TrustCloud’s AI already pre-fills up to 80% of a security questionnaire, but we’ve developed the next iteration. TrustShare has built new generative AI capabilities called GraphAI. GraphAI will still find the right answer for a security questionnaire topic, but now it will better account for context and generate more natural, accurate responses based on your program controls.
GraphAI is built on a retrieval-augmented generative (RAG) model on our large language model (LLM). We built it this way to ensure speedy, accurate retrieval of information tailored to the query.
But the most important part isn’t the technology we use, but how we train it. Over four years, our model has been trained on tens of thousands of industry data and security questionnaires sourced from public domain and our customers. (We have rigorous privacy standards that we follow to ensure data is secure, and customers can opt in to having our model learn on their information. If they choose to do so, that learning is only used to improve their AI instance, not those of any other customers. Jump to “How TrustCloud maintains data security” for more details.)
Our model training also incorporates an extensive lexicon of security and compliance terminology so our AI can adeptly interpret the intent behind security questions. And it’s exclusive to TrustCloud.
Other AI solutions, including those offered in traditional GRC automation solutions, rely on static knowledge bases. However, TrustCloud operates using TrustGraph—an advanced, interconnected graph model of your entire GRC ecosystem. This includes your specific controls, policies, documents, and knowledge base, upon which your AI instance will train further. Better yet, as you engage with your AI instance, the algorithm will continuously learn and refine its accuracy, so your responses will become even more precise over time.
This means GraphAI will more accurately convey a real-time representation of your security posture with more precise responses. Because TrustGraph dynamically integrates with all your artifacts, you can effectively monitor and manage customer commitments and mitigate the risk of misrepresentation of outdated information.