OneTrust Automates DORA ICT Risk Management and Compliance

September 26, 2024

3 Min Read

PRESS RELEASE

ATLANTA, Sept. 24, 2024 /PRNewswire/ -- OneTrust, the market-defining platform helping organizations use data and AI responsibly, today announced new capabilities to help organizations enhance resilience across the financial sector and operationalize compliance with the EU's Digital Operational Resilience Act (DORA). Building upon its comprehensive OneTrust Third-Party Management solution, OneTrust will now offer first-to-market capabilities such as automated DORA "register of information" report creation and out-of-the-box depth of screening and compliance data.

"An organization's supply chain can be one of its biggest assets for efficiency and innovation, as well as its most significant obstacle to cyber resiliency. Amid growing global mandates for cyber resiliency like DORA, teams need a deep understanding of their extended enterprise and tools for managing risk at scale. By expanding on our robust Third-Party Management capabilities with game-changing, new capabilities, teams can gain much-needed visibility, automate risk and compliance management, and strengthen resilience," said Shiven Patel, Director of Third-Party Management at OneTrust.

With OneTrust, teams can gain much-needed visibility, automate risk and compliance management, and strengthen resilience

Introducing new capabilities to enhance resilience and operationalize DORA compliance

To further help organizations efficiently manage information and communication technology (ICT) and digital supply chain resilience and operationalize DORA compliance, OneTrust is delivering several new, standout capabilities:  

  • 4th- and nth-party risk management: Now, teams can automatically identify, link, and assess fourth and even nth parties to efficiently monitor concentration risk and demonstrate proportionality. 

  • Two-click register of information reporting: Quickly generate a complete "register of information" in relation to all contractual arrangements on the use of ICT services provided by ICT Third-Party Service Providers (ICT TPPs) and ICT service supply chains.

  • Enhanced risk and compliance data feeds: Meet due diligence requirements and screen ICT service providers against out-of-the-box risk and compliance datasets from Dow Jones Risk & Compliance, HackNotice, ISS-Corporate, RapidRatings, RiskRecon, Security Scorecard, and Supply Wisdom.

How Third-Party Management already helps organizations comply with DORA

Today, Third-Party Management empowers organizations to centralize the end-to-end risk management lifecycle. For ICT and supply chain risks and more, the solution allows teams to implement a data-centric and risk-based approach to identifying and mitigating risk, while continuously monitoring for changes to risk posture. Thanks to OneTrust's cross-domain insights, organizations can align internal teams and guide risk-aware decision-making to create a more resilient, secure, and scalable third-party ecosystem. Ahead of DORA taking effect in January 2025, Third-Party Management helps organizations meet the Act's third-party ICT requirements pertaining to:

  • Pre-Contract ICT Assessment

  • Inventory, Link, and Report on the ICT supply chain 

  • ICT Risk Treatment

  • ICT Lifecycle Management

Third-Party Management also integrates seamlessly with different solutions across the OneTrust Platform, including the newly introduced Compliance Automation. Compliance Automation and Third-Party Management work together to operationalize an actionable breakdown of the DORA regulatory requirements into measurable capabilities and build a fully compliant ICT risk management program.

Additional resources

  • Take a deep dive into the core components of OneTrust Third-Party Management

  • Stop by booth 412 at the Gartner Security & Risk Management Summit, September 23-25 in London to learn more

  • Register today for TrustWeek24 EMEA, October 15-16 in Madrid

About OneTrust

OneTrust unlocks the full potential of data and AI, responsibly. Our platform enforces the secure handling of company data, empowering organizations to drive innovation responsibly while mitigating risks. With a comprehensive suite of solutions spanning data and AI security, privacy, governance, risk, ethics, and compliance, OneTrust enables seamless collaboration between data teams and risk teams to enable rapid and trusted innovation. Recognized as the market leader in trust, OneTrust boasts over 300 patents and serves more than 14,000 customers globally, ranging from industry giants to small businesses. For more information, visit www.onetrust.com

© 2024 OneTrust LLC. All rights reserved. OneTrust and the OneTrust logo are trademarks or registered trademarks of OneTrust LLC in the United States and other jurisdictions. All other brand and product names are trademarks or registered trademarks of their respective holders.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights