We performed a comparison between OneTrust GRC and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two GRC solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product helps us streamline audit and incident management processes."
"We receive notifications or cases and prioritize them accordingly, which helps us address issues promptly."
"As a solution for IT risks, it is a very good product."
"It does help in the automation of our privacy impact assessments."
"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"We have data from Jira regarding addiction related to Europe as well as California. Additionally, we have data related to the Indian Data Protection Bill. Therefore, GDPR compliance is highly beneficial."
"OneTrust GRC offers policy management, including documentation, distribution, attestation, and policy management."
"OneTrust GRC is stable."
"The product is very flexible."
"With RSA Archer, an admin can set permissions for a normal user to go directly to the tool they need to input some data. Admins can then go through that and approve some requests. Also, they can log in based on these kinds of permissions, including ticketing, service patches, or upgrades."
"The most valuable part of the product is the ease-of-use and the opportunity to create custom security applications easily."
"It has various valuable features. For example, showing us if a control aligns with specific standards or frameworks helps us understand it better and verify its compliance."
"The part I liked about Archer was the risk assessment for deficiencies and being able to use it there."
"I have found all the features to be valuable, including those involving reporting, the dashboard, notifications, email modules, the database and data input."
"This solution helped us with the centralization of our governance data, so we could house all of our controls in one place. We could use that central repository of all our controls to build our risk management strategy and our policy and governance. So we could use controls as a central library and build policy, and then build risk management around it."
"Its user interface is pretty neat, and there is flexibility in generating the data. You can customize reports at any level. You can directly get reports in Tableau format. If you want to generate statistical data, you can create reports with graphs. There is an adequate amount of flexibility for changing the format, the type of graphs, etc."
"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"We encounter difficulties creating multiple platforms or interfaces and manual processes for changing certain settings."
"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."
"OneTrust GRC's workflows aren't automated and need to be manually driven."
"The product is not that easy to set up."
"There are several areas for improvement. One is the integration capability. Connecting various DSAR systems can be time-consuming if a single integration takes months to complete."
"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."
"When we have to do formulas or some other type of calculation in Archer, it sometimes doesn't work correctly. The fields don't display right, and we have to contact RSA Archer support to fix things. I think the calculation components are a bit complicated."
"It would be useful for customers if COBIT 2019 could be translated into different languages."
"It's resource-hungry, that's the best way of putting it."
"There are some issues with the interface for version 6.5 but these may already be repaired and simplified in the new versions that have been released."
"In terms of what can be improved, our client always says their user experience, IU/UX in RSA Archer. They found it is not as user friendly as other tools."
"Its customization features could be better."
"Performance could be improved."
"Some of the error reporting isn't very clear. When you're looking for information on error codes, you got to do a lot of digging."
OneTrust GRC is ranked 4th in GRC with 9 reviews while RSA Archer is ranked 1st in GRC with 38 reviews. OneTrust GRC is rated 8.0, while RSA Archer is rated 8.0. The top reviewer of OneTrust GRC writes "Effective privacy management, but the technical support could improve, and it is difficult to implement". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". OneTrust GRC is most compared with ProcessUnity, AuditBoard, Workiva Wdesk, LogicGate and Bitsight Third-Party Risk Management, whereas RSA Archer is most compared with IBM OpenPages, MetricStream, Microsoft Purview Communication Compliance, Workiva Wdesk and Snow Governance & Risk. See our OneTrust GRC vs. RSA Archer report.
See our list of best GRC vendors and best IT Vendor Risk Management vendors.
We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.