AI Governance

Establishing an AI governance committee: An inside look at OneTrust’s process

Diverse AI governance committees are key to helping organizations mitigate risk and use AI responsibly. Learn more about what goes into establishing an AI governance committee.

Adomas Siudika

November 30, 2023 7 min

Internal Audit Management

SOC 2 compliance checklist: 8 steps to prepare your organization

Find the right SOC 2 compliance software that provides the features that best serve your business.

November 28, 2023 7 min

Internal Audit Management

SOC 2 compliance checklist: 8 steps to prepare your organization

Find the right SOC 2 compliance software that provides the features that best serve your business.

November 28, 2023 7 min

Responsible AI

UK AI Bill introduced in House of Lords

On November 23, 2023, UK Parliament introduced the Artificial Intelligence (Regulation) Bill to the House of Lords. Read on to learn more.

Robb Hiscock

November 27, 2023 4 min

Responsible AI

UK AI Bill introduced in House of Lords

On November 23, 2023, UK Parliament introduced the Artificial Intelligence (Regulation) Bill to the House of Lords. Read on to learn more.

Robb Hiscock

November 27, 2023 4 min

Responsible AI

What you need to know about conformity assessments under the EU AI Act

Providers of high-risk AI systems have to meet Conformity Assessment requirements under the EU AI Act before their system can be put on the market. Read the blog to learn more.

Lauren Diethelm

November 20, 2023 4 min

Responsible AI

What you need to know about conformity assessments under the EU AI Act

Providers of high-risk AI systems have to meet Conformity Assessment requirements under the EU AI Act before their system can be put on the market. Read the blog to learn more.

Lauren Diethelm

November 20, 2023 4 min

Third-Party Due Diligence

Compliance check: The art of enhanced due diligence for third parties

Learn how to apply enhanced due diligence to third parties when thorough scrutiny is needed to preserve your company’s values and ensure compliance with laws and regulations. 

Jisha Dymond

November 16, 2023 5 min

Third-Party Due Diligence

Compliance check: The art of enhanced due diligence for third parties

Learn how to apply enhanced due diligence to third parties when thorough scrutiny is needed to preserve your company’s values and ensure compliance with laws and regulations. 

Jisha Dymond

November 16, 2023 5 min

AI Governance

What is an AI inventory, and why do you need one?

When starting an AI governance program, one of the first and most important steps is setting up an AI inventory. Learn more about why inventories matter, and how you can create one.

Bex Evans

November 15, 2023 3 min

AI Governance

What is an AI inventory, and why do you need one?

When starting an AI governance program, one of the first and most important steps is setting up an AI inventory. Learn more about why inventories matter, and how you can create one.

Bex Evans

November 15, 2023 3 min

ESG Program Management

Understanding new SEC ESG disclosure requirements

The SEC ESG disclosures ensure that financial institutions in the US report on the environmental impact of their investments. Read the blog to learn more.

Param Gopalasamy

November 14, 2023 5 min

ESG Program Management

Understanding new SEC ESG disclosure requirements

The SEC ESG disclosures ensure that financial institutions in the US report on the environmental impact of their investments. Read the blog to learn more.

Param Gopalasamy

November 14, 2023 5 min

ESG Program Management

Getting to know the Task Force on Climate-related Financial Disclosures (TCFD)

A primer on the TCFD framework—what it is, why it matters, and how it’s being adopted around the world

Param Gopalasamy

November 13, 2023 5 min

ESG Program Management

Getting to know the Task Force on Climate-related Financial Disclosures (TCFD)

A primer on the TCFD framework—what it is, why it matters, and how it’s being adopted around the world

Param Gopalasamy

November 13, 2023 5 min

AI Governance

Navigating the Draft EU AI Act

The ongoing trilogue in the EU around finalizing the EU AI Act continues to inch closer to a decision. In the meantime, learn more about what this monumental regulation means for your organization.

Param Gopalasamy

November 13, 2023 13 min

AI Governance

Navigating the Draft EU AI Act

The ongoing trilogue in the EU around finalizing the EU AI Act continues to inch closer to a decision. In the meantime, learn more about what this monumental regulation means for your organization.

Param Gopalasamy

November 13, 2023 13 min

Consent & Preferences

A new era of behavioral advertising?

With recent enforcement decisions from authoritative bodies in Europe, organizations need to take a look at how they view consent for behavioral advertising. 

Param Gopalasamy

November 08, 2023 4 min

Consent & Preferences

A new era of behavioral advertising?

With recent enforcement decisions from authoritative bodies in Europe, organizations need to take a look at how they view consent for behavioral advertising. 

Param Gopalasamy

November 08, 2023 4 min

Third-Party Risk

Are your third parties a privacy compliance liability?

What role do third parties play in your privacy compliance efforts? Learn how the two functions overlap and ways to keep data secure across your supply chain.

Katrina Dalao

November 07, 2023 10 min

Third-Party Risk

Are your third parties a privacy compliance liability?

What role do third parties play in your privacy compliance efforts? Learn how the two functions overlap and ways to keep data secure across your supply chain.

Katrina Dalao

November 07, 2023 10 min

AI Governance

What you need to know about… Generative AI

Ever heard of generative AI? Of course you have. We all have. The next time it comes up in conversation, this blog will help you appear intelligible on the topic. You’re welcome.

Param Gopalasamy

November 03, 2023 10 min

AI Governance

What you need to know about… Generative AI

Ever heard of generative AI? Of course you have. We all have. The next time it comes up in conversation, this blog will help you appear intelligible on the topic. You’re welcome.

Param Gopalasamy

November 03, 2023 10 min

Privacy Management

What the G7 Code of Conduct means for your business

Recognizing the immense impact of AI, the G7’s Code is the latest in a series of recent and upcoming developments concerning guidance around AI. 

Param Gopalasamy

October 31, 2023 4 min

Privacy Management

What the G7 Code of Conduct means for your business

Recognizing the immense impact of AI, the G7’s Code is the latest in a series of recent and upcoming developments concerning guidance around AI. 

Param Gopalasamy

October 31, 2023 4 min

Responsible AI

President Biden issues Executive Order on Safe, Secure, and Trustworthy AI

On October 30, the Biden-Harris administration issued an Executive Order on Safe, Secure, and Trustworthy AI. Read the blog to learn more. 

Lauren Diethelm

October 31, 2023 6 min

Data Discovery & Security

Data is the new currency: How to protect financial services information

The heavily-regulated financial services industry requires a thoughtful process for governing data.

Jason Koestenblatt

October 13, 2023 5 min

Data Discovery & Security

Data is the new currency: How to protect financial services information

The heavily-regulated financial services industry requires a thoughtful process for governing data.

Jason Koestenblatt

October 13, 2023 5 min

Third-Party Risk

Trust talks: Actioning trust-based cybersecurity from individual to enterprise

Security teams can help create and champion organizational trust despite interdepartmental silos

Jason Koestenblatt

October 09, 2023 4 min

GRC & Security Assurance

Digital transformation and the evolving cybersecurity landscape

As the technological landscape continues to evolve, teams are seeing increases in compliance obligations, regulations, and the proliferation of cloud technology.

Scott Solomon

October 09, 2023 3 min

Third-Party Risk

Trust talks: Actioning trust-based cybersecurity from individual to enterprise

Security teams can help create and champion organizational trust despite interdepartmental silos

Jason Koestenblatt

October 09, 2023 4 min

GRC & Security Assurance

Digital transformation and the evolving cybersecurity landscape

As the technological landscape continues to evolve, teams are seeing increases in compliance obligations, regulations, and the proliferation of cloud technology.

Scott Solomon

October 09, 2023 3 min

Data Discovery & Security

Data governance principles: 4 best practices

Discovery and classification are necessary in data governance, but clarity and accountability are at the root of collaboration

Sam Curcuruto

October 05, 2023 3 min

Data Discovery & Security

Data governance principles: 4 best practices

Discovery and classification are necessary in data governance, but clarity and accountability are at the root of collaboration

Sam Curcuruto

October 05, 2023 3 min

GRC & Security Assurance

Cybersecurity Awareness Month resource hub

The cybersecurity awareness hub pulls resources from our experts on the Security CoE, GRC, Privacy, DataGuidance, and TPRM teams to a central resource.

Jason Koestenblatt, Team Lead, Content Marketing

October 02, 2023 3 min

GRC & Security Assurance

October is Cybersecurity Awareness Month. So, what?

The Cybersecurity and Infrastructure Security Agency’s (CISA) created cybersecurity awareness month with the intent to educate and promote online safety.

Scott Solomon

October 02, 2023 3 min

GRC & Security Assurance

Cybersecurity Awareness Month resource hub

The cybersecurity awareness hub pulls resources from our experts on the Security CoE, GRC, Privacy, DataGuidance, and TPRM teams to a central resource.

Jason Koestenblatt, Team Lead, Content Marketing

October 02, 2023 3 min

GRC & Security Assurance

October is Cybersecurity Awareness Month. So, what?

The Cybersecurity and Infrastructure Security Agency’s (CISA) created cybersecurity awareness month with the intent to educate and promote online safety.

Scott Solomon

October 02, 2023 3 min

Data Discovery & Security

Data governance builds trust, drives positive healthcare outcomes

Discovering and governing sensitive healthcare data helps professionals focus on treatment.

Sam Curcuruto

September 26, 2023 4 min

Data Discovery & Security

Data governance builds trust, drives positive healthcare outcomes

Discovering and governing sensitive healthcare data helps professionals focus on treatment.

Sam Curcuruto

September 26, 2023 4 min

Privacy Management

What the new UK-US Data Bridge means for your organization

Businesses in the UK can now transfer personal data to DPF certified US-based organizations

Marco Barone

September 25, 2023 6 min

Privacy Management

What the new UK-US Data Bridge means for your organization

Businesses in the UK can now transfer personal data to DPF certified US-based organizations

Marco Barone

September 25, 2023 6 min

Privacy Management

Exploring the ROI of your privacy program

Learn how investing in a privacy program can have a major impact on your organization's ROI.

Bex Evans

September 20, 2023 11 min

Privacy Management

Exploring the ROI of your privacy program

Learn how investing in a privacy program can have a major impact on your organization's ROI.

Bex Evans

September 20, 2023 11 min

AI Governance

Embracing responsible AI: Presenting OneTrust AI Governance

Explore how OneTrust AI Governance addresses the growing challenges of AI governance, ensuring visibility, lifecycle management, and risk mitigation in an ever-evolving landscape.

Riyaz Habibbhai

September 18, 2023 3 min

GRC & Security Assurance

Making enterprise risk manageable for the CISO

Created internally or externally, organizations are handling tons of data — all of which can impact your risk posture. Learn more about empowering the business with enterprise risk management.

Riyaz Habibbhai

September 18, 2023 3 min

GRC & Security Assurance

Collect once, comply many: Scale your resources and optimize compliance

Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.

Riyaz Habibbhai

September 18, 2023 5 min

GRC & Security Assurance

Collect once, comply many: Scale your resources and optimize compliance

Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.

Riyaz Habibbhai

September 18, 2023 5 min

AI Governance

Embracing responsible AI: Presenting OneTrust AI Governance

Explore how OneTrust AI Governance addresses the growing challenges of AI governance, ensuring visibility, lifecycle management, and risk mitigation in an ever-evolving landscape.

Riyaz Habibbhai

September 18, 2023 3 min

GRC & Security Assurance

Making enterprise risk manageable for the CISO

Created internally or externally, organizations are handling tons of data — all of which can impact your risk posture. Learn more about empowering the business with enterprise risk management.

Riyaz Habibbhai

September 18, 2023 3 min

Data Discovery & Classification

How to better govern your unstructured data

Learn how data governance can help protect your customers' sensitive data as well as meet the legal and security challenges posed by unstructured data.

Jason Koestenblatt

September 13, 2023 5 min

Data Discovery & Classification

How to better govern your unstructured data

Learn how data governance can help protect your customers' sensitive data as well as meet the legal and security challenges posed by unstructured data.

