Skip to main content
TrustRadius
OneTrust GRC & Security Assurance Cloud

OneTrust GRC & Security Assurance Cloud
Formerly Shared Assessments + Tugboat Logic

Overview

What is OneTrust GRC & Security Assurance Cloud?

Based on technology acquired from Tugboat Logic and Shared Assesments by OneTrust, the OneTrust GRC and Security Assurance Cloud brings resiliency to organization and supply chain amidst continuous cyber threats, and global crises.

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing

Essentials

$500

Cloud
per year

Startup

$3,000

Cloud
per year

Growth

$10,000

Cloud
per year

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://tugboatlogic.com/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Starting price (does not include set up fee)

  • $500 per year
Return to navigation

Product Details

What is OneTrust GRC & Security Assurance Cloud?

Based on technology acquired from Tugboat Logic and Shared Assesments by OneTrust, the OneTrust GRC and Security Assurance Cloud brings resiliency to organization and supply chain amidst continuous cyber threats, and global crises.

  • Governance & Policy Management - Proactively monitors regulations, streamlines exams and audits, assesses vendor risk, and protect the business with security certification compliance across frameworks.
  • IT Risk & Security Assurance & Third-Party Risk - Inventories and connects IT ecosystem, measures and monitors risk, and informs decisions with role-based reports.
  • Audit & Compliance Management - Streamlines internal compliance audits and offers visibility into audit status with reports and dashboards.

OneTrust GRC & Security Assurance Cloud Features

Governance, Risk & Compliance Features

  • Supported: Common repository of GRC items
  • Supported: Risk management
  • Supported: GRC policy management
  • Supported: Incident management

Additional Features

  • Supported: Security Questionnaire Response
  • Supported: Security Awareness Training
  • Supported: 3rd Party Vendor Risk Management
  • Supported: Onboarding/Offboarding

OneTrust GRC & Security Assurance Cloud Competitors

OneTrust GRC & Security Assurance Cloud Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesUnited States, Canada, United Kingdom, Australia, Europe, Asia, South America, North America
Supported LanguagesEnglish

Frequently Asked Questions

Based on technology acquired from Tugboat Logic and Shared Assesments by OneTrust, the OneTrust GRC and Security Assurance Cloud brings resiliency to organization and supply chain amidst continuous cyber threats, and global crises.

OneTrust GRC & Security Assurance Cloud starts at $500.

Vanta, Drata, and Secureframe are common alternatives for OneTrust GRC & Security Assurance Cloud.

The most common users of OneTrust GRC & Security Assurance Cloud are from Enterprises (1,001+ employees).

OneTrust GRC & Security Assurance Cloud Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)57%
Mid-Size Companies (51-500 employees)40%
Enterprises (more than 500 employees)3%
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

(1-2 of 2)

OneTrust GRC for Mid-Scale Enterprise

Rating: 8 out of 10
June 06, 2022
HS
Vetted Review
Verified User
OneTrust GRC & Security Assurance Cloud
5 years of experience
I had evaluated many GRC but I like OneTrust mini GRC as it is user-friendly, easy to deploy and easy to integrate. The beauty of this software is that, we can implement one by one module (e.g. Vendor/Third-party risk management, Cookie Compliance, IT Risk management etc...). This is an excellent tool for Data privacy management.
  • Module wise implementation.
  • Very reasonable price structure.
  • Easy and speedy to implement.
  • Product roadmap.
Cons
  • Policy management workflow and repository management.
  • IT risk management.
  • Report automation.
OneTrust is well suited for mid-scale IT industries and mid-size infrastructure. OneTrust is excellent in Data privacy and Cookie compliance. And lLess appropriate for large-scale enterprise risk management. It is SSO and ADFS enabled. OneTrust is having great capabilities to integrate with other APIs and third-party security software.
  • Data privacy management.
  • Cookie compliance.
  • Vendor risk management.
  • Reduce third-party risk.
  • Compliance management.
  • GRC experience in reasonable budget.
During the assessment, we found that OneTrust is easier to use, set up, and administer. it has a quick ROI and value for business. The OneTrust product support and roadmap are far more competitive in comparison to TrustArc. OneTrust is specialized in GRC including Data Privacy and Cookie compliance, where Archer is good in Enterprise Risk management.

A trusty platform if you provide the logic

Rating: 7 out of 10
July 14, 2022
Vetted Review
Verified User
OneTrust GRC & Security Assurance Cloud
3 years of experience
We utilize OneTrust for 3rd party risk management and to dictate the frequency of review. Using a risk matrix new vendors brought into the platform are assigned a risk level based on data sensitivity and the inherent risk of the vendor. We then use OneTrust to automate information gathering and to schedule reassessments based on risk category.
  • Centralized repository for documentation of vendor risk.
  • Allows for customizable risk metrics to define inherent risk.
  • Repeatable, defined process for vendor assessments.
Cons
  • Documentation chasing for assessments is not as automated or hands-off as demos made it seem.
  • Getting custom risk matrix set up required professional onboarding.
  • Platform is less than intuitive.
  • Pricing is module dependent and demos do not highlight which module is included in which workflow.
OneTrust provides a repeatable and defined process for vendor assessments but should be adapted to your organization. OneTrust functions well for a centralized document repository. The pricing of modules and what modules are required for workflows to function fully should be better defined. Automated assessments can wind up in spam filters and should be communicated outside of the platform prior to sending to the vendor.
  • Centralized document repository.
  • Repeatable processes.
  • Easily defensible logic for risk based decisions.
  • More uniform vendor assessments.
  • Defensible numeric metrics reflecting risk.
  • Centralized document repository for audit proofs.
OneTrust is more focused on providing an assessment platform than a vendor risk monitoring platform. This difference is why we chose OneTrust. For some, this will be a failure of the product. However, if you take the time to define risk for your organization based on the sensitivity of the data and the inherent risks of a vendor based on infrastructure you will create a unique and understandable metric for risk according to your organization. This adaptability is the strongest feature of OneTrust.
Return to navigation