OneTrust Joins Cloud Security Alliance to Simplify Vendor Risk Management for GDPR Compliance

At the RSA USA Conference last week, OneTrust, maker of enterprise privacy management software that supports compliance with data privacy regulations, announced it joined the Cloud Security Alliance (CSA), the world’s leader in secure cloud computing best practices. Additionally, Cyber Defense Magazine announced OneTrust earned two top InfoSec Awards for Privacy Management Software and Privacy Expert of the Year.

As a CSA partner, OneTrust streamlines Vendor Risk Management by incorporating General Data Protection Regulation (GDPR) requirements for third-party vendor assessments into an organization’s pre-existing CSA assessment framework. In conjunction, OneTrust announced a first-of-its-kind cloud vendor assessment framework to audit the security controls and privacy program maturity of third-party vendors. The framework assesses third-party vendors to help them meet both the requirements of the General Data Protection Regulation (GDPR) and the necessary cloud vendor security controls as outlined by the CSA.

Leveraging third-party cloud service providers is critical to business operations, and many organizations utilize CSA assessment frameworks when evaluating the security risk of vendors. This assessment process will become increasingly complex as cloud vendors take on the role of processors under GDPR, making them accountable for a variety of new data protection obligations.

As part of CSA, OneTrust’s template library is extended to include CSA-approved security assessments for vendors. Available in the OneTrust template library, OneTrust customers can now utilize the comprehensive GDPR compliance and CSA vendor security template, which combines both OneTrust and CSA best practices.

“OneTrust’s mission is to help organizations simplify their privacy programs and achieve regulatory compliance,” said Blake Brannon, Vice President of Products, OneTrust. “Our integrations with CSA’s framework and assessments helps us further this mission and provide streamlined templates for vendor risk management and cloud security compliance.”

“We’re excited to welcome OneTrust to the Cloud Security Alliance,” said Jim Reavis, CEO, Cloud Security Alliance.  “As a leader in privacy management software, many OneTrust customers will now benefit from CSA’s guidance and best practices to support third-party cloud service provider assessment obligations under GDPR.”

Also at RSA USA, Cyber Defense Magazine awarded OneTrust with two InfoSec Award wins for Privacy Expert of the Year (Editor’s Choice) and Privacy Management Software (Hot Company).