Jason Koestenblatt

September 13, 2023 5 min

Data Discovery & Security

What is data governance?

Learn how to build an effective data governance program and the tools you need to unlock the value of your data.

Jason Koestenblatt

September 06, 2023 5 min

Data Discovery & Security

What is data governance?

Learn how to build an effective data governance program and the tools you need to unlock the value of your data.

Jason Koestenblatt

September 06, 2023 5 min

Consent & Preferences

OneTrust integrates with Salesforce to enable trusted data use

Marketers are data-driven and need to capture and process data through different systems, including Salesforce Marketing Cloud and Sales Cloud.

Ashlea Cartee

September 06, 2023 3 min

Consent & Preferences

OneTrust integrates with Salesforce to enable trusted data use

Marketers are data-driven and need to capture and process data through different systems, including Salesforce Marketing Cloud and Sales Cloud.

Ashlea Cartee

September 06, 2023 3 min

Consent & Preferences

OneTrust and Snowflake: Manage consent and enable effective data governance

Enabling data teams to better understand where sensitive data lives in the Data Cloud, use data responsibly, and ensure proper consent is granted for personal data access and use

Param Gopalasamy

August 31, 2023 5 min

Consent & Preferences

OneTrust and Snowflake: Manage consent and enable effective data governance

Enabling data teams to better understand where sensitive data lives in the Data Cloud, use data responsibly, and ensure proper consent is granted for personal data access and use

Param Gopalasamy

August 31, 2023 5 min

Speak-Up Program Management

What you need to know about… whistleblowers (and UFOs)

Learn what it means to be a whistleblower and about the global regulations designed to protect them.

Param Gopalasamy

August 22, 2023 7 min

Speak-Up Program Management

What you need to know about… whistleblowers (and UFOs)

Learn what it means to be a whistleblower and about the global regulations designed to protect them.

Param Gopalasamy

August 22, 2023 7 min

Consent & Preferences

Navigating TCF 2.2 and Google’s consent management platform requirements

Learn how TCF 2.2 affects Google's consent management platform's (CMP) requirements and what you need to know to achieve compliance.

August 11, 2023 6 min

Consent & Preferences

Navigating TCF 2.2 and Google’s consent management platform requirements

Learn how TCF 2.2 affects Google's consent management platform's (CMP) requirements and what you need to know to achieve compliance.

August 11, 2023 6 min

Privacy Management

India passes Digital Personal Data Protection Bill

On August 9, 2023, the Digital Personal Data Protection Bill was passed through the Upper House of Parliament in India. Here’s what you need to know about the Bill.

Robb Hiscock

August 11, 2023 6 min

Privacy Management

India passes Digital Personal Data Protection Bill

On August 9, 2023, the Digital Personal Data Protection Bill was passed through the Upper House of Parliament in India. Here’s what you need to know about the Bill.

Robb Hiscock

August 11, 2023 6 min

Internal Audit Management

What is NIST CSF? Everything you need to know

Learn about the NIST CSF and explore how this cybersecurity framework may benefit your organization.

Katrina Dalao

August 10, 2023 7 min

Internal Audit Management

What is NIST CSF? Everything you need to know

Learn about the NIST CSF and explore how this cybersecurity framework may benefit your organization.

Katrina Dalao

August 10, 2023 7 min

Internal Audit Management

What’s the difference between NIST 800-53 vs. NIST 800-171?

Understand which cybersecurity framework applies to your organization

Katrina Dalao

August 08, 2023 9 min

Internal Audit Management

What’s the difference between NIST 800-53 vs. NIST 800-171?

Understand which cybersecurity framework applies to your organization

Katrina Dalao

August 08, 2023 9 min

ESG Program Management

What is the EU Digital Rights and Principles Directive?

Learn the key points of the EU Digital Rights and Principles Directive and what best practices to consider when achieving compliance.

Param Gopalasamy

August 04, 2023 5 min

ESG Program Management

What is the EU Digital Rights and Principles Directive?

Learn the key points of the EU Digital Rights and Principles Directive and what best practices to consider when achieving compliance.

Param Gopalasamy

August 04, 2023 5 min

Internal Audit Management

PCI DSS 4.0: Your questions answered

Prepare your organization for PCI DSS 4.0 with these resources from audit and security professionals.

August 02, 2023 8 min

Internal Audit Management

PCI DSS 4.0: Your questions answered

Prepare your organization for PCI DSS 4.0 with these resources from audit and security professionals.

August 02, 2023 8 min

ESG Program Management

What is the EU Due Diligence Act?

Learn how this directive aims to make EU corporations accountable for their environmental and social impact

Param Gopalasamy

August 02, 2023 5 min

ESG Program Management

What is the EU Due Diligence Act?

Learn how this directive aims to make EU corporations accountable for their environmental and social impact

Param Gopalasamy

August 02, 2023 5 min

Privacy Management

A guide to Privacy by Design

The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story. 

Robb Hiscock

August 02, 2023 6 min

Privacy Management

A guide to Privacy by Design

The concept of Privacy by Design should be familiar to most privacy professionals but understanding how to implement it can be a different story. 

Robb Hiscock

August 02, 2023 6 min

Trust Transformation

Does your organization need a Trust Office?

Instead of ‘business as usual,’ organizations should focus on building trustworthy products through processes and people

Andrew Clearwater

July 25, 2023 6 min

Trust Transformation

Does your organization need a Trust Office?

Instead of ‘business as usual,’ organizations should focus on building trustworthy products through processes and people

Andrew Clearwater

July 25, 2023 6 min

Trust Transformation

TrustWeek 2023: Agenda now live

The ultimate conference for privacy, security, marketing, ethics, and ESG professionals comes to life with sessions on AI, IT risk, third party management, and more

July 19, 2023 5 min

Trust Transformation

TrustWeek 2023: Agenda now live

The ultimate conference for privacy, security, marketing, ethics, and ESG professionals comes to life with sessions on AI, IT risk, third party management, and more

July 19, 2023 5 min

Consent & Preferences

The ultimate guide to first-party data

Learn the best way to connect with your customers by building a first-party data marketing strategy.

Param Gopalasamy

July 13, 2023 18 min

AI Governance

Approaching the OECD Framework for the Classification of AI Systems

Artificial Intelligence has the power to unlock benefits for businesses and society. However, it also poses significant risks that can be managed through frameworks such as the OECD’s.

Bex Evans

July 13, 2023 9 min

AI Governance

Approaching the OECD Framework for the Classification of AI Systems

Artificial Intelligence has the power to unlock benefits for businesses and society. However, it also poses significant risks that can be managed through frameworks such as the OECD’s.

Bex Evans

July 13, 2023 9 min

Consent & Preferences

The ultimate guide to first-party data

Learn the best way to connect with your customers by building a first-party data marketing strategy.

Param Gopalasamy

July 13, 2023 18 min

Responsible AI

Unpacking the EU AI Act and its impact on the UK

Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Responsible AI

Unpacking the EU AI Act and its impact on the UK

Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Privacy Management

Delaware becomes twelfth state to pass comprehensive privacy act

The Delaware Personal Data Protection Act is set to become the twelfth privacy act in the US introducing a range of obligations on businesses that operate in the state. 

Robb Hiscock

July 12, 2023 6 min

Privacy Management

Delaware becomes twelfth state to pass comprehensive privacy act

The Delaware Personal Data Protection Act is set to become the twelfth privacy act in the US introducing a range of obligations on businesses that operate in the state. 

Robb Hiscock

July 12, 2023 6 min

Privacy & Data Governance

EU-US Data Privacy Framework: A brief history

The EU-US DPF is the latest chapter in a story that has been ongoing for over two decades, but how did we get here?

Robb Hiscock

July 12, 2023 5 min

Privacy & Data Governance

EU-US Data Privacy Framework: A brief history

The EU-US DPF is the latest chapter in a story that has been ongoing for over two decades, but how did we get here?

Robb Hiscock

July 12, 2023 5 min

Third-Party Risk

How to start a third-party risk management program: Implement effective processes across your organization

Learn how to implement an effective third-party risk management program that meets your organization's needs.

Katrina Dalao

July 11, 2023 5 min

Third-Party Risk

How to start a third-party risk management program: Monitor and maintain performance

How to start a third-party risk management program: Monitor and maintain performance

Katrina Dalao

July 11, 2023 5 min

Third-Party Risk

How to start a third-party risk management program: Get leadership buy-in

Create a TPRM program that addresses your organization’s highest security risks and aligns with strategic objectives

Katrina Dalao

July 11, 2023 5 min

Third-Party Risk

How to start a third-party risk management program: Implement effective processes across your organization

Learn how to implement an effective third-party risk management program that meets your organization's needs.

Katrina Dalao

July 11, 2023 5 min

Third-Party Risk

How to start a third-party risk management program: Monitor and maintain performance

How to start a third-party risk management program: Monitor and maintain performance

Katrina Dalao

July 11, 2023 5 min

Third-Party Risk

How to start a third-party risk management program: Get leadership buy-in

Create a TPRM program that addresses your organization’s highest security risks and aligns with strategic objectives

Katrina Dalao

July 11, 2023 5 min

Internal Audit Management

What's new in PCI DSS v4.0: How to prepare your organization

Keep your account data safe with the latest payment security standard

Katrina Dalao

July 10, 2023 7 min

Internal Audit Management

What's new in PCI DSS v4.0: How to prepare your organization

Keep your account data safe with the latest payment security standard

Katrina Dalao

July 10, 2023 7 min

Privacy Management

European Commission adopts adequacy decision for EU-US Data Privacy Framework

On July 10, 2023, the European Commission adopted its adequacy decision on the EU-US Data Privacy Framework restoring an important data transfer mechanism between the EU and US.

Robb Hiscock

July 10, 2023 7 min

Privacy Management

European Commission adopts adequacy decision for EU-US Data Privacy Framework

On July 10, 2023, the European Commission adopted its adequacy decision on the EU-US Data Privacy Framework restoring an important data transfer mechanism between the EU and US.

Robb Hiscock

July 10, 2023 7 min

Privacy Management

US privacy law: When to conduct a Privacy Impact Assessment and what to include

Privacy Impact Assessments are commonplace among most modern privacy laws but understanding your requirements in a patchwork of US state privacy can be challenging.

Robb Hiscock

July 05, 2023 9 min

Privacy Management

US privacy law: When to conduct a Privacy Impact Assessment and what to include

Privacy Impact Assessments are commonplace among most modern privacy laws but understanding your requirements in a patchwork of US state privacy can be challenging.

Robb Hiscock

July 05, 2023 9 min

Consent & Preferences

What you need to know about... Data protection in a Black Mirror world

Unraveling Black Mirror's privacy snafus: When science fiction meets reality, but forgets to do its privacy law homework

Param Gopalasamy

June 30, 2023 15 min

Consent & Preferences

What you need to know about... Data protection in a Black Mirror world

Unraveling Black Mirror's privacy snafus: When science fiction meets reality, but forgets to do its privacy law homework

Param Gopalasamy

June 30, 2023 15 min

Third-Party Risk

How to start a third-party risk management program: Understand the types of third-party risks

Learn about the different types of third-party risks and how to address each one

Katrina Dalao

June 29, 2023 6 min

Third-Party Risk

How to start a third-party risk management program: Understand the types of third-party risks

Learn about the different types of third-party risks and how to address each one

Katrina Dalao

June 29, 2023 6 min

Privacy Management

Oregon passes comprehensive privacy bill. Awaits Governor’s signature

Oregon becomes the 11th state to pass comprehensive privacy law that becomes effective on July 1, 2024

Robb Hiscock

June 28, 2023 6 min

Privacy Management

Oregon passes comprehensive privacy bill. Awaits Governor’s signature

Oregon becomes the 11th state to pass comprehensive privacy law that becomes effective on July 1, 2024

Robb Hiscock

June 28, 2023 6 min

Privacy Management

Quebec’s Law 25: What is it and what do you need to know?

Privacy in Quebec has undergone a significant overhaul under Law 25 (previously known as Bill 64). The province will see several new requirements becoming effective in September 2023. 

