Answers to your Digital Trust Portfolio questions

In the digital economy, the foundation of enterprise success lies in cultivating trusted and valuable relationships, interactions, and transactions. Recognizing the essence of trustworthy digital connections is critical for productive relationships with providers, consumers, and partners.

The Digital Trust Framework highlights these aspects, offering enterprises a holistic blueprint for fostering seamless relationships and business processes, minimize obstacles, strengthen loyalty, and generate mutual value. It is designed to be compatible with a multitude of existing frameworks and best practices, including COBIT, ITIL, GDPR, and numerous ISO and NIST standards.

The Digital Trust Ecosystem Framework was designed by business and IT experts dedicated to instilling trustworthy principles into technology and business operations. The framework equips enterprises with good practices and direction to integrate digital trust across the organization, shaping product strategies and initiatives with a trust-focused approach that boosts competitiveness and reputation. This guidance brings together different silos that normally work independently to achieve digital trust in an organization.

The Digital Trust Ecosystem Framework focuses on the key components of building trustworthy relationships between enterprise and consumers including: 1) integrity, 2) security, 3) privacy, 4) resilience, 5) quality, 6) reliability, and 7) confidence. It also addresses three traditional elements (people, process, and technology), and it adds a fourth critical element (organization), and includes detailed practices, activities, outputs, controls, KPIs, and KRI’s that a practitioner can use to implement and assess against.

DTEF will be made available to the public in March 2024.

You can purchase the framework by clicking the link Digital Trust Ecosystem Framework eBook. ISACA members get exclusive discounts to the framework and associated guides and products.

Once you purchase the framework, you can access it by:

• Logging into your ISACA account
• Go to MYISACA < Resources
• Click VIEW – this will launch you to the eBOOK

1. Log in to your ISACA account
2. Select your membership type
3. Fill out the appropriate registration form
4. Find your local chapter
5. Checkout and pay

Join an industry-leading, global community of more than 180,000 working IS/IT professionals and experience the power of an ISACA membership. LEARN MORE

At this time the Framework is only available in eBook format.

DTEF is presently accessible in English, however, ISACA consistently assesses market demand to determine additional language needs.

Digital Trust Ecosystem Framework (DTEF)
March 2024

This framework focuses on the key components of building trustworthy relationships between enterprise and consumers including: 1) integrity, 2) security, 3) privacy, 4) resilience, 5) quality, 6) reliability, and 7) confidence. It also addresses three traditional elements (people, process, and technology), and it adds a fourth critical element (organization). It includes detailed practices, activities, outputs, controls, KPIs, and KRI’s that a practitioner can use to implement and assess against.

Digital Trust Ecosystem Framework: Implementation Guide
March 2024

This e-publication helps organizations determine the proper approach to adopting and implementing a digital trust strategy leveraging the DTEF. It is a flexible approach that allows organizations to focus on their business objectives and determine what trust factors and practices to prioritize for implementation. The guidance is tailorable so organizations can optimize their digital trust posture based on their needs.

Digital Trust Board Briefing
March 2024

This downloadable PDF explains how ISACA’s DTEF can be leveraged to create a digitally trustworthy ecosystem that considers the accountabilities and responsibilities of all enterprise stakeholders and ensures that all digital interactions and transactions are legitimate and trusted. The publication advocates embedding digital trust into an organization’s GRC model as connecting digital actions to the governing structure can positively affect trust between the organization and its stakeholders.

Introduction to the Digital Trust Ecosystem Framework Short course (1 CPE)
March 2024

This 60-minute, self-paced, online course teaches you digital trust concepts and the components of the DDTEF.

Learning Objectives:

• Define digital trust.
• Explain the value and impact of digital trust to an organization’s success.
• Summarize the components of the DTEF
• Describe the nodes and domains that comprise the DTEF

Digital Trust Ecosystem Framework Interactive Guide (5 CPE)
March 2024

This Interactive Learning Tool guides users through the DTEF (key tenants and components and various interactions). The Guide is highly interactive (3-D modeling, resources, additional context and knowledge checks). The purpose of this guide is to help users understand the DTEF, and it is ideal for visual learners. The e-learning format helps users understand the key principles of the digital trust ecosystem framework.

Digital Trust Ecosystem Framework Foundation Course
March 2024

This in-person or virtual instructor-led training will teach you the basics of digital trust and components of the framework, including study materials. This in-person or virtual instructor-led training will teach you the basics of digital trust and components of the framework, It includes study materials that will help prepare you for the Foundation Certificate.

Digital Trust Ecosystem Framework Foundation Certificate
March 2024

Those that pass a 90-minute, multiple-choice exam, earn a Foundations Certificate in Digital Trust.

