records for easier retrieval using user-defined keywords. |
Records can be tagged and searched with keywords according to user-defined tags. | |
|
Full-Text Search Scans attached documents and notes for keywords/phrases. |
Full-text search is supported across records and attachments. |
Security & Access Control
(6 Yes /6 Known /10 Possible features)
|
User Authentication Enforces secure user logins and multifactor authentication. |
User authentication including SSO and MFA options is available. | |
|
Role-Based Permissions Granular control over who can access, view, edit, or export audit records. |
Granular, role-based permission management is natively supported. | |
|
Encryption at Rest All records are encrypted when stored on disk. |
Encryption at rest is industry-standard and explicitly stated in security documentation. | |
|
Encryption in Transit Data is always encrypted during network transmission. |
All data transmissions are encrypted, verified by compliance resources. | |
|
Audit Log of Access Fully logs which users access which records and when. |
Complete audit logs of user access to records are maintained. | |
|
Session Timeout Sessions auto-expire after set period of inactivity. |
Session timeout and idle logout are configurable. | |
|
Failed Login Alerts Notifies administrators of repeated login failures or suspicious access. |
No information available | |
|
Granular Field Masking Sensitive fields (SSN, addresses, etc.) are masked unless explicitly permitted. |
No information available | |
|
User Password Policy Controls Configure password complexity and refresh requirements. |
No information available | |
|
Number of Permission Levels How many roles or permission profiles can be configured. |
No information available |
Regulatory Compliance Support
(8 Yes /8 Known /10 Possible features)
|
Pre-Configured Compliance Templates Built-in reporting and workflows for key financial regulations. |
Pre-configured compliance templates (e.g., for SOX, financial regulations) are available out-of-the-box. | |
|
Custom Policy Rule Engine Allow firms to define customized compliance triggers and alerts. |
Configuration engine allows custom policy triggers for alerts and compliance automation. | |
|
Audit Readiness Dashboard Central view of compliance status with outstanding tasks/deficiencies. |
Audit readiness dashboard is a feature listed in product marketing and demos. | |
|
Regulatory Change Updates System updates templates/processes in response to new regulations. |
Regular regulatory update processes update compliance templates as rules change. | |
|
Automated Exception Alerts Notifies users about entries/actions requiring special compliance attention. |
Configurable alerts notify users of exceptions or compliance events as part of the built-in automation. | |
|
Custom Compliance Reports Flexible reporting to demonstrate compliance with local/global rules. |
Custom compliance reports are supported via flexible reporting tools. | |
|
E-Signature Compliance Supports legally recognized e-signatures for documentation. |
No information available | |
|
Policy and Forms Repository Centralized location for latest firm/industry policies and forms. |
Centralized hub for policies, forms, documentation is available in the Risk Cloud platform. | |
|
Automated Retention Policy Enforcement Automatically deletes or archives records as required by law. |
Enforces retention and archival policies automatically as configured to regulatory standards. | |
|
Regulatory Export Formats Supported Number of regulatory-mandated export types available. |
No information available |
Integration & Interoperability
(8 Yes /8 Known /10 Possible features)
|
API Availability Robust APIs for retrieving and pushing audit data programmatically. |
Robust RESTful APIs available; heavily documented for integration. | |
|
Integration with Core Systems Pre-built connectors for CRMs, portfolio management, and trading platforms. |
Integration connectors are available for core systems (CRM, GRC, etc.). | |
|
Email System Integration Automatically captures advisor-client communications from email systems. |
No information available | |
|
Document Management Integration Links with digital document vaults and e-signature platforms. |
Integrates with document management and e-signature platforms (including DocuSign & Box). | |
|
Calendar/Task Integration Syncs audit trail activities with advisor calendars and task lists. |
Supports calendar/task integrations (e.g., linking tasks to Outlook calendars) via connectors. | |
|
Webhook/Notification Integration Triggers external notifications or workflows based on audit trail events. |
Webhooks and notification triggers are configurable for workflow/alert integrations. | |
|
Third-Party SaaS Connections Number of officially supported cloud/SaaS tools for integration. |
No information available | |
|
Mobile App Integration Audit access from mobile CRMs or compliance apps. |
Mobile web app and integration capabilities support access from mobile platforms. | |
|