Robb Hiscock

June 27, 2023 6 min

Privacy Management

Quebec’s Law 25: What is it and what do you need to know?

Privacy in Quebec has undergone a significant overhaul under Law 25 (previously known as Bill 64). The province will see several new requirements becoming effective in September 2023. 

Robb Hiscock

June 27, 2023 6 min

Third-Party Due Diligence

The global regulations driving third-party due diligence

We cover the key regulations to know for managing third-party risk

Kelly Maxwell

June 21, 2023 6 min

Third-Party Due Diligence

The global regulations driving third-party due diligence

We cover the key regulations to know for managing third-party risk

Kelly Maxwell

June 21, 2023 6 min

Privacy Management

Preparing for new privacy legislation in Canada – Part three

Bill C-27 will introduce the Artificial Intelligence and Data Act to help regulate the responsible use and development of AI in Canada. 

Neil Saddington

June 20, 2023 5 min

Privacy Management

Preparing for new privacy legislation in Canada – Part three

Bill C-27 will introduce the Artificial Intelligence and Data Act to help regulate the responsible use and development of AI in Canada. 

Neil Saddington

June 20, 2023 5 min

Data Discovery & Classification

Shifting left: Classifying and managing data sprawl at collection

Learn how to effectively discover and classify data by staring near the point of data collection to avoid data sprawl and inaccuracies.

June 15, 2023 2 min

What is a PCI DSS self-assessment questionnaire?

Self-assessment questionnaires help evaluate and prove PCI DSS compliance. Find out which SAQ is right for your organization

Katrina Dalao

June 15, 2023 5 min

Data Discovery & Classification

Shifting left: Classifying and managing data sprawl at collection

Learn how to effectively discover and classify data by staring near the point of data collection to avoid data sprawl and inaccuracies.

June 15, 2023 2 min

What is a PCI DSS self-assessment questionnaire?

Self-assessment questionnaires help evaluate and prove PCI DSS compliance. Find out which SAQ is right for your organization

Katrina Dalao

June 15, 2023 5 min

Internal Audit Management

What is PCI DSS?

Learn the basics about PCI DSS, how it applies to your organization, and what you need to prove compliance.

Katrina Dalao

June 14, 2023 7 min

Internal Audit Management

What is PCI DSS?

Learn the basics about PCI DSS, how it applies to your organization, and what you need to prove compliance.

Katrina Dalao

June 14, 2023 7 min

Data Discovery & Classification

Discover and connect to all your data in any environment

OneTrust Data Discovery has mass coverage with 200 pre-built connectors, and an open SDK for custom data sources

Sam Curcuruto

June 08, 2023 2 min

Data Discovery & Classification

Discover and connect to all your data in any environment

OneTrust Data Discovery has mass coverage with 200 pre-built connectors, and an open SDK for custom data sources

Sam Curcuruto

June 08, 2023 2 min

Consent & Preferences

IAB TCF 2.2: What you need to know

IAB Europe updated their Transparency and Consent Framework to improve data privacy for users around how organizations collect and process data

Ryan Karlin

June 06, 2023 4 min

Privacy & Data Governance

Preparing for new privacy legislation in Canada: Part two

Bill C-27 is set to overhaul privacy law in Canada. Part 2 of the bill proposes a substantial transformation in the enforcement of the CPPA through a new organization.

Neil Saddington

June 06, 2023 5 min

Consent & Preferences

IAB TCF 2.2: What you need to know

IAB Europe updated their Transparency and Consent Framework to improve data privacy for users around how organizations collect and process data

Ryan Karlin

June 06, 2023 4 min

Privacy & Data Governance

Preparing for new privacy legislation in Canada: Part two

Bill C-27 is set to overhaul privacy law in Canada. Part 2 of the bill proposes a substantial transformation in the enforcement of the CPPA through a new organization.

Neil Saddington

June 06, 2023 5 min

Consent & Preferences

What you need to know about first-party data

We cover the basics of first-party data and why it's so important in the digital age.

Param Gopalasamy

June 06, 2023 4 min

Consent & Preferences

What you need to know about first-party data

We cover the basics of first-party data and why it's so important in the digital age.

Param Gopalasamy

June 06, 2023 4 min

Data Discovery & Classification

How does Microsoft 365 integrate with OneTrust Data Discovery?

Learn how OneTrust Data Discovery integrates with Microsoft 365 to build an all-encompassing, centralized data catalog out of your unstructured data.

Sam Curcuruto

June 02, 2023 3 min

Data Discovery & Classification

How does Microsoft 365 integrate with OneTrust Data Discovery?

Learn how OneTrust Data Discovery integrates with Microsoft 365 to build an all-encompassing, centralized data catalog out of your unstructured data.

Sam Curcuruto

June 02, 2023 3 min

Third-Party Risk

HackNotice and OneTrust partner for deeper third-party threat intelligence

OneTrust customers can take advantage of HackNotice’s near real-time breach alerts.

June 01, 2023 3 min

Third-Party Risk

HackNotice and OneTrust partner for deeper third-party threat intelligence

OneTrust customers can take advantage of HackNotice’s near real-time breach alerts.

June 01, 2023 3 min

Privacy Management

Assessing your international data transfers post-DPC ruling

The recent decision cast fresh doubt over the effectiveness of transfer safeguards and supplementary measures in conjunction with the practical application of third-country surveillance laws. 

Linda Thielova

June 01, 2023 8 min

Privacy Management

Assessing your international data transfers post-DPC ruling

The recent decision cast fresh doubt over the effectiveness of transfer safeguards and supplementary measures in conjunction with the practical application of third-country surveillance laws. 

Linda Thielova

June 01, 2023 8 min

Privacy Management

Florida looks to pass Digital Bill of Rights

The bill now awaits the Governor’s signature, which would allow consumers more visibility into their data that’s been collected by businesses 

Alexis Kateifides

May 31, 2023 5 min

Privacy Management

Florida looks to pass Digital Bill of Rights

The bill now awaits the Governor’s signature, which would allow consumers more visibility into their data that’s been collected by businesses 

Alexis Kateifides

May 31, 2023 5 min

Privacy & Data Governance

Google Play Store data requirements (and how to handle them)

The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant

Ashlea Cartee

May 31, 2023 7 min

Privacy & Data Governance

Google Play Store data requirements (and how to handle them)

The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant

Ashlea Cartee

May 31, 2023 7 min

Privacy Management

Data Privacy and Security Act passed in Texas

The Texas Data Privacy and Security Act will become the fifth piece of US privacy legislation to pass this year and, once signed, will become effective on July 1, 2024.

Robb Hiscock

May 31, 2023 6 min

Privacy Management

Data Privacy and Security Act passed in Texas

The Texas Data Privacy and Security Act will become the fifth piece of US privacy legislation to pass this year and, once signed, will become effective on July 1, 2024.

Robb Hiscock

May 31, 2023 6 min

Privacy Management

3 priorities for the French DPO: Priority 3 – automate

Automation is key to freeing up valuable time and resources that can then be dedicated to other areas of your compliance program.

Robb Hiscock

May 30, 2023 6 min

Privacy Management

3 priorities for the French DPO: Priority 3 – automate

Automation is key to freeing up valuable time and resources that can then be dedicated to other areas of your compliance program.

Robb Hiscock

May 30, 2023 6 min

Data Discovery & Classification

How a data discovery solution keeps your organization secure

Finding and classifying data is just the first step in your discovery and security process

Jason Koestenblatt

May 25, 2023 5 min

Data Discovery & Classification

How a data discovery solution keeps your organization secure

Finding and classifying data is just the first step in your discovery and security process

Jason Koestenblatt

May 25, 2023 5 min

Data Discovery & Security

ROT data is a security issue: How are you handling it?

Automating data discovery is the first step in classifying obsolete digital information

Sam Curcuruto

May 23, 2023 3 min

Privacy Management

Reflecting on 5 years of the GDPR

Look back on five years of the EU’s General Data Protection Regulation with expert views infographics, eBooks, and more

Robb Hiscock

May 23, 2023 5 min

Data Discovery & Security

ROT data is a security issue: How are you handling it?

Automating data discovery is the first step in classifying obsolete digital information

Sam Curcuruto

May 23, 2023 3 min

Privacy Management

Reflecting on 5 years of the GDPR

Look back on five years of the EU’s General Data Protection Regulation with expert views infographics, eBooks, and more

Robb Hiscock

May 23, 2023 5 min

Consent & Preferences

First party data 101: What your marketing team needs to know

Read more to answer frequently asked questions around first-party data and how your organization can take advantage of it

Ashlea Cartee

May 23, 2023 6 min

Consent & Preferences

First party data 101: What your marketing team needs to know

Read more to answer frequently asked questions around first-party data and how your organization can take advantage of it

Ashlea Cartee

May 23, 2023 6 min

Data Discovery & Classification

Data discovery helps governance teams stay secure

Data governance is needed for organizations to meet compliance requirements

Sam Curcuruto

May 18, 2023 3 min

Data Discovery & Classification

Data discovery helps governance teams stay secure

Data governance is needed for organizations to meet compliance requirements

Sam Curcuruto

May 18, 2023 3 min

Responsible AI

Embracing responsible AI: 3 steps to get your organization started

With the latest statement from the White House on responsible AI, it’s clear AI is firmly in the spotlight. Find out how your organization can establish a foundation to address AI risks.

Alexis Kateifides

May 16, 2023 4 min

Data Discovery & Classification

Why is data minimization important for your security teams?

Unused digital information is an easy target for hackers, increasing your organization’s risk 

May 16, 2023 2 min

Data Discovery & Classification

Why is data minimization important for your security teams?

Unused digital information is an easy target for hackers, increasing your organization’s risk 

May 16, 2023 2 min

Consent & Preferences

What the latest Google CMP requirements mean for your organization

Google announced their latest requirements around consent management platforms for organizations that utilize their network for ads

Ryan Karlin

May 16, 2023 3 min

Responsible AI

Embracing responsible AI: 3 steps to get your organization started

With the latest statement from the White House on responsible AI, it’s clear AI is firmly in the spotlight. Find out how your organization can establish a foundation to address AI risks.

Alexis Kateifides

May 16, 2023 4 min

Consent & Preferences

What the latest Google CMP requirements mean for your organization

Google announced their latest requirements around consent management platforms for organizations that utilize their network for ads

Ryan Karlin

May 16, 2023 3 min

Responsible AI

Top 10 AI governance essentials every CPO needs to know in 2023

Learn how to integrate AI governance into your product strategies to achieve responsible AI use

Linda Thielova

May 15, 2023 5 min

Responsible AI

Top 10 AI governance essentials every CPO needs to know in 2023

Learn how to integrate AI governance into your product strategies to achieve responsible AI use

Linda Thielova

May 15, 2023 5 min

Privacy & Data Governance

OneTrust unveils latest platform innovations to drive responsible data use and business resilience

Enhancements to our Trust Intelligence Platform help organizations unlock the value of trust 

OneTrust Editorial Team

May 12, 2023

Privacy & Data Governance

OneTrust unveils latest platform innovations to drive responsible data use and business resilience

Enhancements to our Trust Intelligence Platform help organizations unlock the value of trust 

OneTrust Editorial Team

May 12, 2023

Ethics & Compliance

‘Culture of compliance’ behind DOJ’s voluntary self-disclosure updates

Is your compliance program ready to do the right thing and step up and own up to misconduct?

Jisha Dymond

May 12, 2023 8 min

Ethics & Compliance

‘Culture of compliance’ behind DOJ’s voluntary self-disclosure updates

Is your compliance program ready to do the right thing and step up and own up to misconduct?

Jisha Dymond

May 12, 2023 8 min

GRC & Security Assurance

Data retention policies should be automated to reduce risk

Tooling can create benefits for the organization while staying compliant with regulations

Jason Koestenblatt

May 11, 2023 4 min

GRC & Security Assurance

Data retention policies should be automated to reduce risk

Tooling can create benefits for the organization while staying compliant with regulations

Jason Koestenblatt

May 11, 2023 4 min

Ethics Program Management

Building a strategic framework for policy governance

Learn how a "policy on policies" can help create a framework for effective ethics policy governance and risk management.

