In December 2018, privacy management provider OneTrust announced a partnership with the Cloud Security Alliance (CSA) and the availability of free vendor risk assessment capabilities to all CSA members.
- Vendor risk assessment is a data protection prerequisite that goes far beyond meeting the requirements of a single regulation, such as GDPR.
- OneTrust's vendor risk assessment capabilities are designed to be ongoing and evergreen, modernizing the point assessment approach typified by traditional GRC offerings.
- The "Vendorpedia" database powering OneTrust's vendor assessment capabilities is a key differentiator, allowing the enterprise to automate monitoring of vendor relationships.
Features and Benefits
- Evaluates current vendor risk assessment capabilities, as offered by the market, and identifies weak points in methodology.
- Identifies the role of vendor risk assessment capabilities in meeting the requirements and obligations of GDPR, along with similar regulations.
- Assesses the need for ongoing, perpetual evaluation of vendor relationships in the data protection regulatory era.
- Identifies OneTrust's integration capabilities, which facilitate the embedding of vendor risk assessment into existing enterprise workflows.
- Identifies key technical differentiators of the OneTrust vendor assessment offering, underpinned by its "Vendorpedia" database.
Key questions answered
- What is the current state of vendor risk assessment capabilities on the market, and why might they not be sufficient for modern regulatory requirements?
- How can ongoing vendor risk assessment simultaneously help the enterprise achieve both regulatory requirements and enhanced customer loyalty?
- What technology offered by OneTrust helps the enterprise automate and continually monitor vendor risk assessment?
- What are OneTrust's differentiators in offering vendor risk assessment, and how can the enterprise expect to integrate the technology into existing workflows?
- How was OneTrust's proprietary "Vendorpedia" database designed, and how does it relate to existing technology and capabilities offered by the company?
Table of contents
Capabilities go far beyond GDPR compliance
Meeting the need for ongoing, evergreen vendor assessment
Vendorpedia evaluates vendor capabilities and credentials