AuditBoard vs. BitSight Security Ratings

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
AuditBoard
Score 8.0 out of 10
N/A
AuditBoard is a cloud-based audit management software solution from the company of the same name in Cerritos.N/A
BitSight Security Ratings
Score 8.1 out of 10
N/A
BitSight in Cambridge, Massachusetts offers an Internet security platform.N/A
Pricing
AuditBoardBitSight Security Ratings
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
AuditBoardBitSight Security Ratings
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
AuditBoardBitSight Security Ratings
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Best Alternatives
AuditBoardBitSight Security Ratings
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
Rapid7 InsightVM
Rapid7 InsightVM
Score 8.4 out of 10

No answers on this topic

Enterprises
SailPoint Identity Security Cloud
SailPoint Identity Security Cloud
Score 9.0 out of 10
SAP Ariba
SAP Ariba
Score 7.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
AuditBoardBitSight Security Ratings
Likelihood to Recommend
8.0
(10 ratings)
5.0
(1 ratings)
User Testimonials
AuditBoardBitSight Security Ratings
Likelihood to Recommend
AuditBoard
Auditboard is especially useful for SOX control testing. It is very convenient having all our information on a single platform. It is easy to communicate PBC requests to clients, store control testing working papers for review, communicate deficiencies and build dashboards to provide visual statistics. Situations where it might not be useful are for organizations that are smaller in size where the templates don't fit well with their internal audit/controls program. There is a significant amount of testing required before using the platform, and adapting working papers to fit in well with AuditBoard
Read full review
Bitsight Technologies
If you are considering BitSight Security Ratings as a portion or bulk of a larger vendor management project you will be well served in letting the risk scores be an indication of how closely you need to examine a vendor. However, you should not base your assessment solely on the risk score provided. The risk score is based on publicly available data and can be inaccurate.
Read full review
Pros
AuditBoard
  • AuditBoard allows real-time collaboration between control and business owners and auditors.
  • AuditBoard has a lot of fantastic training sessions and office hours to help users make the most of the product.
  • AuditBoard has great customer service personnel to answer questions and troubleshoot any issues.
Read full review
Bitsight Technologies
  • Security hygiene tracking over time
  • Understandable risk score based on observations
  • Predictability model of potential cyber security issues based on security habits.
Read full review
Cons
AuditBoard
  • We used to perform our Risk Control Analysis (RCA) for each audit's planning in an Excel spreadsheet. Once we purchased the Risk Oversight module, AuditBoard helped us convert the RCA to a system function rather than a spreadsheet. At first, we lost some of the functionality the spreadsheet provided, but AuditBoard did continue to help us build and work towards a solution more similar to what we previously had. Though happy with it, it's still not perfect. As one example, I'd like to be able to link actual Ops Audit work steps that cover the risk and controls being outlined in the RCA, rather than just adding a comment to state which steps cover them. More of a preference, I suppose.
  • I also had demoed their beta Resources and Scheduling module, but it didn't have enough functionality at the time to work for how we put the quarterly Internal Audit schedule together (using Excel). One thing I recall was that you couldn't pull in SOX controls or non-chargeable work (such as education or administration) to auditor's schedules; it was meant to schedule the Ops Audits only. It is possible they have already fixed or improved this; I just haven't seen the updated version.
Read full review
Bitsight Technologies
  • Since data is based on public registration IP and domain data can be stale depending on ISP/Domain registration update delays.
  • Correcting a false detection is a month-long endeavor and requires the company with the impacted score to clean up BitSight's data.
  • Customer service for incorrect data is convoluted and requires a deep understanding of domain registration to correct the data. The responsibility for correcting data is placed solely on the customer's shoulders.
Read full review
Alternatives Considered
AuditBoard
I remember there were a lot of sync issues when I used the internally developed software, but that's probably because a few people were working on the same project at the same time. I have not come across this issue in AuditBoard
Read full review
Bitsight Technologies
BitSight Security Ratings ranks evenly with SecurityScorecard and both below OneTrust for our use case. We needed a platform that would let us define risk for our organization and weight scores differently based on data sensitivity. BitSight and SecurityScorecard are aggregate data that can provide insight into the security habits of a potential vendor and should be considered as an addition to most vendor management projects. However, they both provide metrics based on hygiene and not on data-defined risk. In concert with a platform to evaluate risk based on data and to inform the overall evaluation of a vendor, BitSight Security Ratings can be made to shine. Just understand that you may have to validate some data.
Read full review
Return on Investment
AuditBoard
  • Hard to quantify. It was cheaper than the tool we had and we were able to get rid of standalone tool for surveys. overall, just better user experience for all.
Read full review
Bitsight Technologies
  • Wasted resource hours cleaning up data to correct erroneous risk score.
  • Extra time spent addressing calls from clients about erroneous risk score data.
  • Extra time validating risk score provided by BitSight Security Ratings for potential vendors to ensure valid data.
Read full review
ScreenShots