Gbemi Yusuff

May 10, 2023 6 min

Ethics Program Management

Building a strategic framework for policy governance

Learn how a "policy on policies" can help create a framework for effective ethics policy governance and risk management.

Gbemi Yusuff

May 10, 2023 6 min

Privacy Management

A privacy professional's guide to navigating responsible AI adoption

Learn how privacy professionals can guide their organizations towards responsible AI adoption by developing a comprehensive AI strategy that integrates privacy considerations, fostering a privacy-focused culture around AI decision-making, and navigating the risks of AI.

May 09, 2023 6 min

Privacy Management

A privacy professional's guide to navigating responsible AI adoption

Learn how privacy professionals can guide their organizations towards responsible AI adoption by developing a comprehensive AI strategy that integrates privacy considerations, fostering a privacy-focused culture around AI decision-making, and navigating the risks of AI.

May 09, 2023 6 min

Internal Audit Management

How to reduce audit fatigue: 5 remedies for InfoSec pros

How do you alleviate audit fatigue in your InfoSec team? Here are 5 practical remedies to reduce the stress and workload of frequent security audits

Katrina Dalao

May 08, 2023 8 min

Internal Audit Management

How to reduce audit fatigue: 5 remedies for InfoSec pros

How do you alleviate audit fatigue in your InfoSec team? Here are 5 practical remedies to reduce the stress and workload of frequent security audits

Katrina Dalao

May 08, 2023 8 min

Data Discovery & Classification

How automation helps reduce your sensitive data footprint

Establish data retention and minimization policies to reduce your organization’s attack surface

Sam Curcuruto

May 05, 2023 4 min

Privacy Management

Navigating the NIST AI Risk Management Framework with confidence

The NIST AI Risk Management Framework can help your organization to manage the risks associated with AI. Read the blog to learn how.

Laurence McNally

May 05, 2023 5 min

Data Discovery & Classification

How automation helps reduce your sensitive data footprint

Establish data retention and minimization policies to reduce your organization’s attack surface

Sam Curcuruto

May 05, 2023 4 min

Privacy Management

Navigating the NIST AI Risk Management Framework with confidence

The NIST AI Risk Management Framework can help your organization to manage the risks associated with AI. Read the blog to learn how.

Laurence McNally

May 05, 2023 5 min

Data Discovery & Classification

Expanding our data discovery leadership with machine learning classification tools

Learn how OneTrust Data Discovery uses AI, machine learning, and privacy by design to ensure responsible and compliant data governance.

Sam Curcuruto

May 04, 2023 3 min

Data Discovery & Classification

Expanding our data discovery leadership with machine learning classification tools

Learn how OneTrust Data Discovery uses AI, machine learning, and privacy by design to ensure responsible and compliant data governance.

Sam Curcuruto

May 04, 2023 3 min

Privacy & Data Governance

Indiana set to become the 7th state to pass a comprehensive privacy law

The Indiana Consumer Data Protection Act will be set to take effect in 2026.

Alexis Kateifides

May 04, 2023 3 min

Privacy & Data Governance

Indiana set to become the 7th state to pass a comprehensive privacy law

The Indiana Consumer Data Protection Act will be set to take effect in 2026.

Alexis Kateifides

May 04, 2023 3 min

Internal Audit Management

What is information security compliance?

What is InfoSec compliance? Learn why compliance is essential for your organization and how it safeguards against cyberthreats.

Katrina Dalao

May 04, 2023 7 min

Internal Audit Management

What is information security compliance?

What is InfoSec compliance? Learn why compliance is essential for your organization and how it safeguards against cyberthreats.

Katrina Dalao

May 04, 2023 7 min

Privacy Management

Making privacy and trust a strategic imperative

Privacy has evolved beyond compliance. See what Forrester analyst Enza Iannopollo had to say about making privacy and trust a strategic imperative

Robb Hiscock, featuring Enza Iannopollo

May 03, 2023 7 min

Privacy Management

Making privacy and trust a strategic imperative

Privacy has evolved beyond compliance. See what Forrester analyst Enza Iannopollo had to say about making privacy and trust a strategic imperative

Robb Hiscock, featuring Enza Iannopollo

May 03, 2023 7 min

Privacy Management

Tennessee passes Information Protection Act

Discover the impact of the Tennessee Information Protection Act (TIPA), passed on April 21, 2023, as it reshapes the US privacy landscape with new requirements for businesses, including risk assessments, data minimization, and opt-in consent for processing sensitive information, effective July 1, 2025.

Robb Hiscock

April 26, 2023 5 min

Privacy Management

Tennessee passes Information Protection Act

Discover the impact of the Tennessee Information Protection Act (TIPA), passed on April 21, 2023, as it reshapes the US privacy landscape with new requirements for businesses, including risk assessments, data minimization, and opt-in consent for processing sensitive information, effective July 1, 2025.

Robb Hiscock

April 26, 2023 5 min

ESG Program Management

What is the EU Carbon Border Adjustment Mechanism (CBAM)?

Learn how your organization can prepare for new regulations around carbon emissions in imported goods 

Chris Fenwick

April 25, 2023 4 min

ESG Program Management

What is the EU Carbon Border Adjustment Mechanism (CBAM)?

Learn how your organization can prepare for new regulations around carbon emissions in imported goods 

Chris Fenwick

April 25, 2023 4 min

Consent & Preferences

OneTrust Consent and Preferences now integrates with Tealium IQ

Tealium IQ launched Consent Integrations for their tag management system, enabling seamless privacy-first marketing campaigns

Ashlea Cartee

April 21, 2023 3 min

Consent & Preferences

OneTrust Consent and Preferences now integrates with Tealium IQ

Tealium IQ launched Consent Integrations for their tag management system, enabling seamless privacy-first marketing campaigns

Ashlea Cartee

April 21, 2023 3 min

Data Discovery & Security

Preparing for new privacy legislation in Canada: Part one

How Canadian companies should respond to the new Consumer Privacy Protection Act (Bill C-27).

Neil Saddington

April 20, 2023 5 min

Data Discovery & Security

Preparing for new privacy legislation in Canada: Part one

How Canadian companies should respond to the new Consumer Privacy Protection Act (Bill C-27).

Neil Saddington

April 20, 2023 5 min

Privacy & Data Governance

Vietnam publishes long-awaited Personal Data Protection Decree

Vietnam has finally published its Personal Data Protection Decree (PDPD). We cover its key points and how business can prepare for compliance.

Robb Hiscock

April 19, 2023 8 min

Privacy & Data Governance

Vietnam publishes long-awaited Personal Data Protection Decree

Vietnam has finally published its Personal Data Protection Decree (PDPD). We cover its key points and how business can prepare for compliance.

Robb Hiscock

April 19, 2023 8 min

Third-Party Due Diligence

OneTrust partners with Dow Jones Risk & Compliance for data-driven third-party due diligence

Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence.

Kelly Maxwell

April 18, 2023 6 min

Data Discovery & Classification

5 ways to harness data classification to mitigate data sprawl

We explore the issue of data sprawl and how data classification automation tools can help mitigate it.

Bex Evans

April 18, 2023 6 min

Third-Party Due Diligence

OneTrust partners with Dow Jones Risk & Compliance for data-driven third-party due diligence

Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence.

Kelly Maxwell

April 18, 2023 6 min

Data Discovery & Classification

5 ways to harness data classification to mitigate data sprawl

We explore the issue of data sprawl and how data classification automation tools can help mitigate it.

Bex Evans

April 18, 2023 6 min

Privacy & Data Governance

My Health My Data Act passes Washington State Senate

The My Health My Data Act, also known as House Bill 1155, provides stronger privacy protections for consumers in relation to their personal health data. 

Alexis Kateifides

April 14, 2023 9 min

Privacy & Data Governance

My Health My Data Act passes Washington State Senate

The My Health My Data Act, also known as House Bill 1155, provides stronger privacy protections for consumers in relation to their personal health data. 

Alexis Kateifides

April 14, 2023 9 min

Privacy & Data Governance

Making it easier to responsibly use data with new data discovery capabilities

OneTrust's data discovery capabilities make it easier for businesses to understand and use data responsibly by connecting and classifying existing data.

Ojas Rege

March 20, 2023 4 min

Consent & Preferences

OneTrust + Adobe = Automated consent orchestration

OneTrust Consent and Preferences integrates with Adobe Experience Platform so businesses can provide personalized experiences and comply with regulations.

Alex Cash

March 20, 2023 3 min

Consent & Preferences

OneTrust + Adobe = Automated consent orchestration

OneTrust Consent and Preferences integrates with Adobe Experience Platform so businesses can provide personalized experiences and comply with regulations.

Alex Cash

March 20, 2023 3 min

Privacy & Data Governance

Making it easier to responsibly use data with new data discovery capabilities

OneTrust's data discovery capabilities make it easier for businesses to understand and use data responsibly by connecting and classifying existing data.

Ojas Rege

March 20, 2023 4 min

Privacy & Data Governance

Governor signs comprehensive privacy bill in Iowa

Governor Reynolds of Iowa signed SF262, An Act Relating To Consumer Data Protection offering a more business-friendly approach to privacy.

Robb Hiscock, Content Marketing Specialist, CIPP/E, CIPM, OneTrust

March 17, 2023 5 min

Privacy & Data Governance

Governor signs comprehensive privacy bill in Iowa

Governor Reynolds of Iowa signed SF262, An Act Relating To Consumer Data Protection offering a more business-friendly approach to privacy.

Robb Hiscock, Content Marketing Specialist, CIPP/E, CIPM, OneTrust

March 17, 2023 5 min

Data Discovery & Classification

What is data discovery?

Businesses are dealing with unprecedented amounts of digital information that needs to be monitored, managed, and secured.

Jason Koestenblatt, Team Lead, Content Marketing, OneTrust

March 10, 2023 8 min

Data Discovery & Classification

What is data discovery?

Businesses are dealing with unprecedented amounts of digital information that needs to be monitored, managed, and secured.

Jason Koestenblatt, Team Lead, Content Marketing, OneTrust

March 10, 2023 8 min

Consent & Preferences

The ROI of purpose-based consent and preference management

Learn how consent management is essential to build trust and delivering personalized customer experiences by collecting and using data responsibly.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust

March 10, 2023 7 min

Consent & Preferences

The ROI of purpose-based consent and preference management

Learn how consent management is essential to build trust and delivering personalized customer experiences by collecting and using data responsibly.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust

March 10, 2023 7 min

Third-Party Risk

How to manage third-party risk across your entire business

Businesses need a comprehensive third-party management strategy covering all aspects of their relationships with third parties, such as security, privacy, ethics, and ESG.

March 08, 2023 7 min

Privacy & Data Governance

UK Data Protection and Digital Information Bill re-introduced to Parliament

The UK Data Protection and Digital Information Bill  aims to reduce the administrative burden on businesses, promote international trade and reduce consent notices.

Robb Hiscock

March 08, 2023 5 min

ESG & Sustainability

The ultimate guide to board diversity and skills requirements

ESG governance is becoming increasingly important as companies face pressure from stakeholders to address environmental, social, and governance issues.

Chris Fenwick

March 08, 2023 23 min

Third-Party Risk

How to manage third-party risk across your entire business

Businesses need a comprehensive third-party management strategy covering all aspects of their relationships with third parties, such as security, privacy, ethics, and ESG.

March 08, 2023 7 min

Privacy & Data Governance

UK Data Protection and Digital Information Bill re-introduced to Parliament

The UK Data Protection and Digital Information Bill  aims to reduce the administrative burden on businesses, promote international trade and reduce consent notices.

Robb Hiscock

March 08, 2023 5 min

ESG & Sustainability

The ultimate guide to board diversity and skills requirements

ESG governance is becoming increasingly important as companies face pressure from stakeholders to address environmental, social, and governance issues.

