Getting Started with Framework-Level Questions

After selecting the laws and standards to focus on from the Applicable Standards page, you can begin analyzing your privacy program's readiness. Customers who have just started or have not yet entered data into the Policy & Standards Library can start with another law or standard. TrustArc recommends starting with the Framework. This will help you begin to evaluate your overall privacy program and develop your Policy & Standards Library. As you answer the Framework-level questions and build your Policy & Standards Library, you will notice TrustArc's intelligence engines hard at work measuring your organization's readiness against not only the Framework but also the policies and standards you have created.

Customers who have already set up their organization in My Company Info and added some Accountability Mechanisms to their Policy & Standards Repository can visit the Getting Started - Current Customers page to learn how to begin in PrivacyCentral.

To start responding to questions, follow these steps:

  1. On the Program Overview page, go to Applicable Laws and Standards and click the Start or Continue button of the standard you want to assess. 

    NOTE: You can hover over the percentage bars of the law or standard, assurance program, or attestations to display the number of controls that still need to be completed.
  2. Start by answering the first set of questions. Questions with Met by Evidence status are controls common in other laws. Answering Yes to these questions or leaving the questions as they are will automatically use the common response including the evidence shared. Answering these questions with No or N/A will change the response in the other law(s) and deselect the included evidence(s). 

    NOTES:
    • You can gauge your progress on the left panel with the number of answered questions over the total number of questions displayed. A checkmark is displayed beside the question in the questions list when it has been answered. You can easily move between questions by clicking a question on the list.

    • Any changes you make to the responses are automatically saved.

  3. To learn more about the associated controls and standards of a question, click on the ellipsis and select Citation Mapping.

  4. If you want to send the question to a different respondent, click Reassign.

    Fill out the pop-up form and add a message. Check the box if you want to send the email immediately or clear the answer, and then hit Send. You may reassign questions to non-system external users by typing in their email addresses under the Respondents field.

  5. In the question’s Note field, you have an option to add a description of your policy, procedure, or mechanism to supplement your evidence.

  6. You can add Accountability Mechanisms, URLs, and files to the questions by expanding the Evidence panel. 

    • Attach a new or existing Accountability Mechanism to Yes responses (1). For No or N/A responses, the Accountability Mechanism section will not display. Follow the steps for adding new AMs in the Policy & Standards Library section.
    • Click Add URL to add multiple URLs (2). They can be renamed, changed, or removed. Note that each URL needs to be unique as duplicate URLs cannot be saved.

    • Drag and drop, or browse files by clicking Upload Attachment to upload multiple files up to 25 MB (3).

      NOTE: Accepted file types include .xls, .xlsm, .xlsx, .doc, .ppt, .pptx, .pdf, .txt. All files or documents uploaded using this feature are treated as attachments rather than accountability mechanisms added to your repository that can be reused across PrivacyCentral.

  7. Click Submit Responses at the bottom of the page after questions are completed and marked in green.

The system will then analyze your responses. To learn how the scores are calculated, look at the Progress Percentage and Control Effectiveness Score.