We performed a comparison between OneTrust GRC and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two GRC solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Vendors can be assessed and rated out of the tool, and assessments can be scheduled for updates at certain intervals."
"The product helps us streamline audit and incident management processes."
"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"It does help in the automation of our privacy impact assessments."
"As a solution for IT risks, it is a very good product."
"We receive notifications or cases and prioritize them accordingly, which helps us address issues promptly."
"OneTrust GRC is stable."
"RSA Archer has reduced the time and effort required for meetings."
"Integration is another great aspect of RSA Archer. From the beginning, integration has been a central focus for RSA, and Archer has always integrated well with most tools on the market today."
"The last project was for an investment group that was using Excel. Shifting their records from one position to another took approximately 15 minutes. In Archer, we created a workflow for them to leverage it, and they could send the single record with one click to one person within seconds. The whole process went from 15 minutes to two minutes to get the approval for the records. The main purpose of Archer is to just make it easy."
"Its user interface is pretty neat, and there is flexibility in generating the data. You can customize reports at any level. You can directly get reports in Tableau format. If you want to generate statistical data, you can create reports with graphs. There is an adequate amount of flexibility for changing the format, the type of graphs, etc."
"The most valuable features are the advanced workflow and the dashboards. This tool can present data wonderfully to management, and it is easy for them to manage the risk plans."
"I like how Archer requires very little programming ability. A person with minimum coding experience can configure the necessary fields in Archer. It's more of a drag-and-drop solution."
"Even non-technical people can be masters of the product."
"Solution is scalable."
"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."
"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."
"We encounter difficulties creating multiple platforms or interfaces and manual processes for changing certain settings."
"OneTrust GRC's workflows aren't automated and need to be manually driven."
"The product is not that easy to set up."
"There is no inbuilt alert in Archer to let us know that a data feed has failed or did not run for different reasons. So, we don't even get to know that a feed has not run until somebody reports it to us. This has been a problem all the time. Data feeds have always been a big headache for us because there is no feature to let us know if a feed has not run or has failed. If Archer had a feature to send us an email notification when a feed has failed, it would've been very helpful. This is the reason why our users are slowly moving away to another platform. Some of the modules that I have been managing are being moved to ServiceNow. Next year, a lot of our modules will be moved from RSA Archer to ServiceNow, and the data feed issue has been one of the main reasons."
"Solution could use more inbuilt applications."
"When we have to do formulas or some other type of calculation in Archer, it sometimes doesn't work correctly. The fields don't display right, and we have to contact RSA Archer support to fix things. I think the calculation components are a bit complicated."
"I would like to have the ability to build and maintain an inventory of personal data processing activities and assets utilizing a purpose-built taxonomy and data structure."
"The product is expensive."
"There were so many problems that we had found. One time, the search index was not working. We also faced slowness in Archer, but I resolved this issue."
"The bullet chart is the best graph for my purposes, and it should be available for inclusion in the dashboards."
"Archer could be improved by having more customization. I'm not sure if the backend processes have API calls and those kinds of seamless integrations, but from the front, some of the solutions are very out-of-the-box. It's not customizable, so that could be a little problematic since you have to use their features. In terms of the backend structure, I'm not too sure because I'm not a developer—I was an end user and product owner of Archer—and I don't quite know the backend and developmental features. But since it's an out-of-the-box solution, sometimes customization was challenging and support was a little problematic because we had to reach out to them all the time."
OneTrust GRC is ranked 5th in GRC with 7 reviews while RSA Archer is ranked 1st in GRC with 38 reviews. OneTrust GRC is rated 7.6, while RSA Archer is rated 8.0. The top reviewer of OneTrust GRC writes "Costly solution that may not guarantee ROI, but remains effective in IT risk management ". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". OneTrust GRC is most compared with ProcessUnity, AuditBoard, Workiva Wdesk, LogicGate and Bitsight Third-Party Risk Management, whereas RSA Archer is most compared with IBM OpenPages, MetricStream, Workiva Wdesk, AuditBoard and Microsoft Purview Communication Compliance. See our OneTrust GRC vs. RSA Archer report.
See our list of best GRC vendors and best IT Vendor Risk Management vendors.
We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.