Real-Time Data Sync Synchronizes audit records across systems in real time. |
Real-time synchronization of data across integrated systems is available. | |
|
Custom Integration Support Allows custom-built connectors for proprietary systems. |
Supports creation of custom connectors for proprietary system integration. |
Scalability & Performance
(4 Yes /4 Known /10 Possible features)
|
Max Concurrent Users Number of users who can access the audit system simultaneously. |
No information available | |
|
System Uptime SLA Guaranteed uptime for the service infrastructure. |
No information available | |
|
Processing Speed Average time taken to save and retrieve audit records. |
No information available | |
|
Failover/Disaster Recovery Redundancy and recovery systems to minimize data loss/outage. |
Failover and disaster recovery processes are in place (described in Trust Center and reliability documents). | |
|
Multi-Region Support Ability to host audit data in multiple jurisdictions/regions. |
No information available | |
|
On-Premises & Cloud Options Choice of deployment models to match firm requirements. |
Supports deployment both in the cloud and on-premises for enterprise customers. | |
|
Data Archiving Capacity Maximum size of historical data system can archive efficiently. |
No information available | |
|
Scalable Storage Storage expands automatically as audit volumes grow. |
Storage is scalable according to customer audit/log data needs. | |
|
Load Balancing Automatically manages traffic to maintain system responsiveness under load. |
No information available | |
|
Performance Monitoring Alerts Automatic warnings when system performance degrades. |
The system provides automated alerts on degraded performance or data pipeline status. |
User Experience & Interface
(7 Yes /7 Known /10 Possible features)
|
Intuitive Dashboard User-friendly main interface summarizing key audit activities and tasks. |
Product UI is centered around an intuitive, configurable dashboard. | |
|
Customizable Views Users can tailor visible fields, columns, or layouts to fit preferences. |
Views, columns, widgets, and dashboards are customizable per user. | |
|
Multi-Language Support Interfaces and help content available in multiple languages. |
No information available | |
|
Accessibility Compliance Meets ADA/WCAG accessibility standards for users with disabilities. |
Documentation references accessibility testing and WCAG alignment. | |
|
Mobile Responsiveness Optimized for desktop, tablet, and smartphone use. |
Application is mobile responsive according to design guidelines and user documentation. | |
|
Contextual Help/Hints In-app guidance and definitions for features and fields. |
In-app contextual help and support tools are referenced in product guides. | |
|
Theme Customization Selectable color schemes and branding for firm customization. |
Theme/color customization for firms is available (branding support). | |
|
Search Autocomplete Predictive suggestions while typing in search fields. |
No information available | |
|
Quick Entry Templates Pre-set forms or templates for faster record input. |
No information available | |
|
Drilldown Navigation Click-through from summary to detail with minimal steps. |
Dashboards and reports allow drilldown navigation from summary to detail with minimal steps. |
Notifications, Alerts & Workflow Automation
(7 Yes /7 Known /10 Possible features)
|
Custom Alert Triggers Define rules for sending alerts when certain events occur in the audit trail. |
Custom event and notification triggers are configurable using workflow builder. | |
|
Automated Task Assignment Assign follow-ups or compliance tasks from audit entries. |
Workflows can auto-assign follow-ups or compliance tasks from audit events. | |
|
Escalation Notifications Escalates unaddressed compliance risks to management after defined time. |
No information available | |
|
User Notification Channel Options Email, SMS, in-app, and push notification options. |
No information available | |
|
Calendar Reminders Allows automatic creation of calendar events for compliance review. |
Calendar reminders and task creation are available via system integration connectors (e.g., Outlook, Google Calendar). | |
|
Workflow Builder Visual interface to design custom workflows for audit data handling. |
Visual workflow builder is a featured selling point in the Risk Cloud platform. | |
|
Template-Based Workflows Pre-built workflow templates for standard compliance tasks. |
Workflow templates for typical compliance/audit tasks are provided out-of-the-box. | |
|
Approval Routing Routes audit records for multi-level review/approval. |
Approval and multi-level routing supported for policy and audit record review. | |
|
Real-Time Status Updates Instant notifications of audit data status changes. |
Status updates and notifications are processed in real time. | |
|
Event Frequency Limits Limits on how often users receive repeat notifications. |
No information available |
Audit & Investigation Tools
(9 Yes /9 Known /10 Possible features)
|
