OneTrust Vendor Risk Management, powered by Vendorpedia, the fast-growing intelligence network of third-party vendors, streamlines vendor risk and data processing addendum contract lifecycle workflows
LONDON, Oct. 8, 2018 /PRNewswire/ -- Today at PrivacyTech, the leading event for privacy technology, OneTrust announced a new vendor risk management module integrated into the market-leading privacy management and marketing compliance platform. OneTrust Vendor Risk Management streamlines vendor risk, contract and data processing agreement lifecycle workflows for GDPR and other global privacy law compliance. OneTrust Vendor Risk Management is powered by Vendorpedia, OneTrust's intelligent network of third-party vendors that provides details on security and privacy status, recent incidents, sub-processors and more.
Learn more about OneTrust Vendor Risk Management during our webinar on 16 October at 16:00 CET / 11:00 ET and during PrivacyTech: Introducing Vendor Risk Management: Automating 3rd Party Security & Privacy Risks on 8 October at 13:30 in the Avize Room
The GDPR and other global privacy laws hold data controllers liable for personal data breaches caused by their processors (vendors). As a result, companies need to be acutely aware of their vendor privacy policies, practices, certifications and data processing activities.
The OneTrust Vendor Risk Management is a holistic solution to manage vendors, identify risks and streamline assessment and contract lifestyles. With Vendorpedia, customers can view their vendor's privacy and security status, understand recent breaches and incidents and evaluate fourth-party sub-processors the vendor may be utilising. With templated questionnaires built in partnership with the Cloud Security Alliance (CSA), OneTrust Vendor Risk Management helps customers identify vendor risks, track progress and require third parties to submit evidence when risks are mediated.
Key capabilities of OneTrust's Vendor Risk Management solution includes:
- Vendorpedia by OneTrust, a highly innovative and scalable information sharing network of pre-populated vendor data
- Vendor privacy and security scanning to proactively detect and monitor critical privacy and security terms and credentials for vendors
- Fourth-party supply chain management to auto-detect and auto-assess sub-processors that are used by your vendors
- Vendor and business self-service onboarding and offboarding
- Contract and Data Processor Agreement (DPA) management to track and report on key contractual clauses such as data breach notification terms
- Bulk import and integrations for existing vendors, contracts, and procurement systems
- Built-in standardized assessment frameworks in multiple languages from Cloud Security Alliance (CSA CAIQ), VSA, Share Assessments SIG and SIG-Lite, Google VSAQ, as well as ability to tailor and create custom assessments
- Integration with OneTrust's widely adopted data mapping technology to streamline the task of keeping an organisations data map and records of processing up to date
"Managing vendors can be one of the most burdensome processes for our customers, and OneTrust's Vendor Risk Management module, powered by Vendorpedia, simplifies and streamlines the vendor risk lifecycle for organisations," said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). "With deep integrations into the suite of OneTrust solutions, our customers can now incorporate vendor risk into their comprehensive privacy programme management."
OneTrust Vendor Risk Management is available today. Contact your account executive or visit OneTrust.com for more information.
OneTrust is the global leader in privacy management and marketing compliance software. More than 1,500 customers, including 200 of the Global 2,000, use OneTrust to comply with global data privacy regulations across sectors and jurisdictions, including the EU GDPR, ePrivacy (Cookie Law) and California Consumer Privacy Act. An additional 10,000 organisations use OneTrust's technology through a partnership with the International Association of Privacy Professionals (IAPP), the world's largest global information privacy community.