How to set up Workflows in TrustWorks

Table of contents

• Introduction
• Getting started with workflows
• The basics of the workflows
• Workflow types
  • Data Subject Requests
  • Assessments
  • Data Mapping
• Conclusion

Introduction

Workflows in TrustWorks allow you to automate key processes, simplifying tasks and improving efficiency. They are primarily used for managing Assessments, Data Subject Requests, and Data Mapping. In this article, we’ll provide an overview of workflows, highlight their main functionalities, and link to detailed guides for specific use cases.

Getting started with workflows

You will find the Workflows in the menu on the left: 

To create a new workflow, click on the ‘+ New Workflow’ button. This will open a menu with three options:

• Data Subject Request: Automate the process of managing and responding to data subject requests in compliance with privacy regulations.
• Data Mapping: Automate actions triggered by events like creating or detecting data repositories, processing activities, or code repositories. These workflows are commonly used to run code scans, initiate assessments, create tasks, or send emails.
• Assessment: Streamline the creation and management of assessments for privacy, security, or compliance needs.

Select the option that best fits your objective to begin configuring your workflow.

The basics of the workflows

When you create a new workflow, it starts with just the ‘Start’ and ‘End’ points. To build out the workflow, you can add ‘Triggers,’ ‘Actions,’ and ‘Flow’ elements by dragging and dropping them onto the canvas.

Every workflow requires at least one ‘Trigger’ element to be initiated. To connect a trigger to the ‘Start’ element, click on the dot underneath the trigger box and drag it to the dot on top of the ‘Start’ box.

For a visual guide, watch the video below:

Do the same with all the other elements. First, delete the connecting line between ‘Start’ and ‘End’, add the elements and connect them in the order you want the flow to execute. 

The ‘Flow’ elements are essential when creating branches within the workflow.  For example, after an approval step where you have one branch for ‘accepted’ and another for ‘rejected’. Then you need to merge the branches before the ‘End’ point. ‘Parallel’ is used, for example, to run parallel actions in different data repositories for a Data Subject Access request.

In the bottom left corner of the workflow chart you will find some tools: 

1. Zoom in
2. Zoom out
3. Is to center the workflow and fit it to the chart 
4. Is to lock the workflow 
5. Is to straighten the workflow

Workflow types

Data Subject Requests

For the Data Subject Requests (DSRs), you will see the request types that you’ve chosen in Settings > Data Subject Requests:

Next, you select the Subject Type (which you also choose in the Settings > Data Subject Requests): 

You can now create your workflow, name it, and add the needed elements.

You can read more about the DSR workflows here.

Assessments

You can create workflows for assessments for either Data Repository, Initiative, or Processing Activity: 

The triggering event will always be: ‘Assessment is created’ from the corresponding entity. 

The available actions for the assessment workflows are: Approve, Send Email, Survey, Task: 

You can read much more about workflows for assessments here.

Data Mapping

The Data Mapping workflows are a bit more diverse and this is where you can create those small workflows to make the platform work even more for you by automating notifications, sending a survey when a new data repository is detected, and many more things.

When you select the ‘Data Mapping’ workflow type, the workflow is created straight away. 

The triggering events can be: 

• Data repository is created
• Data repository is detected 
• Processing activity is created
• Code repository is created

For example, you can create a workflow to receive email notifications whenever a new data repository is created or detected, helping to significantly reduce shadow IT in your organisation.

Below is an example of a workflow to send an email when a new data repository is detected: 

The privacy team can then decide how to handle this new data repository. For example, you can add a task to the same workflow for someone to research it or send a survey.

You can use any of the surveys related to data repositories, or you could create a specific one for shadow IT that could look something like this: 

The elements you can add to the data mapping flow are slightly different. Specifically, you will find the ‘Code scan’ element. This will only work with the ‘Code repository is created’ trigger.

Read more about workflows for code scan here.

Conclusion

Automation is key to streamlining your work, and TrustWorks’ no-code workflows make it simple. Whether you’re managing DSRs, assessments, code scans, or other tasks, workflows help you maximize the platform’s capabilities and efficiency.