Forensic Record Lockdown Freezes selected records to prevent alteration during investigation. |
Records can be locked for legal/investigatory reasons as part of audit workflow. | |
|
Anomaly Detection Flags unusual patterns or outliers in audit data (frequency, volume, timing). |
LogicGate Risk Cloud provides anomaly detection and exception reporting in risk/controls modules. | |
|
Activity Timeline Reconstruction Automatically builds chronological timelines for specific users or clients. |
Audit logs provide timeline reconstruction for user/client activity. | |
|
Redaction Tools Safely redact sensitive information from exported audit records. |
Redaction of fields in exports for privacy/security is supported, as described in compliance modules. | |
|
Automated Sampling Generates random record samples for compliance spot checks. |
Automated sampling of records for compliance is available within audit modules. | |
|
Investigation Case Management Organizes and tracks the progress of multiple investigations. |
Investigation case management functionality is offered within the platform. | |
|
Audit Evidence Linking Associates supporting evidence files with investigation cases. |
Evidence files can be linked to investigation cases. | |
|
Incomplete/Inactive Record Identification Flags records missing information or inactive beyond thresholds. |
System flags incomplete or unreviewed/aged records for compliance. | |
|
Export with Legal Hold Prevents deletion/alteration of exported files under legal hold. |
Legal hold features are referenced in documentation for compliant data export. | |
|
Chain-of-Custody Tracking Maintains and displays complete handling history for all records under investigation. |
No information available |
Customization & Extensibility
(6 Yes /6 Known /10 Possible features)
|
Custom Field Creation Organizations can add their own data fields to the audit schema. |
Customers may add custom data fields to any workflow/audit form as needed. | |
|
Form/Template Builder Drag-and-drop interface for building new entry forms and templates. |
Offers a drag-and-drop form/template builder for user-defined data capture. | |
|
Scriptable Actions Develop custom scripts triggered by audit events. |
No information available | |
|
Custom Branding Upload logos, firm colors, and themes. |
Branding and theming is available for firm logos/colors. | |
|
Localization Support Adapt layouts and content for global offices. |
Supports localization for global office deployments. | |
|
Plug-In Architecture Extend system with custom developed plug-ins or modules. |
No information available | |
|
Number of Custom Fields Allowed Maximum number of additional fields per record. |
No information available | |
|
User Role Flexibility Define and manage custom user roles beyond defaults. |
User roles (and permissions) beyond defaults are supported and easily managed. | |
|
Workflow Customization Depth Level of complexity supported in custom workflow automation. |
No information available | |
|
Developer Documentation Comprehensive guides, SDKs, and code samples for extensibility. |
Comprehensive API documentation, SDKs, and developer resources provided. |
Support, Training & Vendor Reliability
(9 Yes /9 Known /10 Possible features)
|
24/7 Support Availability Access to technical and product support around the clock. |
LogicGate provides 24/7 support for enterprise customers per SLA/contract documents. | |
|
Onboarding Assistance Step-by-step guidance for implementation and user training. |
Onboarding assistance and guided implementation/training are available. | |
|
Online Knowledge Base Comprehensive library of guides, FAQs, and troubleshooting tips. |
Public online knowledge base is available for all customers. | |
|
Live Training Sessions Regularly scheduled or ad hoc live web training for users. |
Live and on-demand training sessions are offered regularly. | |
|
Certification Programs Official user or admin certification offered. |
User/admin certification programs are described on support and learning center pages. | |
|
Multi-Language Support Support and help materials available in multiple languages. |
Support resources offered in multiple languages. | |
|
Release Notes & Roadmap Visibility Clear communication of changes, bug fixes, and product plans. |
Release notes and product roadmap visibility are provided to customers. | |
|
Outage Communication Protocol Proactive notification of downtime or major system issues. |
Proactive notifications for planned outages or incidents are described in support protocols. | |
|
Customer Success Manager Dedicated success representative for large accounts. |
Dedicated customer success managers are referenced for large/enterprise accounts. | |
|
Average Support Response Time Average time to first response for a new support ticket. |
No information available |
Cybersecurity Infrastructure for Compliance and Risk Management
Comprehensive security solutions including firewalls, encryption tools, multi-factor authentication systems, and intrusion detection systems to protect sensitive client financial data.
