Diligent One Platform offers a unified solution for Governance, Risk, and Compliance (GRC) management, providing a comprehensive overview of risks and insights in one place.
N/A
KCM GRC Platform
Score 7.3 out of 10
N/A
KnowBe4 headquartered in Clearwater offers their governance, risk, compliance platform, the KCM GRC Platform.
N/A
TrustArc
Score 9.0 out of 10
N/A
TrustArc headquartered in San Francisco offers their eponymous data privacy management platform, providing risk assessments, breach management, compliance reporting, among other features.
Diligent Community is well suited for entities in the public sector who need to comply with the Brown Act. Diligent One Platform is not well suitable for those who are not tech savvy. Board members who are older and do not use the Diligent One Platform frequently, are not comfortable using some of the functionality - such as voting - so it still needs to be done on the back-end.
KnowBe4 KCM GRC Platform is well suited for a company that knows what they're doing compliance wise and needs to save time doing it. It won't be something you can spend a few hours on and then put on autopilot. It was made to create a rhythm within your own team, and you'll need to have the buy-in. It's useful for IT and Legal teams that already have a vendor risk management process, but want to have a better handle on it. Giving an outside auditor read-only access to a scope is also a huge time saver.
TrustArc is well suited for a small-to-medium sized digital organization that is concerned about its ability to fulfill data privacy requirements. TrustArc offers an API integration to allow users to handle a larger volume of requests, but I don't have personal experience with this feature. It is a requirement that a cross-functional data privacy team be established in your organization to get the most use out of this product.
Enhance business compliance by maintaining records and documents for all our processes and reports, which allows us to not worry about training new people in case resources are transferred.
We integrated risk assessment tools and business continuity plans, which allowed proactive identification and mitigation of potential business risks.
It helped to secure communication channels with confidential discussions and document sharing among team members and leadership.
Vendor management has a few kinks to work out. We want to be able to do internal questionnaires for vendors as a compliance checklist before we sign off on a contract. Nothing in the works yet, but there are a few workarounds.
The navigation between different tasks in scope is clunky, and it's easy to lose your place, and it forces you back to the main page of the scope to retrace your steps.
I give it a 7. It has had a significant impact on the GRC department in terms of efficiency and effectiveness. At the start it took some time to tailor it to our unique business needs and to set up all our requirements. I would say the superpower of the tool is really here, in terms of time saving in report prep and manual testing. We have really used the control self assessment ability to have a strong impact on the business which helped to improve the internal control culture across the business. The dashboarding abilities had limitations for us and we created our own internal dashboards more suited to our operational needs. There is a steep learning curve for the admin roles who manage the system but I assume this will be the case for most of these types of systems. On the opposite side the end user usability is very good and easy to grasp.
HighBond by Galvanize support has some of the best and fastest support that I have experienced. Though we only contact them through emails, they were quick to provide insightful information about our problems. Whenever we email them about an issue, they would be able to reply in less than an hour, ready and prepared with useful solutions to address the issue.
Support from KnowBe4 KCM GRC Platform is always great. It's always in-house localized support, with excellent response times, and dedicated Customer Success Managers to answer the bulk of your questions or take your suggestions and make them a feature request. They will also reach out at least quarterly and do health checks to make sure you're using the platform to the best of your ability.
We’re pretty satisfied with the implementation offering and the reading experiences provided. With our quarterly audits, this tool has made the task much more accessible. The outcome of version control of documents is easy to accomplish, and gathering all the records in one place makes it more accessible.
I'm excited about diligent due to the fact that they provide many tools to support compliance through use of analytics and testing processes. We also use FloQast, for which I'm an advocate for, however I'm not sure they have expanded yet to support analytics and testing. I don't have any further experience with other products
Quantivate and Fusion were the other two options we checked out. The quantity was high, and a good bit more expensive, but it was the best performing with its platform. They also had more modules that each cost extra to add to your subscription. KnowBe4 KCM GRC Platform was all-in-one and a little less mature, but the better buy. Fusion was hard to follow in the demo, and I was not overly impressed. I may have made my decision early enough in the demo to not pay much more attention to it.
OneTrust offers a similar product offering to TrustArc. Our organization had a legacy relationship with TrustArc with respect to its online cookie management preference solution. OneTrust product offerings do provide much of the same functionality as TrustArc and is worthy of consideration if you are evaluating vendors in this space.
A lot of time and efficiency has been saved for my team as we continue to find different ways to automate tests, continuous monitoring projects, etc. We have been able to shift our focus on enhancement projects that previously had been on the back burner until we had switched to the Diligent One Platform.