Chris Fenwick

March 08, 2023 23 min

Third-Party Risk

Why data privacy and third-party risk teams need to work together

Sharing information and resources across organizational silos is mutually beneficial for teams with the common goal of mitigating data privacy risk.

Scott Solomon

March 07, 2023 6 min

GRC & Security Assurance

How to manage privacy and security compliance? 6 questions with GRC experts

Our GRC experts discuss how privacy and security compliance are evolving to meet modern market demands and ushering in a whole new era of automation.

Katrina Dalao, Sr. Content Marketing Specialist, OneTrust

March 07, 2023 8 min

GRC & Security Assurance

How to manage privacy and security compliance? 6 questions with GRC experts

Our GRC experts discuss how privacy and security compliance are evolving to meet modern market demands and ushering in a whole new era of automation.

Katrina Dalao, Sr. Content Marketing Specialist, OneTrust

March 07, 2023 8 min

Third-Party Risk

Why data privacy and third-party risk teams need to work together

Sharing information and resources across organizational silos is mutually beneficial for teams with the common goal of mitigating data privacy risk.

Scott Solomon

March 07, 2023 6 min

GRC & Security Assurance

Understanding IT security frameworks: Types and examples

Security frameworks are roadmaps for developing and implementing effective security programs that protect organizations from threats and vulnerabilities.

Katrina Dalao

March 06, 2023 11 min

GRC & Security Assurance

Understanding IT security frameworks: Types and examples

Security frameworks are roadmaps for developing and implementing effective security programs that protect organizations from threats and vulnerabilities.

Katrina Dalao

March 06, 2023 11 min

GRC & Security Assurance

5 ways leaders are automating their GRC programs in 2023

Learn five top functional categories GRC professionals and leaders identify as priorities for creating a mature and meaningful automation strategy.

March 02, 2023 4 min

Ethics & Compliance

Speak-up culture 101: Why speak-up culture matters and how to build yours

Learn how to build, measure, and grow your speak-up program to foster trust, shared responsibility, and the highest standards of ethical conduct.

Gbemi Yusuff

March 02, 2023 9 min

GRC & Security Assurance

5 ways leaders are automating their GRC programs in 2023

Learn five top functional categories GRC professionals and leaders identify as priorities for creating a mature and meaningful automation strategy.

March 02, 2023 4 min

Ethics & Compliance

Speak-up culture 101: Why speak-up culture matters and how to build yours

Learn how to build, measure, and grow your speak-up program to foster trust, shared responsibility, and the highest standards of ethical conduct.

Gbemi Yusuff

March 02, 2023 9 min

Privacy & Data Governance

How to approach the ICO’s “Privacy in the product design lifecycle”

Learn more about the ICO's "Privacy in the product design lifecycle" guidance and how you can implement Privacy by Design (PbD) in your organization.

Robb Hiscock

March 01, 2023 11 min

Privacy & Data Governance

How to approach the ICO’s “Privacy in the product design lifecycle”

Learn more about the ICO's "Privacy in the product design lifecycle" guidance and how you can implement Privacy by Design (PbD) in your organization.

Robb Hiscock

March 01, 2023 11 min

GRC & Security Assurance

10 GRC trends: What’s next for governance, risk, and compliance?

Cybersecurity, third-party risk, and other policies fall under the GRC domain. Here are the top 10 emerging drivers and trends shaping security compliance.

Katrina Dalao

February 23, 2023 5 min

Privacy & Data Governance

Global Privacy Platform (GPP): What this means for ad tech and US privacy laws

IAB Tech Lab, the digital advertising technical standards-setting body, recently announced the launch of its Global Privacy Platform (GPP).

Ashlea Cartee

February 23, 2023 4 min

GRC & Security Assurance

10 GRC trends: What’s next for governance, risk, and compliance?

Cybersecurity, third-party risk, and other policies fall under the GRC domain. Here are the top 10 emerging drivers and trends shaping security compliance.

Katrina Dalao

February 23, 2023 5 min

Privacy & Data Governance

Global Privacy Platform (GPP): What this means for ad tech and US privacy laws

IAB Tech Lab, the digital advertising technical standards-setting body, recently announced the launch of its Global Privacy Platform (GPP).

Ashlea Cartee

February 23, 2023 4 min

Privacy & Data Governance

3 priorities for the French DPO: 1. Gain visibility

DPOs must have visibility into what teams are doing and work closely with the CISO to help direct organizational processes toward data protection and security.

Noshin Khan

February 22, 2023 9 min

Privacy & Data Governance

3 priorities for the French DPO: 1. Gain visibility

DPOs must have visibility into what teams are doing and work closely with the CISO to help direct organizational processes toward data protection and security.

Noshin Khan

February 22, 2023 9 min

Trust Intelligence

OneTrust kicks off new year with strong momentum, building on successes from 2022

In 2023, we are focused on continuing to innovate across this platform, focusing on the core areas of privacy, security, ethics, compliance, and ESG. 

February 20, 2023 5 min

Ethics Program Management

Speak-up culture toolkit: Policy management

Learn how effective policy management drives employee engagement and strengthens your company speak-up culture.

Noshin Kahn

February 20, 2023 7 min

Trust Intelligence

OneTrust kicks off new year with strong momentum, building on successes from 2022

In 2023, we are focused on continuing to innovate across this platform, focusing on the core areas of privacy, security, ethics, compliance, and ESG. 

February 20, 2023 5 min

Ethics Program Management

Speak-up culture toolkit: Policy management

Learn how effective policy management drives employee engagement and strengthens your company speak-up culture.

Noshin Kahn

February 20, 2023 7 min

GRC & Security Assurance

OneTrust introduces Certification Automation

OneTrust Certification Automation facilitates the compliance and audit process to help you achieve security certifications in half the time. 

Katrina Dalao

February 16, 2023 3 min

GRC & Security Assurance

OneTrust introduces Certification Automation

OneTrust Certification Automation facilitates the compliance and audit process to help you achieve security certifications in half the time. 

Katrina Dalao

February 16, 2023 3 min

Third-Party Risk

Supply Wisdom risk intelligence is now available in OneTrust’s Third-Party Risk Exchange

The partnership with Supply Wisdom brings compliance, financial, location-based ESG, and cyber risk data to Exchange customers and their third parties.

Chet Devchand, Director, Business Development Management

February 14, 2023 3 min

Third-Party Risk

Supply Wisdom risk intelligence is now available in OneTrust’s Third-Party Risk Exchange

The partnership with Supply Wisdom brings compliance, financial, location-based ESG, and cyber risk data to Exchange customers and their third parties.

Chet Devchand, Director, Business Development Management

February 14, 2023 3 min

Third-Party Due Diligence

Speak-up culture toolkit: Inviting third parties to contribute

Creating a strong, healthy speak-up culture requires you to empower all participants, including third parties, to raise issues related to ethics and compliance.

Gbemi Yusuff

February 13, 2023 6 min

Third-Party Due Diligence

Speak-up culture toolkit: Inviting third parties to contribute

Creating a strong, healthy speak-up culture requires you to empower all participants, including third parties, to raise issues related to ethics and compliance.

Gbemi Yusuff

February 13, 2023 6 min

GRC & Security Assurance

7 steps to comply with ISO 31700-1:2023 (standard on Privacy by Design)

This standard looks to define clear rules for organizations around how consumers’ personal information is processed and how consumer privacy is addressed throughout the product lifecycle

Linda Thielova

February 10, 2023 7 min

GRC & Security Assurance

7 steps to comply with ISO 31700-1:2023 (standard on Privacy by Design)

This standard looks to define clear rules for organizations around how consumers’ personal information is processed and how consumer privacy is addressed throughout the product lifecycle

Linda Thielova

February 10, 2023 7 min

ESG & Sustainability

The EU Taxonomy: What you need to know

With two objectives of the EU Taxonomy in effect, make sure your organization is on top of compliance with new ESG reporting requirements.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

February 09, 2023 6 min

ESG & Sustainability

The EU Taxonomy: What you need to know

With two objectives of the EU Taxonomy in effect, make sure your organization is on top of compliance with new ESG reporting requirements.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

February 09, 2023 6 min

Privacy & Data Governance

What California’s CCPA investigative sweep means for your mobile applications

The California Attorney General declared an investigative sweep of mobile apps that don't comply with certain CCPA opt-out and consumer request provisions.

Alex Cash

February 01, 2023 5 min

Privacy & Data Governance

What California’s CCPA investigative sweep means for your mobile applications

The California Attorney General declared an investigative sweep of mobile apps that don't comply with certain CCPA opt-out and consumer request provisions.

Alex Cash

February 01, 2023 5 min

Consent & Preferences

The ultimate guide to US opt-out requirements

Five new US state privacy laws mean five new sets of opt-out requirements. Learn how to make sure your organization maintains compliance in 2023.

Ashlea Cartee

January 31, 2023 10 min

Consent & Preferences

The ultimate guide to US opt-out requirements

Five new US state privacy laws mean five new sets of opt-out requirements. Learn how to make sure your organization maintains compliance in 2023.

Ashlea Cartee

January 31, 2023 10 min

ESG & Sustainability

ESG reporting 101: Guide to ESG standards and sustainability frameworks

As norms and standards continue to evolve, you should be prepared to respond with your own ESG reporting strategy and management.

Julie Yamamoto

January 30, 2023 23 min

ESG & Sustainability

ESG reporting 101: Guide to ESG standards and sustainability frameworks

As norms and standards continue to evolve, you should be prepared to respond with your own ESG reporting strategy and management.

Julie Yamamoto

January 30, 2023 23 min

Privacy & Data Governance

Colorado AG releases third version of draft CPA regulations

The latest version of the draft Colorado Privacy Act regulations is based on the outcome of the public consultation held between October 2022 and January 2023.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 30, 2023 13 min

Privacy & Data Governance

Colorado AG releases third version of draft CPA regulations

The latest version of the draft Colorado Privacy Act regulations is based on the outcome of the public consultation held between October 2022 and January 2023.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 30, 2023 13 min

Privacy & Data Governance

Your guide to celebrating Data Privacy Day 2023

Data Privacy Day 2023 is a great chance to raise awareness of privacy and data protection issues from around the world and your organization.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 25, 2023 7 min

Privacy & Data Governance

Your guide to celebrating Data Privacy Day 2023

Data Privacy Day 2023 is a great chance to raise awareness of privacy and data protection issues from around the world and your organization.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

January 25, 2023 7 min

ESG & Sustainability

Ultimate guide to the EU CSRD ESG regulation for businesses

This guide provides everything your business needs to know about the upcoming EU ESG regulation - the Corporate Sustainability Reporting Directive (CSRD).

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

January 20, 2023 16 min

ESG & Sustainability

Ultimate guide to the EU CSRD ESG regulation for businesses

This guide provides everything your business needs to know about the upcoming EU ESG regulation - the Corporate Sustainability Reporting Directive (CSRD).

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

January 20, 2023 16 min

Ethics & Compliance

Speak-up culture toolkit: Leveraging disclosure data to drive a speak-up culture

Healthy disclosure rates are an indicator of a strong speak-up culture. Discover how to improve disclosure participation and engagement.

Noshin Khan

January 17, 2023 4 min

Ethics & Compliance

Speak-up culture toolkit: Leveraging disclosure data to drive a speak-up culture

Healthy disclosure rates are an indicator of a strong speak-up culture. Discover how to improve disclosure participation and engagement.

Noshin Khan

January 17, 2023 4 min

Privacy & Data Governance

Addressing UK app Code of Practice requirements with OneTrust

OneTrust has developed an Android SDK scanner to comply with Google Play Data safety while supporting the new UK app Code of Practice.

Julian Evans

January 13, 2023 6 min

Privacy & Data Governance

Addressing UK app Code of Practice requirements with OneTrust

OneTrust has developed an Android SDK scanner to comply with Google Play Data safety while supporting the new UK app Code of Practice.

Julian Evans

January 13, 2023 6 min

Privacy & Data Governance

Belgian DPA approves action plan for IAB Europe’s TCF

After violating the GDPR, the Belgian DPA approved an action plan to bring the processing of personal data within the IAB TCF into compliance with the GDPR.

