Setting up Task Notifications

Giving permissions to team members

Inviting Users

Task Management explained 

Creating Tasks 

Creating roles

Assigning Data Source Access

Hardware Compliance Score Sync

Creating Departments and Assigning Users 

Scanning your website

Scanning your SSO 

Jira

Microsoft Intune

Personio

Working together in Kertos

Scanning your cloud

Inventorization of vendors

Applying controls to risks

Managing risks

Setting up your trust center

KAIA explained

Principles of AI at Kertos

Frameworks explained

Managing & implementing controls

Completing & assigning trainings

Creating a RoPA

Creating TOMs

Creating DPIAs

DSRs explained

Setting up a request automation

Processing DSRs

Closing processed DSRs

Creating DSRs

Ingress API Docs for DSRs 

Webhook API Docs for DSRs 

Platform Terms Glossary

Discovery explained

Inventorization of systems

Inventorization of assets

Reporting incidents

Creating & managing policies

EU AI Act: Inventorization of AI use cases

Interacting with KAIA

Task Management

How to manage your organization with users, departments, and roles.

Organization

Streamline and automate your compliance workflows with our integrations.

Integrations

Automatically discover compliance-relevant data objects.

Discovery

Sync tasks seamlessly between ticketing tools.

Tasks

Sync mobile devices to your asset inventory automatically.

Device Management

Add users who enter your organization automatically.

Human Resource Information Systems

How to manage vendors, systems, and assets.

Inventory

Risks

Trust Center

Incidents

Learn how to use Kertos Artificial Intelligence.

KAIA

Learn how to to get the most of our compliance Agent.

How to achieve compliance with multiple frameworks, utilizing policies and trainings.   

Compliance

How to achieve compliance with privacy frameworks.

Privacy Management

How to handle and automate DSRs in Kertos.

Data Subject Requests

API Reference

How to achieve compliance with Auto Checks.

Auto Checks

<h3>How to set up a trust center&nbsp;</h3>&nbsp;<img class="image_resized" style="width:auto;" src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-11-25-2024_01_41_PM.png" alt="">&nbsp;1. Go to “Trust Center” in the nav bar.2. Once you clicked on it, you can click “Setup Trust Center” and are being then redirected to the trust center edit page.&nbsp;<img class="image_resized" style="width:auto;" src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-11-25-2024_01_42_PM.png" alt="">3. You have these options for editing your trust center::<ul><li>Header image: you can upload any header image here (the image should be 7.000 pixels wide)</li><li>Logo and the company name, which is done in the settings so if you already added this it will be shown here automatically</li><li>Link to privacy policy: the link to your privacy policy can be added in the company settings</li><li>Overview: you can describe your company, and it’s view on data/information security</li><li>Compliance: add all the frameworks, standards and laws here that you comply with</li><li>Resources: You can select the resources that should be available in your trust center. The resources of interest can be either certificates, reports (such as SOC2), which you can easily upload or choose to show policies on your trust center</li><li>Subprocessors: you have vendors that you share data with, choose from your inventoried data sources that are in use in your company.</li><li>Controls: demonstrate security by showing the measurements you set in place in order to guarantee security</li><li>FAQs: we will present you with a pre-set of suggested FAQs, but you can individualize them as you want</li><li>Colour: the colour (light mode or dark mode) is automatically set depending on the users OS setting</li></ul>4. Once you have added all the information you want to be available on your trust center you can press save or publish.