May’s updates are all about control, clarity, and expanded coverage. This month, we’ve focused on making it easier to manage branding, identify risks early, streamline policy maintenance, and extend your compliance reach with new integrations and frameworks. Here’s what’s new:
- Customize the Trust Vault interface to reflect your company’s visual branding.
- View a library of common risks in one dedicated Risk Discovery tab.
- Simplify editing and consistency across policy templates via Policy Variables.
- Updated integration support for Microsoft Teams, Sophos Central, Jira, and more tools for Access Review.
- Three new frameworks added — US Data Privacy Framework, Cyber Essentials v3.2, and Botswana DPA — along with an updated mapping for RBI CSF
Let’s dive in.
Customize the Trust Vault to reflect your branding
You can now align your Trust Vault with your company’s visual identity for a more consistent and professional experience, especially when sharing it with customers, auditors, or partners.
From the new Branding tab in Trust Vault settings, you can:
- Upload your company logo and favicon, and set your primary brand color.
- Customize the page title, organization name, and font.
- Preview changes in real-time before saving
These updates make it easy to ensure your Trust Vault reflects the same look and feel as your other external-facing assets. To try it out, head to Trust Vault → Settings → Branding and explore the options.
Not using Scrut yet? Schedule a demo to see how you can create a public-facing Trust Vault that showcases your security posture, builds trust with prospects, and helps you close deals faster.
Access a library of pre-populated risks with Risk Discovery
The Risk Discovery tab (in the Risk Management module) is a pre-curated library of potential risks, categorized and labeled by type. It is designed to help you quickly build and populate your Risk Register with common, industry-relevant risks and those flagged by Scrut Teammates.
With this feature, you can:
- One-click addition: Add risks to your Risk Register with a single click and customize them later as needed.
- Filtered view: Filter by category or use the search bar to find specific risks quickly.
Want to see it in action? Schedule a demo to explore how Risk Discovery can help you build a robust risk management strategy from scratch.
Use Policy Variables to simplify policy editing
Managing multiple policies often means repeating the same information, like organization names, addresses, product details, and more, across dozens of documents.
With Policy Variables, you can now define these standard details once, and Scrut will auto-fill the values wherever the variable is used. When something changes, simply update the value at the source, and all associated policies will reflect it instantly.
With this new update, you spend less time on manually updating policies while ensuring consistency across multiple documents.
To try out this feature, reach out to your Scrut Customer Success Manager or connect with us one-on-one for a demo.
New and updated integrations
We’ve expanded and updated our integration library to improve visibility, streamline access governance, and make it easier for teams to stay aligned across the tools they already use. Here’s what’s new:
- Microsoft Teams (New): Get real-time task reminders and security alerts directly in your Teams, including Trust Center activity, test status updates, integration failures, and more.
- Sophos Central (New): Connect your Sophos MDM to Scrut to automate employee device population, asset management, access reviews, and compliance tests for encryption, monitoring, ownership, and critical data tracking.
- Access review for Calendly, Figma, Apollo.io (New): You can now review user access for these commonly used platforms to ensure only the right people retain access to critical systems.
- Jira (Updated): Tasks created from Scrut now include clearer titles, synced due dates, and structured, auto-generated descriptions — making it easier for engineering and compliance teams to stay aligned.
Explore all available integrations in the Scrut platform, or submit a request if there’s a tool you’d like us to support next.
New and updated frameworks
This month, we have added three highly requested frameworks to help you stay ahead of evolving global compliance requirements. You can add each of these from the Frameworks module, map controls, track progress, and export reports — all in one place.
- US Data Privacy Framework: A unified structure that combines requirements from 14+ state-level privacy laws, helping teams manage obligations across jurisdictions through a single control set.
- Cyber Essentials v3.2: Released by the UK’s NCSC in April 2024, this version brings updated requirements for cloud services, MFA, device security, and patch management.
- Botswana Data Protection Act (2024): In effect since January 2025, this updated law replaces the 2018 Act and aligns with global standards like the GDPR, with stricter rules for data handling and cross-border transfers.
- RBI CSF (Updated mapping): The framework now includes fewer controls (133 → 108) and evidence items (161 → 82), streamlining compliance without compromising coverage.
Browse Scrut’s framework library or reach out to your Customer Success Manager to explore custom framework requests aligned with your compliance objectives. Stay tuned for more product updates, and subscribe to our newsletter, GRC Wire, for expert insights delivered straight to your inbox.