Digital Trust Ecosystem Framework (DTEF)
Member (USD) - US$50
Non-Member (USD) - US$125

Digital Trust Ecosystem Framework: Implementation Guide
Member (USD) - US$50
Non-Member (USD) - US$125

Digital Trust Board Briefing
Member (USD) - USFREE
Non-Member (USD) - US$25

Introduction to the Digital Trust Ecosystem Framework short course (1 CPE)
Member (USD) - US$50
Non-Member (USD) - US$75

Digital Trust Ecosystem Framework Interactive Guide (5 CPE)
Member (USD) - US$200
Non-Member (USD) - US$300

Digital Trust Ecosystem Framework Foundation Course (pre-con workshop)
Member (USD) - US$650
Non-Member (USD) - US$850

Digital Trust Ecosystem Framework Foundation Certificate
Member (USD) - US$650
Non-Member (USD) - US$850

For the first time ever, ISACA is introducing an interactive guide to help users easily and successfully implement the framework. By charging a nominal fee for the framework and related guides, ISACA is able to invest in more robust tools to benefit framework users and their organizations.

The primary customers for ISACA’s Digital Trust Ecosystem Framework (DTEF) are any business or organization operating in the digital economy. The framework addresses distinct business problems based on customer type.

Large Companies:
For large enterprises, the DTEF and associated suite of products offer a comprehensive roadmap to establish and strengthen digital trust across intricate networks. By providing a holistic blueprint for cultivating trusted relationships and interactions, the framework enhances customer loyalty, minimizes obstacles, and generates mutual value. It helps enterprises navigate the complexities of the digital landscape (including vendor management), ensuring secure transactions and interactions, ultimately fostering sustainable growth.

Startups and Small Businesses:
Startups and small businesses often face resource constraints while building their reputation and customer base. The DTEF acts as a strategic guide, enabling these entities to lay a strong foundation of digital trust from the outset. By adhering to the framework's principles, startups can foster confidence among customers, partners, and investors, establishing a competitive edge and long-term viability. And, the Digital Trust Ecosystem Framework: Implementation Guide helps these organizations hone in on practices and activities that will provide the most value in the context of their business.

Government and Public Sector Organizations:
Public sector entities deal with a vast array of stakeholders, including citizens, businesses, and other government agencies. The DTEF aids in enhancing transparency, accountability, and trustworthiness in digital interactions. By aligning with the framework, government bodies can streamline processes, improve service delivery, and reinforce their commitment to data privacy and security.

Technology and Service Providers:
Companies offering technology and services play a crucial role in enabling digital transformation for their clients. By integrating DTEF principles into their offerings, technology providers enhance the trustworthiness of their solutions. This, in turn, elevates customer satisfaction, accelerates adoption rates, and strengthens partnerships with organizations seeking reliable digital solutions.

Consumers and End Users:
Consumers are at the heart of the digital economy. The DTEF benefits consumers by encouraging organizations to prioritize data security, privacy, and ethical practices, all of which are imperative in this AI age. This leads to improved user experiences, safeguarded personal information, and enhanced confidence in digital transactions, ultimately benefiting individuals across various online interactions.

In essence, ISACA's Digital Trust Ecosystem Framework and suite of products address the variety of challenges faced by organizations by providing a structured approach to establishing and enhancing digital trust. By adhering to the framework's principles and its detailed guidance, organizations across sectors can foster secure, transparent, and mutually beneficial relationships in the digital landscape, thus solving critical business problems and ensuring sustained growth.

Yes, startups and small businesses often face resource constraints while building their reputation and customer base. The DTEF acts as a strategic guide, enabling these entities to lay a strong foundation of digital trust from the outset, and the Digital Trust Ecosystem Framework: Implementation Guide helps these organizations hone in on practices and activities that will provide the most value in the context of their business. By adhering to the framework’s principles, startups can foster confidence among customers, partners, and investors, establishing a competitive edge and long-term viability.

Yes, there are several flexible options to learn about the key tenets and principles of the framework and or prepare for the Digital Trust Ecosystem Framework Foundation Certificate Exam including:

1. Instructor Led Workshops delivered through ISACA chapters and ISACA pre-conference workshops – This In-person or virtual instructor-led workshop will teach you the basics of digital trust and components of the framework.
2. Introduction to Digital Trust Ecosystem Framework 1-hour course - 60-minute, self-paced, online course to teach you about digital trust concepts and the components of the Digital Trust Ecosystem Framework.

   Learning Objectives:

   • Define digital trust.
   • Explain the value and impact of digital trust to an organization’s success.
   • Summarize the components of the Digital Trust Ecosystem Framework.
   • Describe the nodes and domains that comprise the DTEF
3. Digital Trust Ecosystem Framework Interactive Guide - Interactive Learning Tool to guide users through the framework (key tenants and components and various interactions). The Guide is highly interactive (3-D modeling, resources, additional context and knowledge checks). The purpose of this guide is to help users understand use the DTEF, and it is ideal for visual learners. The e-learning format helps users understand the key principles of the digital trust ecosystem framework.

