OneTrust DataGovernance Reviews

Positive

I use OneTrust DataGovernance for managing various aspects of data, including data inventory and data flow analysis. The tool covers almost all aspects we are using, including incident handling processes. If there is a data breach, the tool provides coverage.

The data flow analysis is especially valuable from a security perspective. It helps set a perimeter concerning security aspects. 

Additionally, the data and metadata function is quite useful for managing the collected data centrally. The tool aids in identifying important aspects of protection, prioritizes security measures, and provides insights from a legal and GDPR perspective.

The process management capability could be improved. It would be beneficial to have an authorization mechanism for users to process certain actions.

I have been working with OneTrust DataGovernance for more than two years.

The solution is quite stable, and I did not face any issues.

OneTrust DataGovernance is highly scalable. I would rate it nine or ten in terms of scalability.

I did not need to contact customer support; the solution was satisfactory.

Positive

Before OneTrust DataGovernance, we used standard spreadsheet tools, which were not as effective.

The setup was not difficult. I would rate the setup experience a nine.

The tool increased our efficiency. It provided savings, especially in terms of the time spent on exchanging and approving data through emails or similar means. 

Although I cannot provide an exact saving amount, the tool significantly improved our efficiency.

The cost of OneTrust DataGovernance was slightly expensive. However, it is one of the finest tools in its category.

I recommend using a tool like OneTrust DataGovernance for managing regulated services, especially those handling personal information. It is crucial not to rely on spreadsheet tools. The scalability is beneficial for organizations with different geographic locations. 

I would rate the solution a nine out of ten.

For OneTrust, we [and the clients] use it not just for governance, but for GRC (Governance, Risk, and Compliance) purposes. 

OneTrust has materials for compliance that can be selected or built into packages. They offer pre-built packages for compliance with HIPAA and other requirements. They also provide standard plans that make it easy to send reports with the necessary parameters.

The customers prefer OneTrust GRC for compliance, not just for Data Governance. In an enterprise, they have compliance teams, risk teams, and government teams. So, Information Axon and Collibra are targeted toward data governance teams, but GRC and compliance teams prefer to use OneTrust or Archer.

The business glossary is good. Workflows are also really good. But, for lineage and data classification, customers prefer to use Informatica or Collibra. These tools are more powerful and cover many data sources like databases, DLP, AI, and cloud environments.

Inventory management mainly stores information about all data sources in one place. Tools like Collibra, Axon, and OneTrust all provide a way to save a business glossary or inventory. 

This allows anyone in the enterprise to easily find information about specific products or data elements. The relationship between business and technical terms is also saved within the inventory.

I believe the relationship between business and technical terms could be improved, as well as the focus on data discovery. 

If we leverage the power of AI, we could provide more user-friendly outputs with relational insights between data. This is a core area for success. Any tool that focuses on data insights will add value. It's not just about linking clear data with clear business terms, but gaining insights is power and the key to success.

So, I would like to improve the business and technical relations within OneTrust Data Governance.

Customers mainly use OneTrust for compliance. For example, in Saudi Arabia, which is the top-selling country in 2023, there is a boom in data management investments due to digital transformation and government initiatives. They are heavily investing in data enrichment and data management. 

To succeed in this market, OneTrust needs to invest more and check the requirements from Saudi Arabian regulations. There are around 200 specifications to comply with. Once OneTrust meets those specifications, it will be able to sell more products.

If OneTrust adapts well, OneTrust will see significant sales growth until 2030 in Saudi Arabia. An important thing to consider is to offer both on-premises and cloud deployment options. Currently, cloud-only solutions, especially on Azure, are not widely accepted. So, I would like to have an on-premises version as well.

On-premises is crucial. If OneTrust can offer Google Cloud within Saudi Arabia, that would be good, but outside the country, Azure is acceptable for HIPAA compliance.

So, in future, there should be both on-premises and Google Cloud options for cloud deployment.

We have OneTrust products, mainly in Saudi Arabia, and I've been working with them for about a year or ten months.

It is used at enterprise level, so it must be the latest version.

The stability is average. I would rate it a five out of ten. It is average. I've had some issues with tickets, CRs (Change Requests), service requests, and the like.

Like other tools, there are always some issues that need to be fixed. It's normal for most tools to have occasional issues, and the operations team is usually working on resolving them.

It has high scalability, but the limitations are the pricing and the lack of an on-premises option within Azure cloud. This limitation prevents us from selling to some teams. The team at OneTrust may not be aware of the cultural and regulatory landscape in Saudi Arabia. It's important to be able to offer on-premises deployment. I'm sure that in any sales presentation, customers will ask if there's an on-premises version, and the answer will be no. This will disqualify OneTrust, even if the system is technically qualified and the sales representatives are experts.

I would rate the scalability a seven out of ten. We have two enterprise-sized businesses as customers. We work with enterprise clients and sell other products. We are not tied to specific infrastructure providers like IBM or Microsoft, but we are guided by customer needs. 

If customers specifically request OneTrust and are open to using the cloud outside of Saudi Arabia for HIPAA compliance, we can work with them. Regulations are starting to be enforced, so it's important to be able to offer solutions that meet compliance requirements, especially for enterprise clients.

