February’s updates are designed to help teams prepare for audits faster, collect vendor documentation with less manual effort, and keep customers informed more proactively through Trust Portal updates. This month, we have introduced smarter guidance with Scrut Teammates that automatically maps policies to controls and detects policy and evidence gaps earlier.
Here’s what’s new this month:
- Smarter compliance guidance with Scrut Teammates: Automatically map policies to controls and proactively detect policy gaps and evidence gaps, with recommendations surfaced directly with our native AI.
- Faster vendor process: Auto-fetch Vendor Trust Portals documentation directly, to seamlessly collect complete evidence upfront.
- Trust Portal Subscriptions: Your customers can now subscribe and receive instant notifications whenever your Trust Portal updates are published.
- Frameworks coverage: New support for ISO/IEC 27701:2025 for Privacy Information Management Systems.
- Platform enhancements: Multi-zone support for Cloudflare integration and checklist-scoped device compliance evaluation.
Get contextual guidance on policy and evidence gaps with Scrut Teammates
Audit preparation often involves repeated manual checks to confirm that policies are mapped correctly, evidence is complete, and gaps are identified before they surface during review.
With these updates, Scrut Teammates is designed to make that process more proactive by helping teams detect issues earlier, reduce repetitive validation work, and improve audit readiness with more contextual guidance.
Map uploaded policies to the right controls automatically: Scrut Teammates analyzes your policy documents and suggests policy - control mappings for both standard Scrut controls and custom controls. You can accept, reject, or adjust suggestions before saving.
Get proactive policy gap guidance: Scrut Teammates evaluates policy alignment and surfaces gaps such as outdated policies, missing policies, controls not implemented correctly, etc, helping you understand whether a policy is “good enough” and what to update next.
Detect evidence gaps automatically as you upload them on Scrut: Scrut Teammates runs automatic gap analysis when evidence is uploaded or updated for the current audit period. This helps flag missing requirements, partial control coverage, and documentation inconsistencies. Scrut Teammates also recommends the next steps.
Please note that all these features require Scrut Teammates to be enabled. Enable it from the settings or get a quick walkthrough, contact your Scrut CSM.
If you’re new to Scrut, book a demo to see how Scrut Teammates helps teams execute faster and reduce compliance busywork.
Auto-fetch vendor trust details and documents from the Trust Portal
Third-party reviews often get delayed at a specific point: the questionnaire is in motion, but the supporting context is still incomplete. Teams may have to track down trust documents separately, and even when vendors respond on time, key attachments may still be missing.
With these new updates, Scrut helps help close that gap by making it easier to bring the right documents into vendor review and ensure critical evidence is submitted upfront.
- Bring vendor trust documents automatically from their Trust Portal: Scrut can now recognize known vendors as you add them and link their compliance information directly to the vendor record, making it easier to collect and review relevant trust documents in the same workflow as the assessment.
- Capture required supporting evidence before the questionnaire is submitted: You can now make attachments mandatory for selected questionnaire questions, so vendors must upload the documents you need, such as policies, certifications, or reports, before they can complete their response.
Scrut helps vendors with seamless reviews and better documentation collection. Check out how to manage third-party risks with Scrut.
Auto-notify stakeholders and customers of Trust Portal updates
Trust information doesn’t stay static. New documents get published, updates get made, and customers or prospects may need to know when something changes. Until now, staying up to date meant checking the trust portal manually. With the new Trust Portal subscription:
- Let Trust Portal viewers subscribe to future updates: Customers, stakeholders, and vendors can now subscribe to your Trust Portal updates and receive email notifications whenever new information is published or existing content is updated.
- Manage subscribers more flexibly across different use cases: Subscriptions can also be managed within Scrut by adding subscribers manually, reviewing verified and pending subscribers, and selecting whether notifications should be sent when updates are published.
With this enhancement, customers can be kept informed about certifications, security improvements, and compliance updates without relying on manual communication.
See how Scrut’s Trust Portal helps you centralize trust content, control access with NDA-backed sharing, and keep stakeholders updated automatically. Book a demo to see how you can create your own customized and branded Trust Portal.
Support for new frameworks
Scrut now supports ISO/IEC 27701:2025 out of the box, alongside 70+ other ready-to-use frameworks. As an extension of ISO 27001 for Privacy Information Management Systems (PIMS), ISO/IEC 27701:2025 is intended to help organizations manage personally identifiable information as controllers or processors while aligning with global privacy expectations, such as the GDPR and the CCPA.
With this update, privacy requirements can be mapped to existing ISO 27001 controls, structured evidence and policy suggestions can be accessed, automated Statements of Applicability can be generated, and readiness reports can be produced for internal and external stakeholders. This enables privacy programs to be scaled more effectively while compliance oversight remains centralised.
Explore the Scrut Frameworks Library to access 70+ ready-to-use frameworks, or connect with our team to set up a custom framework tailored to your compliance program.
Other platform enhancements
Two additional platform enhancements have also been introduced this month.
Checklist-scoped device compliance evaluation: Device compliance status is now evaluated only against integrations that are relevant to an employee’s assigned checklist. This helps prevent unrelated integrations from affecting compliance results while all devices remain visible within the Asset Management module.
Multi-zone support for Cloudflare integration: Multiple zones can now be selected within a single Cloudflare integration, enabling monitoring, evidence collection, and test execution across multiple domains.
Click here to explore all the integrations supported by Scrut.
%201.png){kind=icon}
