OneTrust Review

Overview

OneTrust offers a complete privacy management solution that presents a centralized system to automate privacy procedures and track data. The platform conducts proactive self-assessments to assist privacy professionals to handle compliance for both future and existing regulations. Further, the software is pre-designed with automated workflows and regulator guidance-based questionnaires that you can utilize collaboratively to show compliance with record-keeping policies.

You can easily tailor this multi-lingual application using a point-n-click user interface for your unique organizational and industry requirements. OneTrust’s modular, scalable platform includes tools for vendor management, consent management, incident and breach management, data protection impact assessments (PIA / DPIA), data protection by design, and others.

Benefits

The OneTrust Vendorpedia Platform

This suite includes the following solutions:

Vendorpedia Assess

Identify and reduce risk

Automate privacy and security evaluations, streamline exception and issues management, test controls, track SLAs and performance, and perform financial due diligence.

Vendorpedia Chasing

Offload evaluation-related tasks

Utilize free risk evaluation services offered by OneTrust’s team who will follow up with suppliers on your behalf. You can offload your work to them and facilitate quicker questionnaire completion.

Vendorpedia Contracts and Documents

Handle important contract terms

Scan and report on crucial contract terms, and handle vendor documentation, evidence, and certificates in one database. Integrate with contract management programs.

Vendorpedia Exchange

Access pre-filled research

Get access to evergreen research on numerous suppliers with product- and service-level granularity, including privacy and security certifications, and pre-completed risk evaluations, updated every day.

Vendorpedia Data Mapping

Include business context in managing supplier risks

Connect your vendors to the business procedures and IT systems they support to attach context to risk, keep your data map updated, and visualize lineage diagrams.

Vendorpedia Monitoring

Preserve ongoing supplier oversight

Obtain notifications on vital vendor privacy and security alterations, including fourth-party breaches, incidents, and changes. Utilize an automation tool for trigger-based reevaluation.

Vendorpedia Autocomplete for Vendors

Automate the completion of custom questionnaires

Enables suppliers to autocomplete questionnaires including custom ones to accelerate response time for evaluations. This service is free and offered to all vendors.

Vendorpedia Breach and Enforcement Tracker

Get alerts when vendor breaches happen

Obtain notifications about regulatory enforcements and vendor breaches, tracked by OnTrust’s in-house privacy and security team and supported by OneTrust DataGuidance research.

Why Opt for OneTrust Vendorpedia?

Unlimited Vendors

Evaluate all your suppliers any number of times without extra charges.

Up-to-Date Exchange

Get access to detailed research on thousands of global suppliers, both small and big, updated every day.

Contextual Metrics

Add business context to important controls, risks, and performance indicators (KPIs, KCIs, and KRIs).

Robust Reporting

Generate audit-ready reports with interactive dashboards and rollup risk views.

Integrated with OneTrust

Keep your data map up to date, respond faster to incidents, and fulfill data requests.

Product Features

Pricing

Standard

• $500/monthly billed annually
• Unlimited Assessments
• 500 Vendors
• 50 Vendor Chasing Requests*
• Vendor and Third-Party Inventory
• Custom Vendor Profiles
• Single View of Engagements, Documents, and Assessments
• Standard Assessment Templates (CAIQ, SIG lite, ISO, NIST)​
• Import or Build Custom Assessments
• Automated Assessment Workflow​
• Risk Tracking at Asset, Vendor, and Process Level
• Access to Vendorpedia Exchange Profiles and Pre-Completed Assessments​
• Automated Vendor Alerts
• Multiple Contracts per Vendor​
• Visual Dashboards
• 5GB Storage
• Roles-Based Access Control

Advanced

• $1500/month billed annually

Features in Standard, plus:

• Unlimited Vendors​
• 250 Vendor Chasing Requests*
• Controls Library​
• Full Template Library
• Follow-Up Assessment Rules
• Scheduled Re-Assessments
• Multi-Approved and Responder Collaboration​
• Assessment Alerts (E.g. Aging)​
• Multilingual Assessments​
• Configurable Risk Heatmap​
• Contract Expiration Alerts​
• Custom Reports
• Scheduled Reports ​
• 50GB Storage​
• Custom Roles​
• Single Sign On (SSO)​
• Organizational Hierarchies​

Enterprise

• Billed annually
• Contact the vendor for pricing

Features in Advanced, plus:

• Unlimited Vendor Chasing Requests*
• Contract Scanning (E.g. SLAs)
• Integrations Marketplace (E.g. Procurement)
• API Framework for Custom Integrations
• API-Based Real Time Feeds
• Terminology and Localization Editor
• Custom Email Notifications
• Custom Branding
• 5TB Storage
• Sandbox Environment​
• Enterprise SLA​

*Standard Templates

Recommended Add-Ons for Vendorpedia (Need Vendorpedia Subscription)

Vendorpedia Chasing Services​

• Free
• Standard Assessments
• $60 per Custom Assessment
• Standard Assessments such as CSA CAIQ, SIG Lite, ISO/IEC 27001,
• NIST 800-53
• Vendorpedia Agent* Powers Vendor Evaluation to Completion
• Ongoing Status Updates for ​Pending Evaluations
• Utilize Pre-Completed Evaluations in Vendorpedia Exchange​
• Vendor Portal, including Autocomplete
• Number of Vendor Requests​ Differs by Edition

*Requires Agency Agreement

Vendorpedia Data Mapping

• Starts at $500/month billed annually
• Data Transfer, Asset Map, and Data Lineage Visuals​
• Custom Data Elements, Data Subject Types, Categories, and Classifications
• Automated Risk Scoring & Record Updates
• Risk and Evidence Tracking at Process and Asset Level
• Integrate with Data Discovery Scanning Solutions or Import Data
• Mapping Features​ Differ by Edition

Breach & Enforcement Tracker

• Starts at $200/month billed annually
• Vendor Breach Alerts
• Regulatory Enforcement Notifications
• Customizable Alerts and Notifications
• 300+ Standards, Laws, and Frameworks
• Breach and Enforcement Automation Triggers