Manage ICT third- and fourth-party risks at
scale and drive compliance efficiency
AUSTIN,
Texas, May 22, 2024 /PRNewswire/ -- OneTrust, the
market-defining leader for trust intelligence, today announced the
expansion of OneTrust solutions to help organizations drive
operational resilience and risk management across their extended
enterprise, as well as comply with regulations like the European
Union's (EU) Digital Operational Resilience Act (DORA).
OneTrust offers our customers a
data-driven, risk-based approach and visibility into their extended
enterprise
Through DORA, the EU seeks to strengthen the IT security of
financial entities. The legislation affects not only banks,
insurance companies, and investment firms in the EU, but also
critical information and communications technology (ICT) vendors
that contract with these financial entities. DORA joins several
other regulations, including NIS2,
FCA, and LkSG, which aim to strengthen operational resilience. The
Act's inclusion of ICT third-party risk as part of the overall risk
management framework is a transformative requirement for many
financial entities and the organizations they conduct business
with, making them newly accountable for all downstream risk across
third, fourth, and ultimately nth parties.
"Lack of visibility across third and fourth parties is an
all-too-common challenge that makes it difficult to manage risk
effectively and drive operational resilience," said Matthew Moog, General Manager, Third-Party Risk
at OneTrust. "OneTrust offers our customers a data-driven
risk-based approach, visibility into their extended enterprise, and
robust capabilities to manage ICT risk and third parties
proactively, and at scale. With these solutions, they can
strengthen operational resilience and support compliance
obligations for DORA and beyond."
How OneTrust helps organizations with DORA today
OneTrust provides a comprehensive platform that can help
organizations achieve resilience in the financial sector and
operationalize DORA compliance – most notably for requirements
under ICT third-party risk management and ICT risk management.
- Proactively manage third-party risk: With OneTrust
Third-Party Management, centralize the end-to-end risk management
lifecycle to identify, mitigate, monitor, and analyze third-party
and supply chain risks while driving risk-informed contracting
workflows. Continuous monitoring can also alert ICT management to
weakness, data breaches and more.
- Scale technology risk management: With OneTrust IT
and Security Risk Management inventory and connect entire IT
ecosystems to identify, measure and monitor risk, and inform
decisions to improve security posture and streamline
compliance.
- Drive compliance efficiencies: With Compliance
Automation, streamline ICT control implementations and oversight,
and access out-of-the-box DORA framework with pre-mapped policies,
controls, and evidence tasks unique to the new regulatory
requirements.
- Prepare for compliance audits: OneTrust Audit
Management supports audit readiness by providing an
integrated, yet independent workspace to centralize controls and
workpapers. OneTrust connectivity makes it easy to streamline
evidence collection while testing controls across systems.
- Gain real-time insights across hundreds of regulations and
frameworks: With OneTrust DataGuidance, leverage the
world's most extensive regulatory library that delivers
real-time insights across hundreds of regulations and frameworks,
and built by a network of in-house researchers, hundreds of legal
experts, and translators.
Expanding OneTrust Third-Party Management to further help
meet regulations like DORA
To further help organizations strengthen their digital supply
chain and enhance ICT resilience, OneTrust is delivering several
new OneTrust Third-Party Management capabilities to more
efficiently manage third-party risk, including:
- AI Driven Assessment Auto Complete: Complete assessments
faster on third-party ICT vendors by using AI to parse through SOC
2 reports, evidence, and other documentation.
- Engagements and Contracts Reporting: Strengthen your
ability to identify and assess relevant risk in relation to
contractual arrangements by gaining visibility into key risk and
performance metrics with customizable reporting and visualizations
for engagements and contract attributes.
- Hack Notice Breach Alerts: Get early warning signs
of critical ICT incidents and stay on top of third-party breaches
with custom alerts when new breach information is flagged about any
of your connected third parties, including SEC Disclosure
documentation.
Today, OneTrust Third-Party Management helps organizations
understand their fourth-party security risk posture, apply
automated due diligence screening of fourth parties, and assess
subprocessors through assessments. Along with these capabilities,
OneTrust continues to expand its offerings that strengthen
operational resilience, particularly around fourth and nth parties.
OneTrust will soon introduce several advanced fourth-party
management capabilities, including the ability to automatically
identify, link, and assess fourth and nth parties to efficiently
monitor concentration risk and demonstrate proportionality.
Next steps
- Read our blog: Navigating the Digital Operational Resilience
Act with OneTrust
- Attend the live demo: Building your third-party risk management
program with OneTrust
- Learn about OneTrust's latest innovations to enforce
responsible use of data and AI
About OneTrust
OneTrust unlocks the full
potential of data and AI, securely and responsibly. Our platform
enforces the secure handling of company data, empowering
organizations to drive innovation responsibly while mitigating
risks. With a comprehensive suite of solutions spanning data and AI
security, privacy, governance, risk, ethics, and compliance,
OneTrust enables seamless collaboration between data teams and risk
teams to enable rapid and trusted innovation. Recognized as
the market leader in trust, OneTrust boasts over 300 patents and
serves more than 14,000 customers globally, ranging from industry
giants to small businesses. For more information,
visit www.onetrust.com.
© 2024 OneTrust LLC. All rights reserved. OneTrust and the
OneTrust logo are trademarks or registered trademarks of OneTrust
LLC in the United States and other
jurisdictions. All other brand and product names are trademarks or
registered trademarks of their respective holders.
Media Contact
Ainslee Shea
media@onetrust.com
+1 (404) 855-0803
View original content to download
multimedia:https://www.prnewswire.com/news-releases/onetrust-helps-strengthen-operational-resilience-and-risk-management-to-support-dora-compliance-302152917.html
SOURCE OneTrust