More Cybersecurity Infrastructure
More Compliance and Risk Management ...
Network Security
(1 Yes /1 Known /14 Possible features)
|
Firewall Protection Implements barriers between trusted and untrusted networks to control traffic. |
. | No information available |
|
Intrusion Detection System (IDS) Monitors network traffic for suspicious activity and potential threats. |
. | No information available |
|
Intrusion Prevention System (IPS) Actively prevents network threats identified by monitoring systems. |
. | No information available |
|
Network Segmentation Divides networks into segments to restrict access and reduce attack surfaces. |
. | No information available |
|
Traffic Encryption Encrypts data communicated within and between networks. |
. | No information available |
|
Secure VPN Access Allows remote users secure and encrypted access to internal systems. |
. | No information available |
|
Wireless Security Controls Protects wireless communications via protocols and strong authentication. |
. | No information available |
|
Network Monitoring Frequency How frequently the network is actively monitored for threats. |
. | No information available |
|
Automated Threat Blocking Ability to automatically block threats detected on the network. |
. | No information available |
|
Logging and Audit Trails Maintains detailed logs of network activity for forensic analysis. |
LogicGate Risk Cloud provides comprehensive audit trail capabilities as part of its compliance/risk automation, meeting detailed logging requirements. | |
|
DNS Filtering Prevents access to malicious domains and controls web access. |
. | No information available |
|
DDoS Protection Protects networks and services against Distributed Denial of Service attacks. |
. | No information available |
|
Zero Trust Network Architecture Reduces reliance on perimeter security by enforcing strict access controls everywhere. |
. | No information available |
|
Network Access Control (NAC) Restricts device and user access based on compliance with policies. |
. | No information available |
Data Encryption
(1 Yes /1 Known /13 Possible features)
|
At-rest Encryption Ensures all stored data is encrypted on disk. |
. | No information available |
|
In-transit Encryption Encrypts data as it travels across networks. |
. | No information available |
|
End-to-End Encryption Secures data from the origin to the intended recipient. |
. | No information available |
|
Key Management System Manages and rotates cryptographic keys securely. |
. | No information available |
|
Encryption Algorithm Strength Bit length or standard of encryption (e.g., AES-256). |
. | No information available |
|
Tokenization Support Replaces sensitive data with non-sensitive placeholders. |
. | No information available |
|
Encrypted Backups Ensures all backup data is also encrypted. |
. | No information available |
|
Database Encryption Encrypts entire databases or selected fields. |
. | No information available |
|
Encryption Policy Management Defines and enforces data encryption standards. |
. | No information available |
|
Pseudonymization Options Enables privacy-preserving techniques alongside encryption. |
. | No information available |
|
Hardware Security Module (HSM) Integration Leverages physical devices for additional encryption security. |
. | No information available |
|
Automatic Key Rotation Regular automatic change of encryption keys. |
. | No information available |
|
Regulatory-Compliant Encryption Aligns with PCI DSS, GDPR, and similar standards. |
LogicGate Risk Cloud’s documentation and case studies specifically reference supporting PCI DSS, GDPR, SOC 2, and other encryption regulatory standards. |
Authentication & Access Controls
(3 Yes /3 Known /13 Possible features)
|
Multi-Factor Authentication (MFA) Requires more than one method of authentication to verify a user's identity. |
. | No information available |
|
Single Sign-On (SSO) Allows users to access multiple applications using one set of login credentials. |
. | No information available |
|
Role-Based Access Control (RBAC) Assigns system access based on user roles and responsibilities. |
Granular role-based access control is a core feature, documented in product capabilities for limiting data/workflow access according to business roles. | |
|
Time-based Access Restrictions Limits system access to specific time windows. |
. | No information available |
|
Granular Permissions Enables fine-tuned access controls down to module or record level. |
