Uncategorized

March 22, 2022 -

Establishing an Intel-Lead Security Program: 5 Key Components

The risk landscape expands each day, and your organization’s security program needs to keep up. Whether it’s a recent

March 14, 2022 -

What is the German Supply Chain Due Diligence Act?

In June of 2021, Germany’s legislature passed the Act on Corporate Due Diligence in Supply Chains (Supply Chain Due

March 7, 2022 -

The Chief Trust Officer (CTRO) & Vendor Risk Management: Top Challenges & Biggest Opportunities 

As risk vectors evolve, it’s critical that organizations implement a business strategy that unites risk domains and keeps trust

February 28, 2022 -

How to Build a Proactive IT & Security Framework

Refining your IT & security risk management strategy is an ongoing requirement at any stage of program maturity. Recent

February 16, 2022 -

How Does Your Privacy Framework Support Better Security Oversight? 

Security is a key pillar of any privacy program – meaning holistic security and privacy compliance is crucial to business

February 11, 2022 -

Ransomware Risk Management: The PCI Security Standards Council & National Cybersecurity Alliance’s Ransomware Bulletin 

The PCI Security Standards Council (PCI SSC) and National Cybersecurity Alliance published a bulletin in response to the rise

February 7, 2022 -

Get to Know: OneTrust’s Channel Chief Gordy Wyatt

We’re excited to announce that Gordy Wyatt, OneTrust’s North America Channel Director, has been named a 2022 Channel Chief

February 4, 2022 -

Buy-In Guide: Making the Case for TPRM Software 

OneTrust Vendorpedia™ is the largest and most widely used technology platform to operationalize third-party risk. The technology platform enables

February 2, 2022 -

Preview OneTrust’s Ultimate Guide to VRM for Privacy Professionals

Vendor Risk Management – GDPR as a Global Benchmark  The management of vendor risk from a data protection standpoint

January 27, 2022 -

The Importance of User-Driven Configuration for Flexible IT Risk Management and Privacy Compliance

Digital transformation is more than just the move from manual processes to the internet of things (IoT) technologies, it’s ongoing change management

December 30, 2021 -

A Year in Review: Key takeaways, Top Breaches & More 2021 Security Trends

2021 Top Breaches, Hacks, and Outages  From incidents in the oil and gas industry to successful ransomware defense in

December 20, 2021 -

The Future of TPRM: Third Party Risk Management Predictions for 2022

Third-Party Risk Management (TPRM) is the way that a company looks at vendor relationships and manages the risks that they

December 16, 2021 -

Build the Business Case: The Importance of Business Resilience and TPRM

Throughout the beginning of December, a major web service and retail provider (that now controls 33% of the cloud

December 14, 2021 -

Working With Vendors to Address the Apache Log4j 2 Library Vulnerability

There is a new critical vulnerability that impacts one of the most popular open-source Java logging libraries, Apache Log4j 2. The exploit has been identified as a

December 13, 2021 -

OneTrust Partners with Big Brother Big Sister of Metro Atlanta to Support Youth

OneTrust partners with Big Brother Big Sister of Metro Atlanta to support our local community. In June 2020, OneTrust

December 9, 2021 -

NIS2: An EU-Wide Cybersecurity Strengthening and Resilience Solution

On December 3, the Council of the European Union (EU), announced that it had agreed on its general approach to the text

December 3, 2021 -

Privacy and IT Risk: How Secure Are Your Assets Securing Personal Data?

Why IT Risk is Essential to Privacy Excellence  Privacy and IT risk management professionals have untapped potential in bringing more value to

December 2, 2021 -

The CECO & Vendor Risk Management: Top Challenges & Biggest Opportunities

Complex regulations are accelerating the need for organizations to realign their business practices from top-to-bottom. The consequences for non-compliance

November 29, 2021 -

ESG Corporate Ratings and ESG QualityScore Data Now Available Out-of-the-Box in the Vendorpedia Exchange Community

OneTrust Vendorpedia has partnered with ISS Corporate Solutions to pull ISS ESG Corporate Ratings and QualityScore data for covered

October 28, 2021 -

The CSO (Chief Sustainability Officer) & Vendor Risk Management: Top Challenges & Biggest Opportunities 

Maintaining a strong security posture is more important than ever, and that includes addressing all aspects of organizational cybersecurity from both

