Simplifying Compliance Across Global Markets
Location: Bangalore, India
Industry: Edtech
The Context
Navigating Compliance in a Global EdTech Landscape
Toddle is an EdTech platform supporting over 40,000 teachers in 1,500 schools across 100+ countries. It offers tools for planning, assessment, and communication to enhance educational outcomes. As it expanded, Toddle faced challenges with compliance, customer data security, vendor risk management, and customer queries. Addressing these issues is crucial for sustaining its global growth and operations.
Anshul Chauhan Director - Governance, Risk & Compliance, Toddle
“Our goal was not just to get compliant with regulations but to build processes that would help us manage risks effectively throughout the year, not just during audits.”
Challenges
Unravelling Complexity: Toddle's Compliance and Risk Management Challenges
Simultaneous Management of Multiple Compliances
Toddle operates in over 100 countries requiring compliance with multiple infosec frameworks simultaneously. Hence a centralized and scalable compliance platform was needed to support their global expansion plans.
Sensitive Data in the Education Sector
As Toddle was handling sensitive data like childrens personally identifiable information (PII), they did not want to settle for compliance as a one time event. So they were looking at setting up of robust controls with continuous monitoring.
Fragmented Vendor Management Processes
Partnering with bigger schools called for a more stringent third party risk management approach. Toddle needed to revamp vendor assessments to protect partner data, streamline vendor relations, and enhance operational effectiveness.
Overwhelming barrage of Customer Security Queries
Toddle lacked a way to showcase their security information to build trust with customers. Without a centralized platform, they spent hundreds of redundant hours finding and sharing information with potential customers.
The Trust Vault was a game changer for us. It allowed our customers to access all the information they needed in one place, saving us countless hours in back-and-forth communication.
The Solution
The one-stop solution for GRC Excellence
Unified Control Framework (UCF) for Multi-framework Management
Scruts UCF offered pre mapped controls for major standards, enabling Toddle to manage GRC artifacts once and comply with multiple frameworks. The Compliance Dashboard tracked progress, linked requirements, and tasks, with dynamic updates for faster scalability.
Continuous Compliance for Data Security
Scrut enhanced Toddle s data management with real time compliance tracking, instant notifications, detailed reports, and dashboards. It enabled quarterly audits, ensuring audit readiness and minimizing non compliance risk without last minute rushes.
Improved Vendor Security
Scrut automated Toddle s vendor intake, security assessments, and data management, reducing delays. Toddle customized intake for vendor risk levels, with Scruts dashboard enabling streamlined communication, tracking key metrics, and prioritizing high risk vendors efficiently.
Proven ROI with Scrut:
Download the Full Case Study Now
The Impact
The one-stop solution for GRC Excellence
Significant Time Savings in Compliance Efforts
With Scruts platform, Toddle completed audits across eight frameworks in under five months. Meeting regulatory requirements faster helped them support their operations in 100+ countries as well as bolster expansion.
Accelerated Audit Processes
With the Scrut Platforms continuous compliance and easy worfklows, Toddle completed audits 10 times faster. The audit module eliminated extensive back and forth with auditors and the corrective action tracker minimized accelerated resolution of auditor requests and findings.
Efficient Vendor Compliance
Toddle saved 50 hours per month on conducting vendor assessments. The platform automated sending questionnaires, streamlined collecting responses via a dedicated vendor portal, and simplified risk assessments.
Customer Inquiries Simplified
Scrut s Trust Vault centralized all security information and kept the trust page dynamically updated. Now customers could self serve their queries by accessing Toddles public facing trust page.This improved satisfaction of existing customers and lowered queries from potential new ones.