. | No information available |
|
Adaptive Authentication Adjusts authentication requirements based on risk factors. |
Risk Cloud allows organizations to define granular access rights, ensuring only users with appropriate roles can access sensitive workflows and data. | |
|
Session Timeout Automates the termination of sessions after inactivity. |
. | No information available |
|
Password Policy Enforcement Enforces complexity, rotation, and reuse rules for passwords. |
. | No information available |
|
Account Lockout Mechanism Temporarily locks user accounts after a set number of failed login attempts. |
. | No information available |
|
Device Authentication Restricts access based on registered devices. |
. | No information available |
|
User Provisioning/Deprovisioning Automation Automates account creation and removal to prevent orphaned access. |
. | No information available |
|
Privileged Access Management Provides special controls for administrator or sensitive access. |
. | No information available |
|
Audit Logging of Access Attempts Maintains an immutable record of all access attempts. |
Comprehensive audit trail capabilities include immutable audit logs for access attempts and configuration changes. |
Endpoint Security
(0 Yes /0 Known /12 Possible features)
|
Antivirus & Antimalware Detects and removes malicious software from endpoints. |
. | No information available |
|
Endpoint Detection and Response (EDR) Monitors endpoints for suspicious activity to respond rapidly to incidents. |
. | No information available |
|
Device Encryption Encrypts hard drives and storage on endpoints. |
. | No information available |
|
Remote Device Wipe Allows administrators to erase sensitive data from lost/stolen devices. |
. | No information available |
|
Mobile Device Management (MDM) Centralizes control and monitoring of mobile endpoints. |
. | No information available |
|
Application Whitelisting/Blacklisting Restricts which applications can run on endpoints. |
. | No information available |
|
Patch Management Automation Automates installation of software security patches. |
. | No information available |
|
USB/Peripheral Control Restricts use of removable storage and peripheral devices. |
. | No information available |
|
Browser Security Controls Secures web browsing on endpoints. |
. | No information available |
|
Endpoint Health Checks Ensures only compliant endpoints can access network resources. |
. | No information available |
|
Real-time Threat Monitoring Provides continuous monitoring for endpoint threats. |
. | No information available |
|
Phishing Protection Detects and blocks phishing attempts delivered to endpoints. |
. | No information available |
Application Security
(0 Yes /0 Known /12 Possible features)
|
Secure Software Development Lifecycle (SDLC) Integrates security checkpoints at each phase of application development. |
. | No information available |
|
Static Application Security Testing (SAST) Analyzes source code for vulnerabilities during development. |
. | No information available |
|
Dynamic Application Security Testing (DAST) Tests running applications for vulnerabilities. |
. | No information available |
|
Web Application Firewall (WAF) Protects web applications from common threats (e.g., OWASP Top 10). |
. | No information available |
|
Code Review Automation Automated scanning and review of codebases for security issues. |
. | No information available |
|
Vulnerability Patch Frequency How often identified vulnerabilities are patched. |
. | No information available |
|
API Security Tools Protects APIs from unauthorized access and attacks. |
. | No information available |
|
Application Penetration Testing Regular testing of application defenses by ethical hackers. |
. | No information available |
|
Security Configuration Management Ensures secure default configurations for all applications. |
. | No information available |
|
Third-Party Library Scanning Checks for vulnerabilities in third-party dependencies. |
. | No information available |
|
Secure Coding Standards Enforcement Mandates use of published secure coding guidelines. |
. | No information available |
|
Sandboxing Capabilities Runs applications in isolated environments to limit possible attacks. |
. | No information available |
User Monitoring and Incident Detection
(0 Yes /0 Known /11 Possible features)
|
User Activity Logging Records all user actions on sensitive systems. |
