How to set up Workflows in TrustWorks
Workflows in TrustWorks empower you to automate key processes, reducing manual effort and improving efficiency across privacy, security, and compliance tasks. By leveraging workflows, you can seamlessly manage activities like Data Subject Requests (DSRs), Assessments, and Data Mapping. This guide explains how to set up workflows effectively, covering their functionalities, types, and actionable tips for maximising their potential.
Getting started with workflows
To access workflows, navigate to the Workflows section in the left-hand menu.
Here’s how to create a new workflow:
Click the
+ New Workflow
button.Choose one of the following options:
- Data Subject Request: Automate the handling of DSRs to ensure compliance with privacy regulations.
- Data Mapping: Automate actions like triggering notifications, assessments, or code scans based on events such as detecting a new data repository.
- Assessment: Simplify the creation and tracking of assessments for privacy, security, or compliance.
Each type caters to specific objectives, which we will discuss in detail below.
Understanding Workflow Elements
When you create a workflow, it begins with a basic structure of Start and End points. To build a meaningful workflow, drag and drop the following elements:
- Triggers: Define the event that initiates the workflow (e.g., "Assessment is created" or "Data repository is detected").
- Actions: Specify what happens next, such as sending an email, creating a task, or running a survey.
- Flow Elements: Enable complex structures, like branches for conditional logic or parallel processing. Keep in mind that diverging paths must always be merged.
Every workflow requires at least one ‘Trigger’ element to be initiated. To connect a trigger to the ‘Start’ element, click on the dot underneath the trigger box and drag it to the dot on top of the ‘Start’ box.
For a visual guide, watch the GIF below:
Do the same with all the other elements. First, delete the connecting line between ‘Start’ and ‘End’, add the elements and connect them in the order you want the flow to execute.
The ‘Flow’ elements are essential when creating branches within the workflow. For example, after an approval step where you have one branch for ‘accepted’ and another for ‘rejected’. Then you need to merge the branches before the ‘End’ point. ‘Parallel’ is used, for example, to run parallel actions in different data repositories for a Data Subject Access request.
In the bottom left corner of the workflow chart you will find some tools:
- Zoom in
- Zoom out
- Fit to screen
- Lock the workflow
- Straighten the workflow
Workflow types
Data Subject Requests
For the Data Subject Requests (DSRs), you will see the request types that you’ve chosen in Settings > Data Subject Requests:
Next, you select the Subject Type (which you also choose in the Settings > Data Subject Requests):
You can now create your workflow, name it, and add the needed elements.
Assessments
You can create workflows for assessments for either Data Repository, Initiative, or Processing Activity:
The triggering event will always be: ‘Assessment is created’ from the corresponding entity.
The available actions for the assessment workflows are: Approve, Send Email, Survey, Task:
You can read much more about workflows for assessments here.
Data Mapping
The Data Mapping workflows are a bit more diverse and this is where you can create those small workflows to make the platform work even more for you by automating notifications, sending a survey when a new data repository is detected, and many more things.
When you select the ‘Data Mapping’ workflow type, the workflow is created straight away.
The triggering events can be:
- Data repository is created
- Data repository is detected
- Processing activity is created
- Code repository is created
For example, you can create a workflow to receive email notifications whenever a new data repository is created or detected, helping to significantly reduce shadow IT in your organisation.
Below is an example of a workflow to send an email when a new data repository is detected:
The privacy team can then decide how to handle this new data repository. For example, you can add a task to the same workflow for someone to research it or send a survey.
You can use any of the surveys related to data repositories, or you could create a specific one for shadow IT that could look something like this:
The elements you can add to the data mapping flow are slightly different. Specifically, you will find the ‘Code scan’ element. This will only work with the ‘Code repository is created’ trigger.
Conclusion
Automation is key to streamlining your work, and TrustWorks’ no-code workflows make it simple. Whether you’re managing DSRs, assessments, code scans, or other tasks, workflows help you maximise the platform’s capabilities and efficiency.