Alex Cash, Director of Strategy, Consent & Preferences | CIPP/E, CIPM

January 12, 2023 7 min

Privacy & Data Governance

Belgian DPA approves action plan for IAB Europe’s TCF

After violating the GDPR, the Belgian DPA approved an action plan to bring the processing of personal data within the IAB TCF into compliance with the GDPR.

Alex Cash, Director of Strategy, Consent & Preferences | CIPP/E, CIPM

January 12, 2023 7 min

Ethics & Compliance

Continuous improvement: The leading indicator for successful compliance programs

Continuous improvement is a method of operationalizing improvement to processes, products, or other aspects of a business through a cycle of repeatable steps.

Gbemi Yusuff

January 11, 2023 6 min

Ethics & Compliance

Continuous improvement: The leading indicator for successful compliance programs

Continuous improvement is a method of operationalizing improvement to processes, products, or other aspects of a business through a cycle of repeatable steps.

Gbemi Yusuff

January 11, 2023 6 min

Third-Party Risk

Build trust, promote your program in the Third-Party Risk Exchange

The Third-Party Risk Exchange allows businesses to learn more about each other's security posture, offer SIG Lite assessments on-demand, and more.

Pranav Menem

January 10, 2023 3 min

Third-Party Risk

Build trust, promote your program in the Third-Party Risk Exchange

The Third-Party Risk Exchange allows businesses to learn more about each other's security posture, offer SIG Lite assessments on-demand, and more.

Pranav Menem

January 10, 2023 3 min

Consent & Preferences

Consent management by the numbers: 2022 DMA report summary

We partnered with the Data & Marketing Association (DMA) (UK) to research how marketers manage their data and the value they realize using CMP systems.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust Consent and Preferences

January 09, 2023 4 min

Trust Intelligence

Building trust in a zero trust world

OneTrust CEO Kabir Barday recently participated in a panel discussion with Deloitte at CES, discussing how to build digital trust to drive business performance.

Kabir Barday CEO, OneTrust

January 09, 2023 4 min

Privacy & Data Governance

Navigating the California Privacy Rights Act as a HIPAA-compliant business

CPRA’s health information exemption is not a blanket entity exemption, meaning HIPAA-compliant organizations may still need to consider its requirements.

Bex Evans, Senior Product Marketing Manager | CIPP/E, CIPM

January 09, 2023 5 min

Consent & Preferences

Consent management by the numbers: 2022 DMA report summary

We partnered with the Data & Marketing Association (DMA) (UK) to research how marketers manage their data and the value they realize using CMP systems.

Ashlea Cartee, Senior Product Marketing Manager, OneTrust Consent and Preferences

January 09, 2023 4 min

Trust Intelligence

Building trust in a zero trust world

OneTrust CEO Kabir Barday recently participated in a panel discussion with Deloitte at CES, discussing how to build digital trust to drive business performance.

Kabir Barday CEO, OneTrust

January 09, 2023 4 min

Privacy & Data Governance

Navigating the California Privacy Rights Act as a HIPAA-compliant business

CPRA’s health information exemption is not a blanket entity exemption, meaning HIPAA-compliant organizations may still need to consider its requirements.

Bex Evans, Senior Product Marketing Manager | CIPP/E, CIPM

January 09, 2023 5 min

ESG & Sustainability

EFRAG approved the European Sustainability Reporting Standards

EFRAG has released first draft European sustainability reporting standards as part of the EU Corporate Sustainability Reporting Directive.

Chris Fenwick

January 06, 2023 8 min

Privacy & Data Governance

US state privacy bills on the horizon in 2023

Stay up to date with the latest news in US state privacy law, with bill highlights, legislation status, and resources to help your organization stay compliant.

Param Gopalasamy

January 06, 2023 4 min

ESG & Sustainability

EFRAG approved the European Sustainability Reporting Standards

EFRAG has released first draft European sustainability reporting standards as part of the EU Corporate Sustainability Reporting Directive.

Chris Fenwick

January 06, 2023 8 min

Privacy & Data Governance

US state privacy bills on the horizon in 2023

Stay up to date with the latest news in US state privacy law, with bill highlights, legislation status, and resources to help your organization stay compliant.

Param Gopalasamy

January 06, 2023 4 min

Speak-Up Program Management

Speak-up culture toolkit: Helpline and case management

Everyone wins when you shine a light on your ethics and compliance helpline and build a speak-up culture that reflects your organization's values.

Kelly Maxwell, Content Marketing Specialist

January 05, 2023 6 min

Speak-Up Program Management

Speak-up culture toolkit: Helpline and case management

Everyone wins when you shine a light on your ethics and compliance helpline and build a speak-up culture that reflects your organization's values.

Kelly Maxwell, Content Marketing Specialist

January 05, 2023 6 min

Consent & Preferences

3 steps to stay compliant while using consent-driven targeted marketing

Learn how your organization can utilize targeted ads while still being compliant by following these three steps to ensure you prioritize your user's privacy.

Alex Cash

January 04, 2023 4 min

Third-Party Risk

As third-party needs sprawl, so do risk management investments

From a new focus on ESG to a renewed need for cybersecurity, third-party and vendor risk management solutions have become a priority for organizations.

Jason Koestenblatt

January 04, 2023 3 min

Consent & Preferences

3 steps to stay compliant while using consent-driven targeted marketing

Learn how your organization can utilize targeted ads while still being compliant by following these three steps to ensure you prioritize your user's privacy.

Alex Cash

January 04, 2023 4 min

Third-Party Risk

As third-party needs sprawl, so do risk management investments

From a new focus on ESG to a renewed need for cybersecurity, third-party and vendor risk management solutions have become a priority for organizations.

Jason Koestenblatt

January 04, 2023 3 min

Privacy Automation

The dos and don’ts of CPRA privacy rights requests 

The CPRA has new consumer rights for California residents and employees, meaning new obligations and rights requests are coming your organization's way.

Robb Hiscock

January 03, 2023 7 min

Privacy Automation

The dos and don’ts of CPRA privacy rights requests 

The CPRA has new consumer rights for California residents and employees, meaning new obligations and rights requests are coming your organization's way.

Robb Hiscock

January 03, 2023 7 min

Data Discovery & Security

How OneTrust helps reduce your sensitive data footprint

More data, more costs, more risk. More value? That’s up to how your organization makes use of data retention and minimization principles.

Rebecca Evans

December 23, 2022 4 min

Data Discovery & Security

How OneTrust helps reduce your sensitive data footprint

More data, more costs, more risk. More value? That’s up to how your organization makes use of data retention and minimization principles.

Rebecca Evans

December 23, 2022 4 min

Privacy & Data Governance

Conducting PIA, DPIA, and TIA to inform notices

Privacy Impact Assessments, Data Protection Impact Assessments, and Transfer Impact Assessments are vary greatly in terms of what, why, and when.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

December 21, 2022 9 min

Privacy & Data Governance

Conducting PIA, DPIA, and TIA to inform notices

Privacy Impact Assessments, Data Protection Impact Assessments, and Transfer Impact Assessments are vary greatly in terms of what, why, and when.

Robb Hiscock, Content Marketing Specialist | CIPP/E, CIPM

December 21, 2022 9 min

Ethics & Compliance

The ultimate guide to complying with the EU Whistleblower Directive

Due to the Directive, your whistleblower hotline, retaliation policies, and compliance program may require a revamp, even if your employees are not in the EU.

December 19, 2022 15 min

Ethics & Compliance

The ultimate guide to complying with the EU Whistleblower Directive

Due to the Directive, your whistleblower hotline, retaliation policies, and compliance program may require a revamp, even if your employees are not in the EU.

December 19, 2022 15 min

ESG & Sustainability

CSRD: EU ESG disclosure rule is approved

The European Parliament and Council adopted the CSRD to make businesses more publicly accountable for their societal and environmental impacts.

Alexis Kateifides, Senior Counsel, OneTrust Centers of Excellence

December 18, 2022 6 min

ESG & Sustainability

CSRD: EU ESG disclosure rule is approved

The European Parliament and Council adopted the CSRD to make businesses more publicly accountable for their societal and environmental impacts.

Alexis Kateifides, Senior Counsel, OneTrust Centers of Excellence

December 18, 2022 6 min

Privacy & Data Governance

CCPA toll-free number requirement

The California Privacy Rights Act (CPRA) follows up the CCPA with new and expanded rights, retaining the toll-free number requirement.

Param Gopalasamy, CIPP/E, CIPM

December 15, 2022 4 min

Privacy & Data Governance

CCPA toll-free number requirement

The California Privacy Rights Act (CPRA) follows up the CCPA with new and expanded rights, retaining the toll-free number requirement.

Param Gopalasamy, CIPP/E, CIPM

December 15, 2022 4 min

Ethics & Compliance

Maximizing your compliance budget in 2023

If your team receive cuts, follow these recommendations to prioritize resources for critical activities, do more with less, and continue to achieve key outcomes.

December 14, 2022 6 min

Ethics & Compliance

Maximizing your compliance budget in 2023

If your team receive cuts, follow these recommendations to prioritize resources for critical activities, do more with less, and continue to achieve key outcomes.

December 14, 2022 6 min

ESG & Sustainability

Ultimate guide to ESG sustainability

As global organizations begin to adopt key ESG principles, it's critical to pivot your business strategy to address sustainability.

Julie Yamamoto

December 13, 2022 35 min

ESG & Sustainability

Ultimate guide to ESG sustainability

As global organizations begin to adopt key ESG principles, it's critical to pivot your business strategy to address sustainability.

Julie Yamamoto

December 13, 2022 35 min

Privacy & Data Governance

The ultimate guide to US privacy

Our guide will help you better understand the five state privacy laws and how they will define the US privacy landscape in lieu of a federal privacy framework.

Robb Hiscock

December 09, 2022 22 min

Privacy & Data Governance

The ultimate guide to US privacy

Our guide will help you better understand the five state privacy laws and how they will define the US privacy landscape in lieu of a federal privacy framework.

Robb Hiscock

December 09, 2022 22 min

Third-Party Due Diligence

Best practices for conducting third-party due diligence for ethics and compliance

A well-designed compliance program should apply risk-based due diligence and have a process for the full lifecycle of third-party risk management

Kelly Maxwell

December 08, 2022 9 min

Third-Party Due Diligence

Best practices for conducting third-party due diligence for ethics and compliance

A well-designed compliance program should apply risk-based due diligence and have a process for the full lifecycle of third-party risk management

Kelly Maxwell

December 08, 2022 9 min

ESG & Sustainability

3 key takeaways from COP27

Learn three key takeaways from COP27, which includes reinforcing the growing demand for true and accurate reporting on climate risks for investors.

Chris Fenwick

December 06, 2022 8 min

ESG & Sustainability

3 key takeaways from COP27

Learn three key takeaways from COP27, which includes reinforcing the growing demand for true and accurate reporting on climate risks for investors.

Chris Fenwick

December 06, 2022 8 min

Trust Intelligence

Trending toward trust: What organizations need to watch in 2023

Trending Toward Trust is the new 2023 report from OneTrust, highlighting some of the most significant trends that will shape trust in organizations.

Robb Hiscock

December 05, 2022 4 min

Trust Intelligence

Trending toward trust: What organizations need to watch in 2023

Trending Toward Trust is the new 2023 report from OneTrust, highlighting some of the most significant trends that will shape trust in organizations.

Robb Hiscock

December 05, 2022 4 min

Third-Party Risk

Ironclad, OneTrust partner to streamline and secure third-party procurement processes

To help organizations take a holistic approach to the third-party contracting and risk management process, OneTrust has partnered with Ironclad.

Chet Devchand

November 30, 2022 4 min

Third-Party Risk

Ironclad, OneTrust partner to streamline and secure third-party procurement processes

To help organizations take a holistic approach to the third-party contracting and risk management process, OneTrust has partnered with Ironclad.