October 25, 2021 -

Digital Transformation and the Impact of the Evolving Digital Landscape  

Over the last year, reliance on remote work drove a rapid increase in digital transformation, pushing security teams to

October 18, 2021 -

Educate, Empower, Enable: The Importance of Cybercentric Education 

As the technological landscape continues to evolve, digital risk management needs are growing. Increased compliance obligations, digital transformation, and the proliferation

September 17, 2021 -

Putting Your Incident Management Playbook Into Action: Part 1 – Prepare

Putting Your Incident Management Playbook Into Action: Part 1 – Prepare Security incidents and data breaches are quickly becoming

August 12, 2021 -

The Accenture Ransomware Attack: A Use Case for Effective Risk Mitigation

Targeted ransomware attacks have reached new heights, with a 62% global attack spike and a 158% increase in North American attacks alone. As ransomware

August 10, 2021 -

ITRM 101: Understanding the Impact of IT Risk on Your Organization

Defining ITRM IT Risk Management (ITRM) is a form of risk mitigation commonly used in information technology (IT). Per the ISACA Risk IT Framework, ITRM is

July 2, 2021 -

How Good IT Asset and Risk Management Can Protect You from Ransomware

A recent surge in ransomware attacks against critical infrastructure suggests a trend in cybercrime for the year. Groups of bad actors

June 30, 2021 -

The Benefits of Combining Data Mapping and Data Residency

More and more countries are creating parameters about data localization. Every policy is a little bit different, with some

June 22, 2021 -

How Your Organization Can Use an Incident Management Playbook

The chances of your organization being the victim of a data breach is now up to 1 in 4.

June 17, 2021 -

Celebrating our Community of Trust

OneTrust is trusted by over 10,000 companies, both big and small. To celebrate our five-year anniversary, we spoke with

June 14, 2021 -

Risk Management: Making Your Organization First Line Friendly

What does it mean to make your risk management program first line friendly? While risk management is critical to

June 3, 2021 -

New Wave of Ransomware Attacks Hits US Infrastructure 

A recent surge in ransomware attacks against critical infrastructure suggests a trend in cybercrime for the year. Groups of bad actors are targeting countries’ essential services (oil, food production, etc.) because

May 17, 2021 -

Understanding the 7 Principles of the GDPR 

The General Data Protection Regulation (GDPR) rewrote the rules on privacy, forcing companies to update their operations and even

April 23, 2021 -

Apple iOS 14.5: How to Prepare with OneTrust

Yesterday, Apple revealed that iOS 14.5 will go into effect on April 26th.  Apple first launched the 14.5 beta to the public earlier this year

March 19, 2021 -

How to Prepare for Apple iOS 14.5 Privacy Requirements

Apple iOS 14.5 Privacy Requirements and iPadOS 14.5 are scheduled for an early spring 2021 release. The new release will include many new features, including a major privacy upgrade. This update will include

March 11, 2021 -

UK Adequacy Decision FAQs: Your Top 5 Questions Answered

The European Commission announced a draft UK adequacy decision on February 19, 2021. A move that will allow data to flow freely between

January 6, 2021 -

Integrate Microsoft Word into the OneTrust GRC Policy Management Software

To help companies improve policy management processes, OneTrust GRC today announced our policy management software integration with Microsoft Word.

December 2, 2020 -

Global Privacy Laws Update 2020

Global privacy laws have continued to develop rapidly throughout the course of 2020. Significant new laws have entered into force such as the LGPD in Brazil, further sections of POPIA commenced, and

September 25, 2020 -

LGPD vs. GDPR

Inspired by the European Union’s General Data Protection Regulation (GDPR), Brazil’s (Lei Geral de Proteção de Dados or LGPD) regulates how companies collect, store, handle, and share personal data.   Who the LGPD Impacts 

July 16, 2020 -

OneTrust Expands EU Solution in Response to Schrems II Decision

The CJEU today issued its judgment in the Schrems II case, invalidating the EU-US Privacy Shield. For now, the

July 7, 2020 -

AI & Data Protection Law

Companies today are finding ways to be more efficient and replace the timely, complex human-based tasks with technology. Innovative technology, like artificial intelligence (AI), streamlines

July 1, 2020 -

OneTrust DataGuidance Add Three New Comparison Charts to its Catalog of Privacy Research Tools

