We performed a comparison between Bitsight Third-Party Risk Management and OneTrust GRC based on real PeerSpot user reviews.
Find out in this report how the two IT Vendor Risk Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."
"Offers open ports from an external point of view."
"The solution is user-friendly."
"The product helps us identify the vulnerabilities of internet-facing applications."
"Its customer service team responds quickly."
"Vendors can be assessed and rated out of the tool, and assessments can be scheduled for updates at certain intervals."
"OneTrust GRC is stable."
"We receive notifications or cases and prioritize them accordingly, which helps us address issues promptly."
"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"The product helps us streamline audit and incident management processes."
"As a solution for IT risks, it is a very good product."
"It does help in the automation of our privacy impact assessments."
"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."
"Data enrichment is the major issue."
"The solution’s benchmarking should be improved."
"Its factor analysis feature could be better."
"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."
"The product is not that easy to set up."
"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."
"OneTrust GRC's workflows aren't automated and need to be manually driven."
"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."
"We encounter difficulties creating multiple platforms or interfaces and manual processes for changing certain settings."
More Bitsight Third-Party Risk Management Pricing and Cost Advice →
Bitsight Third-Party Risk Management is ranked 2nd in IT Vendor Risk Management with 5 reviews while OneTrust GRC is ranked 3rd in IT Vendor Risk Management with 7 reviews. Bitsight Third-Party Risk Management is rated 8.6, while OneTrust GRC is rated 7.6. The top reviewer of Bitsight Third-Party Risk Management writes "User-friendly solution with robust patch management capabilities". On the other hand, the top reviewer of OneTrust GRC writes "Costly solution that may not guarantee ROI, but remains effective in IT risk management ". Bitsight Third-Party Risk Management is most compared with SecurityScorecard, RiskRecon, Microsoft Secure Score, UpGuard Vendor Risk and Panorays, whereas OneTrust GRC is most compared with RSA Archer, ProcessUnity, AuditBoard, Workiva Wdesk and NAVEX One. See our Bitsight Third-Party Risk Management vs. OneTrust GRC report.
See our list of best IT Vendor Risk Management vendors.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