The main issue is with the first line of support. They don't seem to understand the tool very well and often need to escalate to the experts.

So, I would like them to have more knowledge and qualifications. They should be prepared very well. I like the second-line support team; they are knowledgeable. But sometimes, they ask repetitive questions, which can be frustrating for customers. Perhaps they could customize the questions or use a process to avoid repeating the same questions.

Neutral

My focus is on data management, aspects like quality, integration, open data, data sharing, and more. The market recognizes around 14 data management domains, including different environments and data configuration capabilities. 

As for OneTrust implementation, my educational level and experience as a data expert in the Middle East have been valuable. I've engaged with Aetna on various projects, starting as a developer and progressing to senior project manager. Currently, I'm an account manager and business developer for my company in Saudi Arabia.

I've had two projects involving Axon and OneTrust. We're a system integrator specializing in different management projects.

The initial setup was difficult. 

I was leading a project for one of our big customers in the telecom industry. I remember my team got stuck during setup, and we had to engage the OneTrust team. Even their experts took a long time to install it, and there were many prerequisites. It was complicated.

So, I would rate my experience with the setup process a two out of ten, where one is difficult, and ten is easy.

For OneTrust, we work at this client's site, STC (Saudi Telecom Company). So, the deployment took more than one month, as I remember. One of the OneTrust modules and STC had many prerequisites and issues.

In general, the installation process is as follows:

If you have a product and you need to speed up the setup, maybe you could have an automated setup with a bundled database. It's a confidential solution, so you don't need to ask for the database location; bring your database inside your product and install it. Don't ask about the database repository or schema; you can make it reside beside your product, whether it's MySQL, PostgreSQL, or others. 

When you include a database for metadata beside your product, you eliminate the need to ask for database and network size requirements, disk space, and other details. You don't have to do all these things. OneTrust, bring your packaged database to record metadata and collect data. For any support team inquiries, you can minimize the prerequisites. Just ask for the installed OS and server access, and install your product there to work.

We integrate. Our company is a system integrator, so we integrate our clients with technology vendors like OneTrust, Informatica, IBM, Microsoft, and others. 

For security reasons, we provide solutions for our clients based on zero trust and their needs.

It is expensive. I would rate the pricing a seven out of ten, with one being cheap and ten being expensive. 

The licensing is itemized. If you ask about specific features, OneTrust will tell you that they're an additional feature, and you have two versions. It's not a one-box solution like some other tools I've worked with. OneTrust has many features, and you have to pay for each one individually.

My customers mainly use OneTrust for compliance. For data classification, they use Informatica and Collibra. They prefer a hybrid approach and don't want to rely on just one solution. They use different tools for different purposes, such as OneTrust for governance and Collibra for compliance. They are open to adopting a new solution if it offers better capabilities.

But, if they've already purchased OneTrust and want to add features like data discovery and lineage, OneTrust can provide these features. But, if they already have ETL and BI tools in place, it might be more efficient to stick with those tools as long as they can cover all the requirements. Adding another tool means additional costs, resources, and integration efforts. It's better to have a comprehensive solution that meets all their needs.

My advice depends on the country and its regulations. In Saudi Arabia, you have to check if the setup is on-premises or in the cloud. Cloud security and compliance with local regulations are crucial. You need to consider the installation process, schedules, and legalization for specifications related to the National Data Management Office (NDMO). 

Once you ensure compliance with the tool and local regulations, it will be easier to proceed with purchasing, implementation, and adoption. If the tool is not compliant, you may face issues later on, potentially leading to disqualification by security teams and the need to stop using the tool.

Overall, I would rate it a six out of ten. 

For users who need to comply with regulations, I would recommend using this product. But for my colleagues, my clients, and myself, we don't usually consider OneTrust due to setup issues and pricing concerns. 

However, if OneTrust wants to gain more market share, OneTrust Data Governance needs to offer competitive pricing and consider providing a package specifically for Saudi Arabia that includes key compliance services, active directory integration, data quality tools, and other important features. This type of package could be very appealing and lead to increased sales.

We use the platform for conducting privacy assessments, vendor assessments, managing IT asset management, privacy and security assessments, managing ISO and ISM certification requirements, and managing internal and external audits.

OneTrust seamlessly manages multiple geolocations, providing automated data management based on location and enabling seamless connectivity with APIs. It has also significantly reduced our overall budget to manage a platform for specific activities.

OneTrust allows seamless management of multiple geolocations at one time and offers workflow automation based on location-specific parameters. It provides seamless API connectivity with other platforms and professional support. Additionally, it is cost-efficient compared to other market solutions.

In OneTrust DataGovernance, there is room for improvement in creating customized email notifications in plain language and enhancing text editor features for form creation. Additionally, reporting capabilities should be enhanced to generate concise reports in Word format and address certain limitations in PDF reports.

I have been working with this platform for the last four years.

OneTrust notifies customers prior to any potential severity issues and provides clear communication regarding incidents, including estimated resolution time and responsible personnel. Overall, they maintain good customer communication.