OneTrust DataGuidance has added three new comparison charts to its extensive catalog of privacy research tools. The latest additions focus on the

June 9, 2020 -

New Privacy Essentials in the Financial Sector Awareness Training Course

OneTrust Awareness Training now offers a newly developed course designed specifically for promoting a fundamental understanding of the key

June 5, 2020 -

The Evolution of Valid Consent for Cookies in Germany

On May 28, 2020, Germany’s Federal Court of Justice (‘BGH’) announced its decision on the Planet49 case, ruling that the use of pre-ticked checkboxes in Planet49’s online

May 28, 2020 -

Deja Vu: Data Privacy Standards Evolution Draws Eerily Similar Comparison to PCI-DSS

As the data privacy space continues to awkwardly mature, we’re in the midst of a privacy sovereignty evolution. An

May 13, 2020 -

OneTrust Launches All New Courses for Publishers: IAB TCF 2.0 2020 Master Class Webinar Series

Today OneTrust opened registration for an IAB Europe Transparency and Consent Framework 2.0 (TCF 2.0) Master Class Webinar Series! The free webinar series is led by OneTrust privacy experts and designed to help publishers properly

May 6, 2020 -

Introducing OneTrust GRC’s Audit & Policy Management: Two New Tools to Support ISMS Programs

Navigating risk and upholding information security management system (ISMS) programs across an organization relies heavily on the ability to

April 21, 2020 -

When Will South Africa’s POPIA Enter Fully into Effect?

What is POPIA? The Protection of Personal Information Act (‘POPIA’)–South Africa’s omnibus data protection statute—was signed into law in

April 8, 2020 -

Announcing the New APAC Webinar Series

Registration is now open for OneTrust’s APAC Webinar Series! The global regulatory landscape keeps evolving, so continued compliance with

March 9, 2020 -

OneTrust PrivacyTech Postponed to Fall 2020

OneTrust is committed to the safety and well-being of our privacy, security and trust community at large.   We’ve been closely

February 19, 2020 -

What Does the Brexit Transition Period Mean for GDPR and Privacy Pros?

On January 31, 2020, the UK officially left the EU. A Brexit transition period will now span January 31,

January 30, 2020 -

Breaking Up is Hard to Do: the UK and the EU

On January 31, 2020, the United Kingdom (UK) is planning on exiting the European Union. (EU) This will impact the privacy world in many ways. In this blog post,

January 16, 2020 -

Integrated Risk Management vs. GRC

Comparing two schools of thought, Integrated Risk Management vs GRC. Governance Risk and Compliance (GRC) is a well-established practice,

December 19, 2019 -

News: CJEU Publishes AG Opinion on Facebook Ireland and Schrems Case

On December 19, 2019, the Court of Justice of the European Union (CJEU) published the non-binding opinion of Henrik

December 19, 2019 -

Centralizing Your Risk Register

Consolidate information to deliver a complete view of your enterprise’s risk exposure. Many companies have a “centralized risk register”

November 20, 2019 -

Adding Context to Your Integrated Risk Management Program

Integrated Risk Management, Contextualizing Data with an Intelligent Platform for Added Value to Your Everyday Business Functions. In the

December 14, 2018 -

What the CNIL’s Recent Decisions Involving Vectaury, Fidzup, Teemo and Singlespot Reveal about What a Consent UI Should Look Like

And What Steps You Can Take Today to Collect Valid User Consent The French data protection authority (CNIL) has recently closed three cases (with companies Teemo, Fidzup and Singlespot) and

November 1, 2018 -

Canada’s New Data Breach Reporting Law Takes Effect Today

Companies subject to the Personal Information Protection and Electronic Documents Act (the “PIPEDA“) will now need to satisfy the reporting and

March 7, 2018 -

WP29 Publishes Revised Guidelines on Personal Data Breach Notification Under GDPR

WP29 Publishes Revised Guidelines on Personal Data Breach Notification Under GDPR In October 2017, the Article 29 Working Party

November 9, 2017 -

WP29 Guidelines Review: How DPAs Will Apply Administrative Fines Under the GDPR

WP29 Guidelines Review: How DPAs Will Apply Administrative Fines Under the GDPR The GDPR grants extensive enforcement powers to

October 5, 2017 -

OneTrust GDPR Deep Dive Series Chapter 10: Delegated Acts and Implementing Acts & Chapter 11: Final Provisions

