17 years helping Canadian businesses
choose better software
OneTrust
What Is OneTrust?
OneTrust is the #1 most widely used privacy, security and trust technology platform used by more than 5,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world¿s privacy and security laws. OneTrust¿s primary offerings include OneTrust Privacy Management , OneTrust PreferenceChoice¿ consent and preference management, OneTrust Vendorpedia¿ third-party risk management, OneTrust GRC integrated risk management and OneTrust Ethics compliance and ethics software.
Who Uses OneTrust?
On-premise and cloud-based platform that helps businesses of all sizes with geolocation tracking, inventory control, data mapping, records management, auditing, reporting, scheduling and more.
Not sure about OneTrust?
Compare with a popular alternative
OneTrust
Reviews of OneTrust
Incredibly useful for any organisation wanting to achieve ISO 27001 certification/compliance
Comments: Fantastic experience, I don't how we would have achieved ISO 27001 certification without Tugboat Logic. It certainly is making our organisation a lot more secure. If we were to manage ISO 27001 compliance without Tugboat it would cost us many hours and salaries, so it is also a money saver.
Pros:
The ease of use and how intelligently the system was designed is a huge plus. There are so many integrations available to reduce manual work. User management is great too. Outrageously affordable considering everything you get.
Cons:
Would be good to have the ability to upload completed excel questionnaires in vendor assessment tool. For global organisations it would be great to have the UI localised in other languages and options to translate policies and procedures.
Very complete to run a solid Data Privacy programme
Pros:
Perfect to run a Data Privacy programme even in large organizations. It allows you to easily keep track of all different aspects, from data mapping of 3rd party providers to recording assets and processing Subject Access Requests. Colleagues in other Privacy-related teams also use it to track consumers' consent successfully. The interface might look retro, almost basic, but it has all the functions a team needs to ensure accurate recording of processing activities and compliance with GDPR and other Data Privacy Regulations. I also really appreciate the learning section on different countries' regulations and the new features that are being developed such as the integrated redaction feature.
Cons:
It can upload things a bit slowly sometimes. There also seem to be limits to the size and types of attachments you can upload, but nothing major. As already mentioned, the interface could be improved for an easier user experience. These are minor issues, mostly cosmetic, that take nothing away from how useful this programme has been to my team. 10/10, I would recommend to anyone looking to start a centralized Privacy programme.
No support on Github, problems ignored
Pros:
It is working, but I have size issue that need to be solved
Cons:
OneTrust does not answer problems on Github. I got a big size issue with OneTrust on iOS / Flutter, making the app 40 Mo heavier than expected, the question has been unanswered since 1 month, and it seems other questions get ghosted.
Vastly improved our data security process and overall compliance
Comments: Very positive. Customer support helpful.
Pros:
We compared a number of options to procure OneTrust and are glad we made the decision. The tool has a number of pre-programmed processes and control which meant that we were able to quickly adopt best practice without having to spend huge amounts of resource doing this before making a purchase.
Cons:
Our network infrastructure made achieving SSO difficult, we got there in the end however it was a challenge. Sales team were good, ocassionally pushy at times.
Alternatives Considered:
Tugboat for Soc2 Type2
Comments: Certainly allowed us to wrap up our audit in half of the required time.
Pros:
Most important for us was our ability to house all our Soc2 Type2 required documents into a single platform. Further to the above, Tugboat has many modules to manage the audit process hence saving you time and money to build your own custom processes.
Cons:
Does not have a process to manage company assets.