Chet Devchand

November 30, 2022 4 min

Privacy & Data Governance

Navigating the CPRA as a GLBA-compliant business

The California legislature amended the CCPA , recognizing the conflict between the CCPA and sectoral frameworks such as the Gramm-Leach-Bliley Act.

Robb Hiscock

November 29, 2022 5 min

ESG & Sustainability

Proposed UK Disclosure Framework Focuses on Corporate Climate Transition | Blog | OneTrust

At COP27, the UK announced The Transition Plan Taskforce Disclosure Framework aiming to strengthen reporting requirements for companies in the UK.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

November 29, 2022 7 min

Privacy & Data Governance

Navigating the CPRA as a GLBA-compliant business

The California legislature amended the CCPA , recognizing the conflict between the CCPA and sectoral frameworks such as the Gramm-Leach-Bliley Act.

Robb Hiscock

November 29, 2022 5 min

ESG & Sustainability

Proposed UK Disclosure Framework Focuses on Corporate Climate Transition | Blog | OneTrust

At COP27, the UK announced The Transition Plan Taskforce Disclosure Framework aiming to strengthen reporting requirements for companies in the UK.

Chris Fenwick, OneTrust Head of ESG Center of Excellence

November 29, 2022 7 min

Privacy & Data Governance

From Sapin II to Sapin III: France’s anti-corruption fight

Sapin III will soon expand the French commitment to detect and punish corruption – how will you and your compliance team need to adapt?

Kelly Maxwell

November 28, 2022 8 min

Privacy & Data Governance

From Sapin II to Sapin III: France’s anti-corruption fight

Sapin III will soon expand the French commitment to detect and punish corruption – how will you and your compliance team need to adapt?

Kelly Maxwell

November 28, 2022 8 min

GRC & Security Assurance

7 myths about SOC 2 compliance

Understand what your company needs to achieve SOC 2 compliance and protect customer data. Read more about the seven myths about SOC 2 compliance.

November 25, 2022 4 min

GRC & Security Assurance

7 myths about SOC 2 compliance

Understand what your company needs to achieve SOC 2 compliance and protect customer data. Read more about the seven myths about SOC 2 compliance.

November 25, 2022 4 min

Third-Party Risk

What every Chief Privacy Officer should know about third-party risk management

CPOs track risk via data mapping, in which data is discovered, assessed, and tracked as it flows throughout the organization, including to third parties.

Jason Koestenblatt, Team Lead, Content Marketing

November 18, 2022 6 min

Third-Party Risk

What every Chief Privacy Officer should know about third-party risk management

CPOs track risk via data mapping, in which data is discovered, assessed, and tracked as it flows throughout the organization, including to third parties.

Jason Koestenblatt, Team Lead, Content Marketing

November 18, 2022 6 min

Ethics & Compliance

The role of disclosures in risk assessment and mitigation

An effective COI program will identify and mitigate these organizational risks through effective employee engagement, analysis, and periodic review.

Noshin Khan

November 17, 2022 5 min

Ethics & Compliance

The role of disclosures in risk assessment and mitigation

An effective COI program will identify and mitigate these organizational risks through effective employee engagement, analysis, and periodic review.

Noshin Khan

November 17, 2022 5 min

ESG & Sustainability

US Climate Risk Rule Could Affect More Than 5,700 Federal Suppliers | Blog | OneTrust

The US proposes a climate risk rule requiring major suppliers to disclose greenhouse gas emissions and set science-based emissions reduction targets.

Chris Fenwick

November 15, 2022 5 min

ESG & Sustainability

US Climate Risk Rule Could Affect More Than 5,700 Federal Suppliers | Blog | OneTrust

The US proposes a climate risk rule requiring major suppliers to disclose greenhouse gas emissions and set science-based emissions reduction targets.

Chris Fenwick

November 15, 2022 5 min

ESG & Sustainability

The COP27 climate summit: What to expect and why it matters

The annual COP is the largest and most important climate action event of the year and is a critical step in prioritizing collective efforts to fight climate change. 

Chris Fenwick, OneTrust Head of ESG Center of Excellence

November 14, 2022 10 min

ESG & Sustainability

The COP27 climate summit: What to expect and why it matters

The annual COP is the largest and most important climate action event of the year and is a critical step in prioritizing collective efforts to fight climate change. 

Chris Fenwick, OneTrust Head of ESG Center of Excellence

November 14, 2022 10 min

Privacy & Data Governance

3 steps for mitigating the impact of ransomware attacks through data discovery

Ransomware attacks are costly to a company's bottom line and reputation, but having greater knowledge of your dataset can reduce the impact of an attack.

Bex Evans

November 09, 2022 5 min

GRC & Security Assurance

SOC 2: starting your audit process

SOC 2 is a voluntary compliance standard for managing customer data while outlining the minimum requirements to maintain your customers' security.

November 09, 2022 4 min

Privacy & Data Governance

3 steps for mitigating the impact of ransomware attacks through data discovery

Ransomware attacks are costly to a company's bottom line and reputation, but having greater knowledge of your dataset can reduce the impact of an attack.

Bex Evans

November 09, 2022 5 min

GRC & Security Assurance

SOC 2: starting your audit process

SOC 2 is a voluntary compliance standard for managing customer data while outlining the minimum requirements to maintain your customers' security.

November 09, 2022 4 min

Ethics Program Management

Department of Justice: 2022 updates to corporate compliance guidance

After this year's DOJ updates, corporate compliance officers must update their executive teams and boards of directors on the new approach to enforcement.

Kelly Maxwell

November 08, 2022 8 min

Ethics Program Management

Department of Justice: 2022 updates to corporate compliance guidance

After this year's DOJ updates, corporate compliance officers must update their executive teams and boards of directors on the new approach to enforcement.

Kelly Maxwell

November 08, 2022 8 min

Privacy & Data Governance

CCPA regulations: A timeline of amendments

Since its passing, the CCPA and its accompanying regulations have undergone several modifications. Here's your guide to understanding them better.

Param Gopalasamy

November 03, 2022 11 min

Privacy & Data Governance

CCPA regulations: A timeline of amendments

Since its passing, the CCPA and its accompanying regulations have undergone several modifications. Here's your guide to understanding them better.

Param Gopalasamy

November 03, 2022 11 min

GRC & Security Assurance

9-point framework for evaluating SOC 2 software

The founder of Fractional CISO, Rob Black, identified nine key considerations to guide the vendor evaluation process and reach your SOC 2 compliance goals. 

November 02, 2022 5 min

GRC & Security Assurance

9-point framework for evaluating SOC 2 software

The founder of Fractional CISO, Rob Black, identified nine key considerations to guide the vendor evaluation process and reach your SOC 2 compliance goals. 

November 02, 2022 5 min

Third-Party Risk

Thousands of RiskRecon grades now available in the OneTrust Third-Party Risk Exchange

We are partnering with RiskRecon, a Mastercard Company to make cybersecurity ratings available out-of-the-box to all Third-Party Risk Exchange customers.

Chet Devchand

November 01, 2022 3 min

Third-Party Risk

Thousands of RiskRecon grades now available in the OneTrust Third-Party Risk Exchange

We are partnering with RiskRecon, a Mastercard Company to make cybersecurity ratings available out-of-the-box to all Third-Party Risk Exchange customers.

Chet Devchand

November 01, 2022 3 min

Privacy & Data Governance

US Privacy Masterclass: Your four essential questions answered

In this blog, we’ll go over questions around the GLBA, NIST, GPC, and PIAs in California and HIPAA and explain how your organization can comply.

Garrett Groos

October 31, 2022 4 min

Privacy & Data Governance

US Privacy Masterclass: Your four essential questions answered

In this blog, we’ll go over questions around the GLBA, NIST, GPC, and PIAs in California and HIPAA and explain how your organization can comply.

Garrett Groos

October 31, 2022 4 min

Privacy & Data Governance

Navigating the CPRA’s “Do Not Sell or Share” requirement

CCPA consumer rights such as the right to opt out of the sale of personal information, have resulted in critical challenges. Learn how OneTrust helps.

Param Gopalasamy

October 28, 2022 5 min

Privacy & Data Governance

Navigating the CPRA’s “Do Not Sell or Share” requirement

On January 1, 2023, the California Privacy Rights Act (CPRA) will expand and amend several aspects of the CCPA, including consumer rights.

Param Gopalasamy

October 28, 2022 5 min

Privacy & Data Governance

Navigating the CPRA’s “Do Not Sell or Share” requirement

CCPA consumer rights such as the right to opt out of the sale of personal information, have resulted in critical challenges. Learn how OneTrust helps.

Param Gopalasamy

October 28, 2022 5 min

Privacy & Data Governance

Navigating the CPRA’s “Do Not Sell or Share” requirement

On January 1, 2023, the California Privacy Rights Act (CPRA) will expand and amend several aspects of the CCPA, including consumer rights.

Param Gopalasamy

October 28, 2022 5 min

Consent & Preferences

Use first-party data for a powerful digital experience

Collecting, managing, and activating first-party data will enhance customer experience by providing customers with the right experience at the right time.

Ashlea Cartee, Product Marketing Manager, Consent and Preferences

October 26, 2022 9 min

Consent & Preferences

Use first-party data for a powerful digital experience

Collecting, managing, and activating first-party data will enhance customer experience by providing customers with the right experience at the right time.

Ashlea Cartee, Product Marketing Manager, Consent and Preferences

October 26, 2022 9 min

GRC & Security Assurance

What are the ISO 27001 updates?

The International Organization for Standardization (ISO) released its first framework, the 27001, that outlined a cybersecurity foundation for businesses.

Jason Koestenblatt, Team Lead, Content Marketing

October 25, 2022 4 min

GRC & Security Assurance

What are the ISO 27001 updates?

The International Organization for Standardization (ISO) released its first framework, the 27001, that outlined a cybersecurity foundation for businesses.

Jason Koestenblatt, Team Lead, Content Marketing

October 25, 2022 4 min

GRC & Security Assurance

ISO 27001: Scoping and mandatory clauses

Prepare for ISO 27001 certification with a scope statement that defines your company’s information security management system.

October 24, 2022 3 min

GRC & Security Assurance

ISO 27001: Scoping and mandatory clauses

Prepare for ISO 27001 certification with a scope statement that defines your company’s information security management system.

October 24, 2022 3 min

Third-Party Risk

Put a hold on hacks: Fight the phish and other emerging cyber threats

In 2021, there was a 62% global attack spike in ransomware (158% increase in North America), and an increased focus on attacks by regulatory bodies.

Jason Koestenblatt, Team Lead, Content Marketing

October 21, 2022 6 min

Third-Party Risk

Put a hold on hacks: Fight the phish and other emerging cyber threats

In 2021, there was a 62% global attack spike in ransomware (158% increase in North America), and an increased focus on attacks by regulatory bodies.

Jason Koestenblatt, Team Lead, Content Marketing

October 21, 2022 6 min

Privacy & Data Governance

Is GDPR relevant for your US-based tech startup?

Learn about the pivotal EU law, GDPR, that could affect how your company approaches customer data protection and privacy US-based company.

October 19, 2022 2 min

Privacy & Data Governance

Is GDPR relevant for your US-based tech startup?

Learn about the pivotal EU law, GDPR, that could affect how your company approaches customer data protection and privacy US-based company.

October 19, 2022 2 min

Ethics & Compliance

Holiday disclosures: Avoid conflicts of interest during gift-giving season 

With the season of holiday parties and corporate gifting around the corner, autumn and winter are jam-packed with potential conflicts of interest. 

Kelly Maxwell

October 18, 2022 5 min

Ethics & Compliance

Holiday disclosures: Avoid conflicts of interest during gift-giving season 

With the season of holiday parties and corporate gifting around the corner, autumn and winter are jam-packed with potential conflicts of interest. 

Kelly Maxwell

October 18, 2022 5 min

Introducing the New OneTrust Brand

The changes to our new OneTrust logo and brand identity represent the next era of our company as the market-defining leader in Trust Intelligence.

