How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
I use the solution when internal customers want to engage with a third party through some type of cloud-based system. Right away I start reviewing from that perspective and I get the vendor's information that they are looking to engage with, I input the information into this solution. This solution has a process where I can send questionnaires out to the new prospective vendor. That prospective vendor will provision themselves into the solution by inputting all their information. This prevents me from inputting any information incorrectly. At this stage, I review all the information. The vendor will also upload all of their security documentation. This includes anything they can show that they are performing security best practices on behalf of their customers like us. This solution gives me the ability to double-check that information. I can do a risk review and risk rate it. There is a backend that will do a crowdsourcing type feature. For example, if there are other customers that have reviewed this particular vendor before, I can actually piggyback on that collected information and make my own judgment on whether or not it is a good fit for our environment.
We use this solution for the management of our Privacy Program with a single solution. It helps to show compliance with regulations like GDPR, or CCPA. Vendor Risk Management was one of the main modules we wanted, but having the benefit of additional solutions within the same platform was what convinced us to go with OneTrust. In particular, we were interested in Application inventory, Records of Processing Activities, Website Scanning and Cookie Compliance, Incident Response, Data Mapping, and Assessment Automation. The Data Subject Request Module is very helpful to deal with requests and automate data collection. OneTrust also includes Maturity and Benchmark assessments.
What do you like most about OneTrust GRC?
Thanks for sharing your thoughts with the community!