OneTrust GDPR Deep Dive Series Chapter 10: Delegated Acts and Implementing Acts & Chapter 11: Final Provisions Chapter 10

September 28, 2017 -

OneTrust Legal Team Authors GDPR Privacy Advisor Post for IAPP

OneTrust Legal Team Authors GDPR Privacy Advisor Post for IAPP OneTrust’s Chief Privacy Officer, Andrew Clearwater, CIPP/US and Privacy

August 4, 2017 -

The GDPR’s Impact on Marketing and Advertising

The GDPR’s Impact on Marketing and Advertising   When companies share customers’ personal information with third-parties, they’re helping brands

July 27, 2017 -

OneTrust GDPR Deep Dive Series Chapter 5: Transfers of Personal Data to Third Countries or International Organisations

OneTrust GDPR Deep Dive Series Chapter 5: Transfers of Personal Data to Third Countries or International Organisations Chapter 5

June 29, 2017 -

OneTrust GDPR Deep Dive Series Chapter 3: Rights of the Data Subject

OneTrust GDPR Deep Dive Series Chapter 3: Rights of the Data Subject One of the most important goals of the GDPR is to protect

June 15, 2017 -

OneTrust GDPR Deep Dive Series: Chapter 2

OneTrust GDPR Deep Dive Series Chapter 2: Principles Chapter 2 outlines basic principles and provides information to help companies prepare

June 1, 2017 -

Introducing the OneTrust GDPR Deep Dive Series

Introducing the OneTrust GDPR Deep Dive Series The one-year countdown to GDPR started last week. To mark the occasion, OneTrust

January 31, 2017 -

How GDPR Compliance Can Save You Money

How GDPR Compliance Can Save You Money As January comes to a close, reality begins to sink in that

January 12, 2017 -

Belgian DPA Seeks Public Comments on DPIA Draft Recommendation

Belgian DPA Seeks Public Comments on DPIA Draft Recommendation As the Belgian DPA (Commission de la protection de la

December 27, 2016 -

#5QsforCPOs: Andrea White – Chief Compliance Counsel and Privacy Officer @ Toyota

#5QsforCPOs: Andrea White – Chief Compliance Counsel and Privacy Officer @ Toyota In our #5QsForCPOs blog series, OneTrust conducts

December 16, 2016 -

WP29 Releases GDPR Implementation Guidelines and FAQs

WP29 Releases GDPR Implementation Guidelines and FAQs Coming at the heels of the EU ePrivacy Regulation leak, the Article

November 15, 2016 -

EU Businesses Aren’t Just Unprepared for GDPR… They’re Underpreparing

EU Businesses Aren’t Just Unprepared for GDPR… They’re Underpreparing Computing UK conducted a study in February 2016 that revealed

October 3, 2016 -

Can Payments Companies Monetize Data and Still Comply with GDPR?

Can Payments Companies Monetize Data and Still Comply with GDPR? A growing trend among payment service providers is identifying

September 29, 2016 -

How GDPR Applies to Charities and NPOs

How GDPR Applies to Charities and NPOs Between fundraising, events, and charitable giving, non-profit organizations (NPOs) collect a ton of

September 27, 2016 -

GDPR Will Require Accountability Through Privacy and Security by Design

GDPR Will Require Accountability Through Privacy and Security by Design PRIPARE defines Privacy by Design a few different ways:

September 26, 2016 -

Concept of a Privacy Threshold Assessment

Concept of a Privacy Threshold Assessment PTA Overview Privacy Impact Assessments/Analyses (PTAs) are an important aspect of privacy compliance

September 23, 2016 -

#5QsforCPOs: Pat Manzo – EVP, Global Customer Service & Chief Privacy Officer at Monster

#5QsforCPOs: Pat Manzo – EVP, Global Customer Service & Chief Privacy Officer at Monster In our #5QsForCPOs blog series,

August 15, 2016 -

GDPR and Operational Reform

GDPR and Operational Reform Data Protection was once the siloed concern of a company’s privacy team, but GDPR’s imminence

August 10, 2016 -

How Brexit Will Impact UK GDPR Compliance

How Brexit Will Impact UK GDPR Compliance On June 23, U.K. citizens approved Article 50, a Brexit from the

Onetrust All Rights Reserved