TrustRadius

OneTrust GRC & Security Assurance Cloud vs. ServiceNow Governance, Risk, and Compliance

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
OneTrust GRC & Security Assurance Cloud
Score 7.9 out of 10
Small Businesses (1-50 employees)
Based on technology acquired from Tugboat Logic and Shared Assesments by OneTrust, the OneTrust GRC and Security Assurance Cloud brings resiliency to organization and supply chain amidst continuous cyber threats, and global crises.
$500
per year
ServiceNow Governance, Risk, and Compliance
Score 8.1 out of 10
N/A
ServiceNow Governance, Risk, and Compliance provides the tools businesses use to proactively manage risk by measuring, testing and auditing internal processes. This solution helps business users ensure compliance to regulations, policies, standards and frameworks. It is available via the Standard, Professional, and Enterprise editions, the latter two supporting GRC and internal auditing processes.N/A
Pricing
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Editions & Modules
Essentials
$500
per year
Startup
$3,000
per year
Growth
$10,000
per year
Midsize
$17,500
per year
Enterprise
Custom
No answers on this topic
Offerings
Pricing Offerings
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsMonthly plans available. During the onboarding process, you can easily transfer your existing set of policies into Tugboat Logic. This also gives you the opportunity to update or supplement your existing policies with current industry standards. If you need a little more than the normal support we provide, additional services are available from Tugboat Logic. Contact us for more details. Visit our pricing page on our website for more details.—
More Pricing Information
Community Pulse
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Features
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Governance, Risk & Compliance
Comparison of Governance, Risk & Compliance features of Product A and Product B
OneTrust GRC & Security Assurance Cloud
-
Ratings
ServiceNow Governance, Risk, and Compliance
8.5
10 Ratings
12% above category average
Common repository of GRC items00 Ratings8.610 Ratings
Risk management00 Ratings9.010 Ratings
Integration with Corporate Performance Management (CPM) systems00 Ratings7.610 Ratings
GRC policy management00 Ratings8.410 Ratings
Incident management00 Ratings8.89 Ratings
Best Alternatives
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Small Businesses
Rencore Code (SPCAF)
Rencore Code (SPCAF)
Score 8.8 out of 10
Rencore Code (SPCAF)
Rencore Code (SPCAF)
Score 8.8 out of 10
Medium-sized Companies
Forcepoint DLP
Forcepoint DLP
Score 8.8 out of 10
Forcepoint DLP
Forcepoint DLP
Score 8.8 out of 10
Enterprises
Forcepoint DLP
Forcepoint DLP
Score 8.8 out of 10
Forcepoint DLP
Forcepoint DLP
Score 8.8 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Likelihood to Recommend
7.4
(2 ratings)
8.0
(11 ratings)
Usability
-
(0 ratings)
7.3
(4 ratings)
Support Rating
-
(0 ratings)
7.4
(4 ratings)
User Testimonials
OneTrust GRC & Security Assurance CloudServiceNow Governance, Risk, and Compliance
Likelihood to Recommend
OneTrust
OneTrust provides a repeatable and defined process for vendor assessments but should be adapted to your organization. OneTrust functions well for a centralized document repository. The pricing of modules and what modules are required for workflows to function fully should be better defined. Automated assessments can wind up in spam filters and should be communicated outside of the platform prior to sending to the vendor.
Verified User
Anonymous
Read full review
ServiceNow
Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.
Verified User
Anonymous
Read full review
Pros
OneTrust
  • Module wise implementation.
  • Very reasonable price structure.
  • Easy and speedy to implement.
  • Product roadmap.
HS
Hiral Shah
Senior Manager Informaiton Security and Compliance
Read full review
ServiceNow
  • Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this.
  • Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these.
  • Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one
Verified User
Anonymous
Read full review
Cons
OneTrust
  • Documentation chasing for assessments is not as automated or hands-off as demos made it seem.
  • Getting custom risk matrix set up required professional onboarding.
  • Platform is less than intuitive.
  • Pricing is module dependent and demos do not highlight which module is included in which workflow.
Verified User
Anonymous
Read full review
ServiceNow
  • Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes.
  • Easier way to implement workflow.
  • Offering better metrics without buying add-on tools.
Nick Bettes, CRISC, MBA | TrustRadius Reviewer
Nick Bettes, CRISC, MBA
IT Risk & Compliance Manager
Read full review
Usability
OneTrust
No answers on this topic
ServiceNow
I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.
Verified User
Anonymous
Read full review
Support Rating
OneTrust
No answers on this topic
ServiceNow
It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.
Verified User
Anonymous
Read full review
Alternatives Considered
OneTrust
During the assessment, we found that OneTrust is easier to use, set up, and administer. it has a quick ROI and value for business. The OneTrust product support and roadmap are far more competitive in comparison to TrustArc. OneTrust is specialized in GRC including Data Privacy and Cookie compliance, where Archer is good in Enterprise Risk management.
HS
Hiral Shah
Senior Manager Informaiton Security and Compliance
Read full review
ServiceNow
We just recently started using TrustArc for data privacy requests and I can already speak to the fact that TrustArc is a more confusing platform once there. The positives of ServiceNow would be that a majority of our URL's drive to owned websites which our employees are very comfortable with using versus pushing them to another website that feels unsafe.
Verified User
Anonymous
Read full review
Return on Investment
OneTrust
  • More uniform vendor assessments.
  • Defensible numeric metrics reflecting risk.
  • Centralized document repository for audit proofs.
Verified User
Anonymous
Read full review
ServiceNow
  • Effective Enterprise Risk Management
  • Holistic Real-time Monitoring of your technology and Risk
  • Negative - Asset Management has some issues and Ghost / Shadow IT is big issue
Varun Khare | TrustRadius Reviewer
Varun Khare
Senior Analyst
Read full review
ScreenShots