TrustRadius: an HG Insights company

OneTrust Tech Risk & Compliance

Score9.3 out of 10

7 Reviews and Ratings

Get a Demo

What is OneTrust Tech Risk & Compliance?

Automated governance with business-ready content, guidance, and mapping. A solution to turn complex regulations into simple, actionable tasks that fit into any existing processes, ensuring continuous compliance.

Categories & Use Cases

OneTrust Tech Risk & Compliance Reviews

What users are saying about OneTrust Tech Risk & Compliance.
View all OneTrust Tech Risk & Compliance reviews

OneTrust GRC for Mid-Scale Enterprise

Hiral Shah
Senior Manager Informaiton Security and Compliance in Information Technology at Acqueon Technologies (501-1000 employees employees)

Use Cases and Deployment Scope

I had evaluated many GRC but I like OneTrust mini GRC as it is user-friendly, easy to deploy and easy to integrate. The beauty of this software is that, we can implement one by one module (e.g. Vendor/Third-party risk management, Cookie Compliance, IT Risk management etc...). This is an excellent tool for Data privacy management.

Pros

  • Module wise implementation.
  • Very reasonable price structure.
  • Easy and speedy to implement.
  • Product roadmap.

Cons

  • Policy management workflow and repository management.
  • IT risk management.
  • Report automation.

Most Important Features

  • Data privacy management.
  • Cookie compliance.
  • Vendor risk management.

Return on Investment

  • Reduce third-party risk.
  • Compliance management.
  • GRC experience in reasonable budget.

Alternatives Considered

TrustArc and Archer Integrated Risk Management Platform

Other Software Used

Keka HR, SecurityScorecard, AlienVault USM, Sumo Logic, KnowBe4 PhishER, Workday Cloud Platform

A trusty platform if you provide the logic

Incentivized
Verified User
Analyst in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

We utilize OneTrust for 3rd party risk management and to dictate the frequency of review. Using a risk matrix new vendors brought into the platform are assigned a risk level based on data sensitivity and the inherent risk of the vendor. We then use OneTrust to automate information gathering and to schedule reassessments based on risk category.

Pros

  • Centralized repository for documentation of vendor risk.
  • Allows for customizable risk metrics to define inherent risk.
  • Repeatable, defined process for vendor assessments.

Cons

  • Documentation chasing for assessments is not as automated or hands-off as demos made it seem.
  • Getting custom risk matrix set up required professional onboarding.
  • Platform is less than intuitive.
  • Pricing is module dependent and demos do not highlight which module is included in which workflow.

Most Important Features

  • Centralized document repository.
  • Repeatable processes.
  • Easily defensible logic for risk based decisions.

Return on Investment

  • More uniform vendor assessments.
  • Defensible numeric metrics reflecting risk.
  • Centralized document repository for audit proofs.

Alternatives Considered

BitSight Security Ratings and SecurityScorecard

Other Software Used

Recorded Future, Splunk Enterprise Security (ES), Microsoft Defender for Endpoint

OneTrust Tech Risk & Compliance Alternatives

Products similar to OneTrust Tech Risk & Compliance that may also meet your needs.
View all OneTrust Tech Risk & Compliance alternatives
Vanta
CompareLearn more
Secureframe
CompareLearn more
Drata
CompareLearn more