&nbsp;<h3>Choose access options for resources</h3>As you don’t want everyone to have access to all information, you can choose if resources are<ul><li>Public: Accessible to everyone, everyone can download those resources</li><li>Limited access: Accessible only via requesting access; users need to request access, which then needs to be granted by admins</li><li>Restricted: Only shows the name without the possibility for request.</li></ul>&nbsp;<figure class="image"><img src="https://cdn-assets.productfruits.com/4b9e6855-cc26-40ba-a3b0-4ed9aabb8b59"></figure>&nbsp;1. In "Resources", click on "Link your policies" or "Upload certificates"2. You can then select the accessibility for each resource in the drop-down menu.We also track which customer, requested access when and to which documents:&nbsp;<img src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-12-16-2024_01_32_PM.png" alt="">&nbsp;You can manage all requests in the requests section on the trust center page.&nbsp;<ul><li>In pending you see all pending requests&nbsp;</li><li>In completed, all “denied” or “accepted” requests.&nbsp;</li></ul>When access was granted, then the user has 72 hours to access this information. After this, they would need to request access again.Please note that requesting access to one document will also allow the user to see all other documents that have limited access.<h3>How to publish</h3>We offer two options on where to publish your trust center.&nbsp;<h4>Publish trust center on the Kertos URL&nbsp;</h4>&nbsp;<img class="image_resized" style="width:auto;" src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-11-25-2024_01_43_PM.png" alt="">If you choose this option we will create a URL which is based on our domain which means it will look similar to this:https://kertos.io/yourcompanyname/…..This means that your potential clients that want to review your security setup will access the trust center through this URL (https://kertos.io/yourcompanyname/….. ).&nbsp;<h4>Publish trust center on your own domain&nbsp;</h4>&nbsp;<figure class="image"><img src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-12-16-2024_01_35_PM.png" alt=""></figure>&nbsp;First, you need to input your companies’ domain, which will then determine the URL under which the trust center will be reachable such as:<a href="http://trust.yourcompanyname.com/">trust.yourcompanyname.com</a><blockquote>Choose URL carefullyWhen choosing the URL please ensure to take the one most relevant for you. You will not be able to edit it once you proceeded to the next step. If you want to change it please contact our support.</blockquote>After pressing continue you will be redirected to an info page, that shows you the data which you need to input in your DNS configuration. Once this is done, it can take up to 24-48 hours till the record is stored. Only then, your trust center can be accessed via:&nbsp;<a href="http://trust.yourcompanyname.com/">trust.yourcompanyname.com</a>We will monitor if the entries are working and once this is done you will see a small “active” badge in the top right corner of your trust center editing page.&nbsp;<h3>How to republish&nbsp;</h3>If you want to change information on your trust center, you simply click on edit trust center, edit the necessary information and press publish.<h3>Deletion</h3>If you delete information that is available on your trust center in the Kertos app, such as a policy, this policy will also automatically be removed and not accessible on the trust center any more. This prevents risks that outdated or deleted information is still accessible on your trust center.