The platform is very scalable, with no significant limitations. It can accommodate new requirements as needed.

OneTrust offers two levels of support: basic support driven through cases and expert support with a dedicated specialist. For regular support, I would rate them seven out of ten, while expert support would receive an eight out of ten rating.

Positive

Previously, we used TrustArc, but we switched because the vendor decided to shut down operations by the end of 2023. Additionally, we found OneTrust to be more effective and cost-efficient compared to other tools we evaluated.

OneTrust offers two types of setup support: a fully supported service where a OneTrust executive implements the solution based on gathered requirements and minimal support where internal team members with OneTrust knowledge design and implement the workflows, with OneTrust available to answer queries if needed.

OneTrust's flexible packages and unlimited assessments and user counts have resulted in considerable cost savings. Free integration options in certain subscription packages help reduce the overall budget for platform management.

We evaluated other tools like Zapariva but did not find them as effective as OneTrust.

I would definitely recommend OneTrust to others because the platform is supported by knowledgeable professionals, stays up-to-date with the latest technologies, and offers numerous features, including free APIs and comprehensive documentation. The training and support resources are also freely available to customers.

I'd rate the solution eight out of ten.

We use the product to ensure compliance, handle data subject requests, and manage privacy-related activities in an environment.

The platform enhances the collaboration between data governance teams and other business units. As a request collection window, it facilitates a streamlined workflow where incoming requests are efficiently processed and notified to the relevant departments or data owners.

OneTrust DataGovernance has a valuable automation feature for data subject requests. It integrates with the website's form and enables efficient handling of requests, with data flowing seamlessly into Microsoft's server. It can adjust the presentation based on the user's location to ensure cookie compliance. They could consider incorporating additional functionalities for data regulations and laws.

We have been using OneTrust DataGovernance for a year.

It is a stable platform.

It is a scalable platform.

Our data governance and privacy departments also work with Microsoft Priva and Microsoft Purview.

OneTrust DataGovernance has excellent on-premise data mapping and visualization capabilities. It seamlessly integrates with Microsoft 365 applications, collecting the data together. It is a good tool. I rate the product an eight out of ten.

I use the product to register processing activities and the automation tool for quality impact assessments in high-risk areas.

The product's valuable feature is its integration with other tools, such as risk management and risk assessment. It supports both data privacy and information security needs.

The platform could benefit from more competitive AI features, more user-friendly dashboards, and better automatic recognition or advanced templates.

I have been using OneTrust DataGovernance for a year and a half. 

I rate the product stability an eight. 

There were less than 50 OneTrust DataGovernance users in our organization. 

I rate the scalability a seven. 

The setup has medium complexity. We encountered delays due to interface issues and onboarding problems.

I rate the process a four or five out of ten. 

The product cost was reasonable due to a discount for NGOs, approximately €10,000 annually per company.

OneTrust is a well-known and valuable product for data minimization and GDPR compliance. 

Overall, I rate it an eight out of ten. 

I've implemented the solution for two clients. One implementation was for risk identification and inventory, while the other was focused on data subject rights for development.

One valuable aspect of the solution is its cloud-based nature. Users can just pay the fees and get started instantly.

The tool is an amalgam. It's a collection of loosely integrated pieces and parts that don't work well together. There is room for improvement there.

I've been using the solution for a year and a half.

My team reached out to the support team, and their experience was not satisfactory.

The solution is a low-cost option.

I would recommend evaluating your specific needs and existing tools. If your organization already has ServiceNow, Archer, SAP, or similar integrated solutions, it might be worth considering those options as they are already integrated. While OneTrust DataGovernance could be a low-cost option, it's an amalgamation and not integration. It’s important to align your choice with your long-term data. Overall, I rate the solution a solid five out of ten with ten being the highest.

We use the solution to manage data usage and cookie preferences on any of our company’s websites.

The product provides visibility across the scope of companies we have.

The tool gives us the ability to trace the path of an incident. It helps us find the issue's origin and the risks involved.

Deployment is a big issue.

I have been using the solution for around six months. I am using the latest version of the solution.

I rate the tool’s stability a nine out of ten.

I rate the tool’s scalability a nine out of ten.

The initial setup is quite complicated. I do not know whether it’s because of the complexity of our organization. The product is deployed on the cloud.

I see a return on investment in the product.

The product is worth every penny.

People who want to use the solution must ensure that all the teams and stakeholders are trained before using it. Overall, I rate the tool a nine out of ten.

It helps me in managing and using personal data while complying with the regulatory framework.

This product makes it easy to manage personal data.

The subject rights and concerns functionality needs to be improved.

Cookie management is an area that needs improvement. 

The integration with third-party products could be better.

I have been using OneTrust DataGovernance for one year.

OneTrust is stable and it works well.

This is a scalable product. We have approximately 100 users.

I have not been in contact with technical support.

I have tried at least one other similar solution.

There is a licensing fee that we pay regularly.

I am looking into other similar products on the market.

This is a product that I can recommend. However, there is some room for improvement.

I would rate this solution a six out of ten.