There are several training options and resources to help you prepare to take Digital Trust Ecosystem Framework Foundation

Certificate Exam including:

1. Digital Trust Ecosystem Framework (DTEF).
2. Training (instructor led)
   • Workshops delivered through ISACA chapters and ISACA pre-conference workshops – This In-person or virtual instructor- led workshop will teach you the basics of digital trust and components of the DTEF.
3. Training (Self-Paced)
   • Introduction to Digital Trust Ecosystem Framework 1-hour course - 60-minute, self-paced, online course to teach you about digital trust concepts and the components of the Digital Trust Ecosystem Framework.
   • Digital Trust Ecosystem Framework Interactive Guide - Interactive Learning Tool to guide users through the framework (key tenants and components and various interactions). The Guide is highly interactive (3-D modeling, resources, additional context and knowledge checks). The purpose of this guide is to help users understand the DTEF, and it is ideal for visual learners. The e-learning format helps users understand the key principles of the digital trust ecosystem framework.

The exam will be available in May 2024. By successfully passing this exam, candidates demonstrate their knowledge of Digital Trust concepts, significance, implications and the underlying principles and components of the Digital Trust Ecosystem Framework.

There are no prerequisites. Candidates can register for the Digital Trust Ecosystem Framework Foundation Exam at any time. The online, 2-hour exam is comprised of 60 multiple-choice questions.

To pass the exam, candidates must earn a score of 65% or higher.

Domains Covered in the exam:

• Digital Trust Ecosystem Framework (DTEF) – 62%
• Digital Trust Evolution & Ecosystem – 26%
• Digital Trust Information, Activities, and Artifacts – 12%

No, DTEF is not replacing COBIT. COBIT remains a valuable framework specifically designed for enterprise governance of information and technology. DTEF provides a broader framework covering the wide-ranging aspects of digital trust, ensuring they can be used together to meet different organizational needs.

COBIT is a framework for the enterprise governance of information and technology. DTEF, on the other hand, provides a broader perspective on trust in the digital world, including things like brand reputation, enterprise hiring and training on matters that could impact trust and, and managing all vendors (not just those in the information and technology space). You will see a lot of COBIT in DTEF (especially in the Direct and Monitor domain), but DTEF is more wide-ranging than COBIT.

No, they are not mutually exclusive. COBIT can be seen as a subset within the broader context of DTEF. DTEF provides a more comprehensive framework that includes aspects beyond governance of enterprise information and technology. Organizations can use both DTEF and COBIT concurrently. In fact, those enterprises that have already implemented COBIT, have already implemented a solid set of DTEF practices. COBIT can be applied for specific IT governance needs, while DTEF provides a broader framework to ensure trust in the overall digital environment. It is up to the enterprise to decide what their needs are: if they are looking for a governance solution, COBIT is the proper solution; if they are looking for something more broad or which directly addresses digital trust, DTEF is the ideal solution.

Whether you need DTEF depends on your organization’s goals. If your focus is primarily on governance of enterprise information and technology, COBIT is the right solution. However, if you seek a more comprehensive framework addressing trust in the broader digital landscape, incorporating DTEF is the proper framework to consider.

While COBIT addresses cybersecurity as part of its governance of information and technology processes, DTEF integrates cybersecurity into the broader context of digital trust, emphasizing a holistic approach to securing digital interactions.

No, DTEF does not replace COBIT. COBIT remains a valuable framework specifically tailored for the governance of information and technology, while DTEF provides a more extensive framework covering digital trust which is broader.

COBIT includes processes to aid regulatory compliance in information and technology. DTEF extends this by integrating regulatory considerations into the broader digital trust context, addressing compliance across various digital interactions.

Organizations can transition gradually, adopting DTEF alongside their existing use of COBIT; in fact, enterprises will find that they are well on their way to adopting DTEF if they have implemented COBIT as there is substantial overlap in the governance areas. The transition strategy depends on the organization’s specific needs and the maturity of their digital trust initiatives.

Both COBIT and DTEF are adaptable to emerging technologies. COBIT provides specific guidance for governance of enterprise information and technology in these areas, while DTEF integrates them into a holistic framework that looks beyond governance to larger reputation risk and ethics when deploying new technologies in a digital ecosystem.

Yes, DTEF aligns with other international standards and frameworks. It is designed to be compatible with a multitude of existing frameworks and best practices, including COBIT, ITIL, GDPR, and numerous ISO and NIST standards, ensuring interoperability and a cohesive approach to digital trust in line with global best practices.