OneTrust GRC Reviews

Name: OneTrust GRC
Brand: OneTrust
Rating: 4 (11 reviews)

4.0 out of 5

11 reviews
72% willing to recommend

What is OneTrust GRC?

OneTrust isthe largest and most widely used technology platform to operationalize privacy,security and third-party risk management.More than 2,500 customers, both big and small and across 100countries, use OneTrust to demonstrate compliance with privacyregulations including the GDPR, California Consumer Privacy Act, Brazil LGPD,and hundreds of the world's privacy laws.

Get the OneTrust GRC Buyer's Guide and find out what your peers are saying about OneTrust GRC, MEGA HOPEX, RSA Archer and more!

OneTrust GRC is the #2 ranked solution in top IT Vendor Risk Management solutions and #4 ranked solution in top GRC solutions. PeerSpot users give OneTrust GRC an average rating of 8.0 out of 10. OneTrust GRC is most commonly compared to MEGA HOPEX: OneTrust GRC vs MEGA HOPEX. OneTrust GRC is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.

Helped 793,295 peers since 2012

Featured reviews

Steve Peacock

Director - Security & Compliance at Venzo

I recently implemented the platform for a large multinational client operating in 28 countries with diverse risk management needs across privacy, cyber, and group strategy. Its configurable nature allowed us to tailor risk attributes and visibility filters specific to each organizational unit, enhancing compliance effectiveness. Automation has significantly optimized compliance processes. For example, automating vendor risk assessments at a global jewelry company reduced process time and dependencies among legal, cyber, and ESG teams, enhancing agility and efficiency. OneTrust's CyberScores and Security Scorecard feature provided independent risk assessments for vendors, facilitating informed decisions. This capability was instrumental in aligning IT risk management with privacy team requirements, ensuring robust vendor evaluations. Integration with existing systems was smooth overall, leveraging robust API for customized reporting. However, managing custom attributes required additional effort to align with reporting needs, necessitating a translation mechanism in tools like Power BI. I would recommend it and rate it a nine.

Read full review

reviewer2093358

Senior Enterprise Risk Manager at a retailer with 10,001+ employees

We use OneTrust GRC to evaluate internal and external projects for risk It does help in the automation of our privacy impact assessments. The product itself, and perhaps most importantly, is not truly designed to fit the way people and users do their work. There are limitations to customized…

Read full review

reviewer2055579

Cyber Security Consultant at a tech services company with 51-200 employees

The platform was not built in a way that allowed multinational entities to use it seamlessly. You could only create one organization. So you create the organization, and then you need to create countries. Suppose a bank had affiliates in Ghana and Kenya. We couldn't use the solution to ensure that a person in Kenya would only have access to things related to Kenya. We had to improvise to do it, but it was quite obvious that the architecture was not designed for multinational companies like the bank I worked for, which had affiliates in 35 countries. Another issue I had with the tool was regarding the controls. Suppose you have to audit an organization in the risk assessment against ISO 27001 or some other regulation. In some instances, the solution won't have the copyright or the license for a particular regulation. Even though you see ISO 27001 in the tool, you, as an entity, are supposed to buy those controls into the platform. That made things difficult for us because now we needed to launch another request for a quotation or another RFT to get those regulations bought into the platform.

Read full review

OneTrust GRC mindshare

Product category:

As of July 2024, the mindshare of OneTrust GRC in the GRC category stands at 13.0%, up from 9.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

GRC

Key learnings from peers

Last updated Jul 4, 2024

Valuable Features

"One of the most beneficial features of the product has been its cloud-based IT and vendor risk management tools, along with built-in templates for GDPR and ISO compliance."
"The most valuable feature of the solution is that it already has visibility about all the data protection regulations or other cybersecurity regulations related to several countries"
"OneTrust GRC offers policy management, including documentation, distribution, attestation, and policy management."

Room for Improvement

"They could enhance the product's functionalities like audit management and ensure consistency across modules."
"The platform was not built in a way that allowed multinational entities to use it seamlessly."
"There are several areas for improvement. One is the integration capability. Connecting various DSAR systems can be time-consuming if a single integration takes months to complete."

Pricing

"OneTrust GRC is an expensive solution."
"The platform is expensive."
"The solution is expensive."

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our OneTrust GRC Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

15%

Computer Software Company

12%

Government

Manufacturing Company

Healthcare Company

Energy/Utilities Company

Retailer

Insurance Company

University

Non Profit

Educational Organization

Construction Company

Media Company

Hospitality Company

Real Estate/Law Firm

Legal Firm

Transportation Company

Logistics Company

Wholesaler/Distributor

Comms Service Provider

Outsourcing Company

Performing Arts

Consumer Goods Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Recruiting/Hr Firm

Wellness & Fitness Company

Compare OneTrust GRC with alternative products

Learn more about OneTrust GRC

OneTrust's sizeand scale allows it to offer the easiest-to-use and most affordable solutionfor implementing use cases including: Privacy Maturity Benchmarking, DataProtection by Design and Default (PbD), Data Protection Impact Assessments(PIA/DPIA), Third-Party Vendor Risk Management, Incident and Breach Response,Data Mapping (Records of Processing), Customer Preference Management, ConsentManagement, Website Scanning & Cookie Compliance, Mobile App Scanning, DataSubject/Consumer Rights Management and Policy & Notice Management.

The platform'sintelligence comes from DataGuidance by OneTrust, an in-depth andup-to-date source of privacy and security regulatory summaries, guidance,templates, case law, and analysis. The database is updated daily by over 20in-house privacy researchers, along with a network of 500 lawyers across over300 jurisdictions.

OneTrust's700 employees are located across co-headquarters in Atlanta andin London with additional locationsin Bangalore, Melbourne, San Francisco, New York,Munich and Hong Kong. To learn more, visit OneTrust.com.

OneTrust GRC was previously known as OneTrust Vendor Risk Management.