. | No information available |
|
Security Information and Event Management (SIEM) Centralizes analysis of security events and alerts. |
. | No information available |
|
Anomaly Detection Algorithms Uses machine learning or heuristics to spot unusual behavior. |
No information available | |
|
Real-time Alerting Notifies security teams instantly of potential security incidents. |
. | No information available |
|
Automated Incident Response Initiates response playbooks or actions upon detection. |
. | No information available |
|
Data Loss Prevention (DLP) Monitors for, and prevents, the unauthorized movement of sensitive data. |
. | No information available |
|
Session Recording Captures user sessions for review and auditing. |
. | No information available |
|
Alert Resolution Time Average time to resolve security alerts. |
. | No information available |
|
User Behavior Analytics (UBA) Analyzes statistical user behavior to find security issues. |
. | No information available |
|
Privilege Escalation Detection Detects when a user tries to gain unauthorized access. |
. | No information available |
|
Reporting Dashboard Provides graphical reports and summaries of user and incident data. |
. | No information available |
Compliance and Regulatory Controls
(9 Yes /9 Known /12 Possible features)
|
GDPR Compliance Meets the General Data Protection Regulation requirements. |
Marketing and documentation emphasizes GDPR compliance capabilities through customizable workflows and data subject rights management. | |
|
PCI DSS Compliance Meets the Payment Card Industry Data Security Standards. |
Risk Cloud provides PCI DSS tracking and reporting as part of its compliance frameworks. | |
|
SOC 2 Reporting Supports System and Organization Controls (SOC) 2 compliance. |
SOC 2 compliance features are called out in LogicGate Risk Cloud's compliance reporting modules and resources. | |
|
Automated Compliance Monitoring Continuously checks systems for compliance with defined standards. |
Automated compliance monitoring is described as a core platform ability—continuous controls and evidence tracking. | |
|
Policy Management Tools Enables creation, approval, and enforcement of compliance policies. |
LogicGate Risk Cloud enables organizations to create, manage, and enforce security/compliance policies and workflows. | |
|
Automated Regulatory Updates Monitors and integrates regulatory change notifications. |
. | No information available |
|
Audit-ready Reporting Generates reports immediately usable in compliance audits. |
Audit-ready reporting and evidence management are advertised as product differentiators in compliance and GRC workflows. | |
|
Compliance Checklist Management Tracks and manages compliance requirements and status. |
Compliance checklist/requirement management is a standard feature for tracking and status via customizable workflows. | |
|
Data Subject Request Management Assists with requests under privacy laws (e.g., access, delete, rectify). |
Risk Cloud helps manage data subject requests (DSAR) under privacy laws, supported by workflow automation and documentation trail. | |
|
Automated Incident Reporting Files regulatory notifications of security incidents per jurisdiction. |
Automated incident reporting workflows are possible through LogicGate, which routes, tracks, and documents incident management and reporting requirements for various regulatory frameworks. | |
|
Breach Notification Timeliness Average time from breach discovery to notification. |
. | No information available |
|
Consent Management Tools Captures, manages, and documents client consent under CCPA/GDPR/etc. |
. | No information available |
Physical Security
(0 Yes /0 Known /11 Possible features)
|
Access Control Systems Restricts physical access to authorized personnel only. |
. | No information available |
|
Security Surveillance Cameras Monitors facilities with video recording for incident review. |
. | No information available |
|
Visitor Log Management Tracks all external personnel entering secure areas. |
. | No information available |
|
Biometric Access Controls Uses fingerprints or facial recognition to authorize personnel. |
. | No information available |
|
Alarm Systems Detects and alerts to unauthorized entry or incidents. |
. | No information available |
|
Physical Asset Tagging Tags and inventories critical devices for monitoring. |
. | No information available |
|
Equipment Disposal Procedures Ensures secure destruction or wiping of retired equipment. |
