OneTrust helps organizations manage the complexity of their trust programs

OneTrust unveiled innovations to help organizations manage the complexity of their trust programs, better understand their data to activate and use it, be more resilient against emerging threats, and unlock productivity when navigating compliance.

These innovations include new capabilities across OneTrust’s Trust Intelligence Platform and four clouds: Privacy & Data Governance, GRC & Security Assurance, Ethics & Compliance, and ESG & Sustainability.

“With the increase of importance in first-party data and use of AI, trust has quickly become the ultimate enabler for innovation,” said Blake Brannon, Chief Product and Strategy Officer at OneTrust. “Every innovation you deliver as a business, whether it’s digital or operational, requires trust. At OneTrust, we are building the solutions that enable our customers to transform siloed compliance initiatives into world-class, coordinated trust programs.”

OneTrust’s Trust Intelligence Platform helps companies build and scale trust, surface and mitigate risks, collaborate across data siloes, and go beyond compliance. According to IDC, “OneTrust created a trust platform that not only enables better privacy compliance outcomes for its clients but manages other types of risk.”

OneTrust’s latest innovations include:

Responsible AI

AI Governance: Responsible AI starts with visibility into AI systems, their foundational models, and the datasets used for training. OneTrust AI Governance helps organizations govern AI and mitigate risk across the business. They can discover where AI and ML are being used, built, or procured, and evaluate the risks to demonstrate trust and compliance with global requirements. Maintain an inventory of AI technology across the business. Assess AI for bias, fairness, and transparency against global laws and frameworks. Evaluate use cases, surface risks, and govern every phase of AI development.

Privacy and consent

Localized consent action: Enterprises need scalable and flexible solutions to collect first-party data from global audiences and meet regional compliance requirements. Now, companies can leverage user location to deliver dynamic experiences while enforcing consent in downstream systems. Automate user-tailored engagement and trigger compliance requirements, like double opt-in or location-driven marketing, based on location.

Consent support for TCF2.2, GPP, and Google: OneTrust’s CMP is now Google certified and provides support for IAB TCF 2.2 and GPP for multiple US states. This allows customers to protect ad monetization and deliver consent-based ads by streamlining the collection and transmission of consent signals from sites and apps downstream to ad tech providers.

Data discovery and governance

Data catalog integration: Now, customers can seamlessly integrate OneTrust’s data discovery and classification into existing data catalogs. Enrich data catalogs by automatically synchronizing data, classifications, and regulatory intelligence from OneTrust into data catalogs. Continue using system-of-record for data cataloging while adding data insights from OneTrust.

Access insights dashboards: OneTrust is making it easier for companies to understand what sensitive data risk they have due to inadequate access permissions on sensitive data sets. This allows quick identification of data-related risks present across an organization’s data ecosystem.

Data policy enforcement: In order to reduce data risk and ensure compliance, companies need the tools to build policies and automate mitigating actions. Now, customers can configure new data policies to identify data in violation of data protection and retention policies. Review, triage, and share the policy violations for remediation in the source system. Rescan the violations to validate that remediation efforts were successful.

Technology and enterprise risk and compliance

Compliance automation: Compliance professionals are overloaded managing various frameworks and associated requirements across sprawling operations. OneTrust enables organizations to centrally manage compliance initiatives, scope them based on requirements, and leverage in-depth guidance on more than 30 standards and frameworks, powered by OneTrust’s regulatory intelligence.

Teams can automate evidence collection, assess the status of controls, identify gaps, and generate action plans. Test once, comply many with OneTrust’s proprietary shared evidence framework to seamlessly map evidence across multiple frameworks.

Enterprise risk management: As organizations grow, they are challenged in managing emerging risks in the context of increasingly complex geography and product portfolios. Now, customers can link their Enterprise and Business risks across OneTrust to establish an effective Enterprise Risk Management (ERM) program. Identify risk against business objectives to effectively weigh business opportunities, build a dynamic risk taxonomy to better understand total impact, and define risk appetite to enable effective decision making for downstream risk owners.

Third-party risk management

Third-Party Risk Exchange Enhanced data coverage: The OneTrust Third-Party Risk Exchange has expanded access to third-party risk ratings and critical firmographic information to streamline third-party risk evaluations, monitor for new threats, and trigger automated workflows when new risks arise.

Add immediate insights about third parties by connecting evergreen risk ratings on over 125,000 third parties to existing inventory. Stay on top of data breaches across the third-party ecosystem with a verified data-breach newsfeed from HackNotice. Evaluate the financial health and resilience of third parties with FHR ratings from RapidRatings.

Enhanced third-party due diligence: Gather deeper insights about higher risk third parties with the ability to order Enhanced Due Diligence reports directly in the OneTrust platform. Audit-ready and research-based risk evaluation reports allow organizations to accelerate decision making and apply a risk-based approach to third-party due diligence.

Platform enhancements to build and scale trust programs

Platform search: Customers can pinpoint records in less time by searching across the entire OneTrust platform without specifying a module. View a precise list of records with advanced search, sort, and filtering capabilities.

Workspaces: Workspaces simplifies end-user navigation, making it easier to locate the desired module and more efficiently move between related modules. New capabilities include the segmentation of data within specified workspaces and tailored workspaces designed for specific use cases.

Enhanced insights dashboards: Improved out-of-the-box dashboards and question-and-answer-driven widgets enable customers to uncover new and meaningful program insights, track program success, and identify bottlenecks. Track KPIs and action items with default dashboards, as well as manage and monitor progress on key program activities with detailed reporting on tasks.