Lisa Campbell

October 12, 2022 2 min

Privacy & Data Governance

OneTrust partners with Microsoft to enhance customer experience with Microsoft Intelligent Data Platform

OneTrust and Microsoft are partnering to expand the options available to Chief Data Officers (CDOs) to address this challenge of visibility and governance.

Chet Devchand, Head of Technology Partnerships

October 12, 2022 3 min

Privacy & Data Governance

OneTrust partners with Microsoft to enhance customer experience with Microsoft Intelligent Data Platform

OneTrust and Microsoft are partnering to expand the options available to Chief Data Officers (CDOs) to address this challenge of visibility and governance.

Chet Devchand, Head of Technology Partnerships

October 12, 2022 3 min

Introducing the New OneTrust Brand

The changes to our new OneTrust logo and brand identity represent the next era of our company as the market-defining leader in Trust Intelligence.

Lisa Campbell

October 12, 2022 2 min

Ethics & Compliance

Compliance best practices: Presenting to a board of directors

Giving a compliance presentation to the board of directors can be a nerve-wracking experience, but these ten guidelines will set you up for success.

Phillip Winterburn

October 11, 2022 9 min

Ethics & Compliance

Compliance best practices: Presenting to a board of directors

Giving a compliance presentation to the board of directors can be a nerve-wracking experience, but these ten guidelines will set you up for success.

Phillip Winterburn

October 11, 2022 9 min

ESG Program Management

Embedding ESG transformation into the future enterprise

An organization's ability to demonstrate its ESG credentials transparently has become a vital business differentiator and a critical part of trust conversations.

Vladimir Kroa

October 10, 2022 6 min

ESG Program Management

Embedding ESG transformation into the future enterprise

An organization's ability to demonstrate its ESG credentials transparently has become a vital business differentiator and a critical part of trust conversations.

Vladimir Kroa

October 10, 2022 6 min

GRC & Security Assurance

What can and can’t be automated for SOC 2

Not all SOC 2 components can be automated, but those that can save your business time and money. Learn more about what can be automated for SOC 2.

October 05, 2022 4 min

GRC & Security Assurance

What can and can’t be automated for SOC 2

Not all SOC 2 components can be automated, but those that can save your business time and money. Learn more about what can be automated for SOC 2.

October 05, 2022 4 min

Carbon Accounting

Corporate climate goals: Building your net zero story

When addressing climate change impact across the enterprise, it's important to consider not only your internal impact, but external influences.

Julie Yamamoto, ESG Content Marketing Manager

October 04, 2022 11

Carbon Accounting

Corporate climate goals: Building your net zero story

When addressing climate change impact across the enterprise, it's important to consider not only your internal impact, but external influences.

Julie Yamamoto, ESG Content Marketing Manager

October 04, 2022 11

Third-Party Due Diligence

Triage: The first step for effective third-party due diligence

According to the DOJ’s guidance, it’s necessary to prioritize due diligence, questionnaires, and contracting with the third parties that present highest risk.

Jenna Thomas

September 29, 2022 4 min

Third-Party Due Diligence

Triage: The first step for effective third-party due diligence

According to the DOJ’s guidance, it’s necessary to prioritize due diligence, questionnaires, and contracting with the third parties that present highest risk.

Jenna Thomas

September 29, 2022 4 min

GRC & Security Assurance

What is a SOC 2 report?

Systems and Organization Controls 2  is an attestation that evaluates your company’s ability to securely manage the data you collect from your customers.

September 28, 2022 6 min

GRC & Security Assurance

What is a SOC 2 report?

Systems and Organization Controls 2  is an attestation that evaluates your company’s ability to securely manage the data you collect from your customers.

September 28, 2022 6 min

Third-Party Risk

Why choose OneTrust for third-party management?

OneTrust simplifies third-party management by enabling control and visibility throughout the entire third-party lifecycle while you manage third parties.

Scott Solomon, Senior Manager, Product Marketing

September 23, 2022 5 min

Third-Party Risk

Why choose OneTrust for third-party management?

OneTrust simplifies third-party management by enabling control and visibility throughout the entire third-party lifecycle while you manage third parties.

Scott Solomon, Senior Manager, Product Marketing

September 23, 2022 5 min

GRC & Security Assurance

How much does ISO 27001 certification cost?

Companies are choosing to adopt a trusted security framework, and ISO 27001, as a globally recognized certification, is the framework of choice for many. 

September 21, 2022 6 min

GRC & Security Assurance

How to use your security program to win more deals

As more customers are concerned with data protection, a security-focused sales process can help win more deals.

September 21, 2022 2 min

GRC & Security Assurance

6 questions, 2 InfoSec directors: Your policy management answers

In a OneTrust-hosted webinar, we discussed the common pitfalls of policy management for InfoSec teams with the Director of Information Security at Arcadia.

Jason Koestenblatt

September 21, 2022 8 min

GRC & Security Assurance

6 questions, 2 InfoSec directors: Your policy management answers

In a OneTrust-hosted webinar, we discussed the common pitfalls of policy management for InfoSec teams with the Director of Information Security at Arcadia.

Jason Koestenblatt

September 21, 2022 8 min

GRC & Security Assurance

How much does ISO 27001 certification cost?

Companies are choosing to adopt a trusted security framework, and ISO 27001, as a globally recognized certification, is the framework of choice for many. 

September 21, 2022 6 min

GRC & Security Assurance

How to use your security program to win more deals

As more customers are concerned with data protection, a security-focused sales process can help win more deals.

September 21, 2022 2 min

Privacy & Data Governance

US privacy masterclass 2.0: webinars + roadshows

Get the latest information about updated consumer rights, expanded employee rights, and privacy risk assessments, and learn to operationalize them.

Anne Kenyon

September 20, 2022

Privacy & Data Governance

Children’s online safety at the forefront of California law

California's new law, AB 2273, known as the California Age-Appropriate Design Code Act (CAADCA), protects minors and their data on the Internet.

Ojas Rege

September 20, 2022 3 min

Privacy & Data Governance

US privacy masterclass 2.0: webinars + roadshows

Get the latest information about updated consumer rights, expanded employee rights, and privacy risk assessments, and learn to operationalize them.

Anne Kenyon

September 20, 2022

Privacy & Data Governance

Children’s online safety at the forefront of California law

California's new law, AB 2273, known as the California Age-Appropriate Design Code Act (CAADCA), protects minors and their data on the Internet.

Ojas Rege

September 20, 2022 3 min

GRC & Security Assurance

Understanding ISO 27001 Annex A Controls | Blog | OneTrust

Learn the key points of ISO 27001 Annex A controls and how they affect the overall audit process for your organization.

September 15, 2022 5 min

GRC & Security Assurance

Understanding ISO 27001 Annex A Controls | Blog | OneTrust

Learn the key points of ISO 27001 Annex A controls and how they affect the overall audit process for your organization.

September 15, 2022 5 min

GRC & Security Assurance

What is change management?

A defined change management process enables your organization to mitigate risk and reduce disruption.

September 14, 2022 4 min

GRC & Security Assurance

What is Statement of Applicability?

Your Statement of Applicability for ISO 27001, otherwise known as your SoA, is a mandatory step for anyone planning on pursuing ISO 27001 certification.

September 14, 2022 6 min

GRC & Security Assurance

What is change management?

A defined change management process enables your organization to mitigate risk and reduce disruption.

September 14, 2022 4 min

GRC & Security Assurance

What is Statement of Applicability?

Your Statement of Applicability for ISO 27001, otherwise known as your SoA, is a mandatory step for anyone planning on pursuing ISO 27001 certification.

September 14, 2022 6 min

GRC & Security Assurance

SyncMonkey saves $100K, hundreds of hours with SOC 2 compliance automation

Centralized information management system SyncMonkey took a proactive approach to security by investing in certification automation

September 13, 2022 3 min

GRC & Security Assurance

SyncMonkey saves $100K, hundreds of hours with SOC 2 compliance automation

Centralized information management system SyncMonkey took a proactive approach to security by investing in certification automation

September 13, 2022 3 min

Privacy & Data Governance

CPRA employee privacy rights moving ahead

The CPRA will extend new rights for employees which will present a unique set of challenges for organizations. Read the blog to learn more.

Tess Macapinlac, OneTrust Lead Privacy Counsel

September 08, 2022 5 min

Privacy & Data Governance

CPRA employee privacy rights moving ahead

The CPRA will extend new rights for employees which will present a unique set of challenges for organizations. Read the blog to learn more.

Tess Macapinlac, OneTrust Lead Privacy Counsel

September 08, 2022 5 min

GRC & Security Assurance

Building an information security program from scratch

In this blog, we’ll discuss the three stages of building your InfoSec program in more understandable terms, so you can get started getting more secure.

September 07, 2022 6 min

Ethics & Compliance

Compliance program performance metrics: How to measure compliance

Effectively Measuring compliance can prevent reputational damage, protect the bottom line, and potentially avoid costly fines and enforcement action.

Kelly Maxwell

September 07, 2022 7 min

Ethics & Compliance

Compliance program performance metrics: How to measure compliance

Effectively Measuring compliance can prevent reputational damage, protect the bottom line, and potentially avoid costly fines and enforcement action.

Kelly Maxwell

September 07, 2022 7 min

GRC & Security Assurance

Building an information security program from scratch

In this blog, we’ll discuss the three stages of building your InfoSec program in more understandable terms, so you can get started getting more secure.

September 07, 2022 6 min

Internal Audit Management

The ISO 27001 audit process

An ISO 27001 audit ensures your organization has the necessary information security management and relevant policies in place

September 07, 2022 5 min

Internal Audit Management

The ISO 27001 audit process

An ISO 27001 audit ensures your organization has the necessary information security management and relevant policies in place

September 07, 2022 5 min

Carbon Accounting

What are scope 1, 2, and 3 emissions?

The GHG Protocol Corporate Standard defines three types of GHG emissions - Scope 1 (direct emissions) and Scope 2 and Scope 3 (indirect emissions).

Julie Yamamoto, ESG Content Marketing Manager

September 06, 2022 14 min

Carbon Accounting

What are scope 1, 2, and 3 emissions?

The GHG Protocol Corporate Standard defines three types of GHG emissions - Scope 1 (direct emissions) and Scope 2 and Scope 3 (indirect emissions).

Julie Yamamoto, ESG Content Marketing Manager

September 06, 2022 14 min

Third-Party Risk

Reduce unnecessary risk with third-party risk management controls

As more tasks are outsourced to third-party providers, risk management programs become critical to securing sensitive data

September 03, 2022 4 min

Third-Party Risk

Reduce unnecessary risk with third-party risk management controls

As more tasks are outsourced to third-party providers, risk management programs become critical to securing sensitive data

September 03, 2022 4 min

ESG & Sustainability

Jump start your ESG program and reporting in 5 easy steps

ESG programs can be challenging to build and manage as they cross organizational boundaries and have multiple internal and external stakeholders.

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

August 31, 2022 5 min

ESG & Sustainability

Jump start your ESG program and reporting in 5 easy steps

ESG programs can be challenging to build and manage as they cross organizational boundaries and have multiple internal and external stakeholders.

Julie Yamamoto, ESG Content Marketing Manager, OneTrust

August 31, 2022 5 min

Ethics & Compliance

How to comply: German Supply Chain Due Diligence Act and forthcoming EU rules

New regulations around the world are focused on human rights, environmental risks, and labor rights, creating a new set of obligations for companies.

Kelly Maxwell, Content Marketing Specialist, OneTrust

August 29, 2022 7 min

Consent & Preferences

How does consent affect data retention?

Organizations must be able to justify and maintain meticulous records of how and why they’re using data downstream from the point of collection.

Ashlea Cartee, OneTrust Product Marketing Manager, Consent and Preferences

August 29, 2022 5 min

Ethics & Compliance

How to comply: German Supply Chain Due Diligence Act and forthcoming EU rules

New regulations around the world are focused on human rights, environmental risks, and labor rights, creating a new set of obligations for companies.

Kelly Maxwell, Content Marketing Specialist, OneTrust

August 29, 2022 7 min