. | No information available |
|
Onsite Security Staffing Employs dedicated personnel for facility security. |
. | No information available |
|
Environment Monitoring Detects fire, water, or temperature threats to IT environments. |
. | No information available |
|
Secure Area Designation Defines and enforces areas with restricted access. |
. | No information available |
|
Physical Penetration Testing Regularly tests the effectiveness of physical security defenses. |
. | No information available |
Business Continuity and Disaster Recovery
(0 Yes /0 Known /11 Possible features)
|
Automated Backups Schedules and maintains regular data backups. |
. | No information available |
|
Backup Frequency How often data backups are performed. |
. | No information available |
|
Backup Retention Policy Policies for how long backups are retained. |
. | No information available |
|
Disaster Recovery Plan Documentation Maintains comprehensive documentation for recovery procedures. |
. | No information available |
|
Failover Systems Automatic switching to redundant resources during outages. |
. | No information available |
|
Recovery Time Objective (RTO) Maximum allowable downtime for critical systems. |
. | No information available |
|
Recovery Point Objective (RPO) Maximum allowable data loss measured in time. |
. | No information available |
|
Ransomware Recovery Tools Capabilities to recover data in the event of ransomware attacks. |
. | No information available |
|
Tabletop Testing Frequency How often disaster recovery plans are tested via scenarios. |
. | No information available |
|
Data Center Redundancy Ensures backup systems are located geographically apart. |
. | No information available |
|
Alternate Communication Channels Provides backup communications (e.g., phone, messaging). |
. | No information available |
Vendor and Third-Party Risk Management
(0 Yes /0 Known /10 Possible features)
|
Third-Party Security Assessments Evaluates vendors’ security postures before partnership. |
. | No information available |
|
Vendor Onboarding Controls Standard procedures to ensure secure onboarding. |
. | No information available |
|
Continuous Vendor Monitoring Regularly reviews vendors for changing risk. |
. | No information available |
|
Data Sharing Agreements Specifies how client data is shared, used, and protected. |
. | No information available |
|
Contractual Security Clauses Mandates specific security obligations in contracts. |
. | No information available |
|
Vendor Breach Notification Time Time required for vendors to disclose breaches. |
. | No information available |
|
Shared Responsibility Matrix Defines security responsibilities among parties. |
. | No information available |
|
Fourth-Party Risk Visibility Tracks risk due to your vendors’ suppliers. |
. | No information available |
|
Due Diligence Documentation Retention How long vendor risk assessment records are kept. |
. | No information available |
|
Integration Security Testing Validates the security of vendor software/API integrations. |
. | No information available |
Security Awareness and Training
(0 Yes /0 Known /11 Possible features)
|
Mandatory Security Training All staff must complete initial and periodic security training. |
. | No information available |
|
Phishing Simulation Exercises Regular simulated attacks to train staff in recognizing threats. |
. | No information available |
|
Social Engineering Awareness Includes modules on social engineering tactics and response. |
. | No information available |
|
Customizable Training Content Adapts content to organization roles and needs. |
. | No information available |
|
Incident Response Training Teaches staff their responsibilities in event of breach. |
. | No information available |
|
Security Policy Acknowledgement Staff must confirm understanding/compliance with policies. |
. | No information available |
|
Training Completion Tracking Monitors which users have completed required courses. |
. | No information available |
|
Knowledge Assessment Quizzes Tests user retention and comprehension after training. |
. | No information available |
|
Training Frequency How often training must be renewed. |
. | No information available |
|
Multilingual Training Support Offers content in multiple languages. |
. | No information available |
|
Executive & Board Training Programs Tailored programs for senior leadership. |
. | No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.