For instance, if you already made a lot of progress on ISO 27001, you might have already implemented some of the controls that are relevant to the EU AI Act framework.&nbsp;<figure class="image"><img src="https://cdn-assets.productfruits.com/455d9646-5e8f-441b-930b-7273b0c04de6"></figure>&nbsp;<h3>Filtering controls according to framework</h3>If you want to go into detail on a framework, you can<ul><li>Filter controls from the Frameworks page</li><li>Filter controls from the Controls page</li></ul>&nbsp;<h4>Filtering controls from the Framework view</h4><img src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-09-30-2024_01_10_PM(2).png" alt="">&nbsp;1. In the frameworks overview, click on the little arrow in the top-right corner of the respective framework.2. This will redirect you to a pre-filtered control overview.&nbsp;<h4>Filtering controls from the Controls page</h4>&nbsp;<img src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/Kertos-09-30-2024_01_32_PM(1).png" alt="">&nbsp;1. On the controls page, go to the filter menu in the top-left corner.2. Select the framework that you want to filter for and, if applicable, the sub-category of the framework.

&nbsp;Specifically, you can automatically identify:<ul><li>Vendors</li><li>Data Sources (the tools that vendors provide you with)</li><li>Data Classes (categories of data that data sources feed into)</li><li>Processing Activities</li><li>Users</li><li>Assets</li></ul>&nbsp;<h3>Discovery channels</h3>From the discovery page, you can access multiple channels through which you can discover your organization’s data.&nbsp;<blockquote>Not every channel is able to uncover all categories of data</blockquote>&nbsp;<ul><li>Website Scan_ Scans your website for connected tools.</li><li>Single-Sign-On (SSO) Scan: Scans your SSO-Account for tools and users.</li><li>Cloud Scan: Scans your cloud infrastructure for digital assets.</li></ul>&nbsp;<figure class="image"><img src="https://cdn-assets.productfruits.com/45480b44-7791-412a-9585-7c92e9e4679a"></figure>&nbsp;<h3>Running a Discovery</h3>1. Go to "Integrations" in the navigation bar and then to "Discovery".2. Locate the desired channel on the page.3. Click on “Setup”.3. Follow the next steps according to the selected channel.&nbsp;<h3>Resetting Discovery</h3>If you want to remove all discovered items at once (across all data types), you have a dedicated option for that in the settings.&nbsp;<figure class="image"><img src="https://cdn-assets.productfruits.com/a72eb201-492c-4b7a-a464-8536aed1c1d4"></figure>&nbsp;1. Go to “Settings” in the navigation bar.2. Go to the tab “Discovery”.3. Click “Reset Discovery”.4. Confirm the deletion.&nbsp;<h3>Next steps</h3>After the discovery, the next steps are to either activate or archive the discovered data objects like vendors, systems, and assets, and provide the necessary information for every data object that you activate.&nbsp;<figure class="image"><img src="https://cdn-assets.productfruits.com/0cf179d5-0b74-4f4f-b935-b866f17ebd3d"></figure>&nbsp;This principle applies throughout the Kertos platform. See the individual articles in the "Inventory" section for more guidance.&nbsp;<h3>FAQ</h3>What is the Kertos discovery?Discovery is the umbrella term for integrations that we offer that discover compliance-relevant data for you automatically, like data sources, vendors, assets, and users.Which discovery integration should I use?Not every integration can discover all types of data objects. In the discovery tab of the integrations page, you can see in every integration box which data objects are being synchronized by this integration. We recommend to use as many as discovery integrations as possible, so that profit as much as possible from Kertos’ automating capabilities.What is the difference between the discovery integrations?They integrate with different external systems that you already use in your organization, for example, cloud services, mobile device management, or SSO.What should I do after the discovery?The discovery is there to gather the data objects that could be relevant to your compliance efforts. These data objects will then show up in the “discovered” tab of each data object page, like vendors, for example. It is then your job to select the objects that are actually relevant by moving them to “active”. Please refer to our help center for step-by-step guidance if you need further assistance.

<h3>EU AI Act in Kertos</h3>In Kertos you have the possibility to create your AI Inventory, assess the different systems or use cases by risk, role, and also understand which obligations you have to fulfill depending on the risk/role assessment.You have three different starting points for building up your AI inventory:<ul><li>From the AI Inventory</li><li>From the systems detail page</li><li>From the assets detail page</li></ul>&nbsp;<h4>From the AI Inventory</h4><figure class="image"><img src="https://cdn-assets.productfruits.com/c73c0dc7-dbee-4361-a77b-60fd83ea3a11"></figure>&nbsp;1. Click "Add AI Use Case"2. Add all necessary information to fully document your AI Use Case.3. At the end of the form you can upload documents such as technical documentation, test data sets or any document important for the specific AI Use Case. &nbsp;&nbsp;<h4>From the systems detail page</h4>When we discover new systems or you add a new one manually, you can directly edit those and mark them as potential AI data source. This means that it is AI enabled, and you might use this data source’s AI capabilities.&nbsp;<img src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/image(111).png" alt="">&nbsp;1. In the system's detail view, enable the toggle saying "Is AI used within this System?"2. If applicable, assign the corresponding use case&nbsp;<h4>From the asset detail view</h4>When we discover new asset/you add new assets, you can directly edit those and mark them as potential AI asset. This means that it is AI enabled, and you might use this asset’s AI capabilities. By marking this as AI asset, you can directly link existing/new AI use cases to the data source.&nbsp;<img src="https://cdn.document360.io/4bdaa174-1e27-40aa-b933-8112c302e904/Images/Documentation/image(110).png" alt="">&nbsp;1. In the asset's detail view, enable the toggle saying "Is AI used within this Asset?"2. If applicable, assign the corresponding use case &nbsp;

Go back to application

Was this article helpful?

You recently requested to reset your password for your account. Use the button below to reset it. This password reset is only valid for the next 24 hours.

If you’re having trouble with the button above, copy and paste the URL below into your web browser.

Please check your email for instructions to reset your password.

Check your email

Enter your email address and we will send you instructions to reset your password.

Please enter a new password below.

Set your password

Ask a question here and get an AI-tailored answer immediately

Kertos Help Center