Bitsight vs OneTrust GRC comparison

BitSight and OneTrust are both solutions in the IT Vendor Risk Management category. BitSight is ranked #4 with an average rating of 8.8, while OneTrust is ranked #1 with an average rating of 8.1. BitSight holds a 11.6% mindshare in IVRM, compared to OneTrust’s 11.9% mindshare. Additionally, 100% of BitSight users are willing to recommend the solution, compared to 78% of OneTrust users who would recommend it.

Bitsight

Read 6 Bitsight reviews

1,875 Views
1,376 Comparison Views

100% willing to recommend

OneTrust GRC

Read 14 OneTrust GRC reviews

2,424 Views
1,210 Comparison Views

78% willing to recommend

Bitsight

OneTrust GRC

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Bitsight and OneTrust GRC based on real PeerSpot user reviews.

Find out in this report how the two IT Vendor Risk Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Bitsight vs. OneTrust GRC Report (Updated: October 2024).

Buyer's Guide

Bitsight vs. OneTrust GRC

October 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

Bitsight

Ranking in IT Vendor Risk Management

4th

Average Rating

8.6

Number of Reviews

Ranking in other categories

Attack Surface Management (ASM) (13th)

OneTrust GRC

Ranking in IT Vendor Risk Management

1st

Average Rating

8.2

Number of Reviews

Ranking in other categories

GRC (2nd)

Mindshare comparison

As of November 2024, in the IT Vendor Risk Management category, the mindshare of Bitsight is 11.6%, down from 16.2% compared to the previous year. The mindshare of OneTrust GRC is 11.9%, down from 13.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

IT Vendor Risk Management

Featured Reviews

Alfredo Alvim

Telecommunications Engineer at Portugal Telecom

Jan 23, 2024

Provides comprehensive insights into security posture

Bitsight provides comprehensive insights into security posture, enabling us to effectively reduce risks. it increases the security of writing and reduces the risks We work directly on their website to define all the assets that we need to scan. We have some meetings with the manager. For example,…

Read full review

Gerald Pegg

Governance Risk and Compliance Coordinator at HUB International

Oct 11, 2024

Streamlined incident management with user-friendly automation tools and responsive support

I use OneTrust specifically for incident management. For my company, I helped to create the incident management program that we currently use, particularly with gathering the information and sending out assessments to different vendors to collect information for further research and discovery. I…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product helps us identify the vulnerabilities of internet-facing applications."

"Offers open ports from an external point of view."

"Its customer service team responds quickly."

"I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."

"The solution is user-friendly."

"The best thing about BitSight is the comprehensive list of risk vectors, covering compromised systems, diligence failures, and behavioral anomalies."

"The simplicity of OneTrust GRC, particularly its user interface, is valuable as it makes it easy to use and not complex."

"The most valuable feature of the solution is that it already has visibility about all the data protection regulations or other cybersecurity regulations related to several countries"

"OneTrust GRC is stable."

"One of the most beneficial features of the product has been its cloud-based IT and vendor risk management tools, along with built-in templates for GDPR and ISO compliance."

"We receive notifications or cases and prioritize them accordingly, which helps us address issues promptly."

"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."

"The privacy impact assessment automation tool and the incident management tool are very user-friendly."

"The platform is especially useful in startup environments where we're typically starting from scratch."

More OneTrust GRC pros

Cons

"BitSight could improve the classes and lower-level detections of anomalies that compound the information used to compute the rating."

"Data enrichment is the major issue."

"Its factor analysis feature could be better."

"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."

"The solution’s benchmarking should be improved."

"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."

"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."

"The implementation of OneTrust could have been smoother, particularly in terms of scoping for those outside of governance, risk, and compliance."

"The platform was not built in a way that allowed multinational entities to use it seamlessly."

"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."

"There are several areas for improvement. One is the integration capability. Connecting various DSAR systems can be time-consuming if a single integration takes months to complete."

"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."

"They could enhance the product's functionalities like audit management and ensure consistency across modules."

"There could be enhancements related to AI."

More OneTrust GRC cons

Pricing and Cost Advice

"The solution's price is average."

"The product has a reasonable price."

"OneTrust GRC is an expensive solution."

"The solution is expensive."

"OneTrust GRC's licensing costs about $15,000 per module."

"On a scale from one to ten, where one is cheap, and ten is too expensive, I rate the solution a seven since it falls under the pricey side."

"The platform is expensive."

"I found the pricing and setup cost very reasonable."

See which vendors are best for you

Use our free recommendation engine to learn which IT Vendor Risk Management solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Computer Software Company

15%

Insurance Company

Manufacturing Company

Financial Services Firm

14%

Computer Software Company

12%

Government

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about BitSight?

The solution is user-friendly.

See all answers

What is your experience regarding pricing and costs for BitSight?

The product is a little expensive and very oriented to large companies.

See all answers

What needs improvement with BitSight?

BitSight could improve the classes and lower-level detections of anomalies that compound the information used to compute the rating. They could evolve to be a more powerful scanner of cyber hygiene...

See all answers

What do you like most about OneTrust GRC?

We have data from Jira regarding addiction related to Europe as well as California. Additionally, we have data related to the Indian Data Protection Bill. Therefore, GDPR compliance is highly benef...

See all answers

What is your experience regarding pricing and costs for OneTrust GRC?

I don't have specifics on pricing. I know it's not very cheap, but the budget aspect is outside my wheelhouse.

See all answers

What needs improvement with OneTrust GRC?

I wish there were more customization options, particularly within the privacy rights automation module. More customization on the backend would allow for adjusting specific category labels tailored...

See all answers

Comparisons

SecurityScorecard vs Bitsight

Compared 30% of the time

RiskRecon vs Bitsight

Compared 17% of the time

Black Kite vs Bitsight

Compared 15% of the time

Tenable Lumin vs Bitsight

Compared 7% of the time

UpGuard Vendor Risk vs Bitsight

Compared 6% of the time

More Bitsight Competitors

RSA Archer vs OneTrust GRC

Compared 29% of the time

ProcessUnity vs OneTrust GRC

Compared 20% of the time

AuditBoard vs OneTrust GRC

Compared 17% of the time

Workiva Wdesk vs OneTrust GRC

Compared 11% of the time

Aravo vs OneTrust GRC

Compared 5% of the time

More OneTrust GRC Competitors

Product Reports

Buyer's Guide

IT Vendor Risk Management

October 2024

Download Bitsight product report

Buyer's Guide

OneTrust GRC

November 2024

Download OneTrust GRC product report

Also Known As

No data available

OneTrust Vendor Risk Management

Learn More

BitSight

OneTrust

Overview

BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter.

OneTrust is the largest and most widely used technology platform to operationalize privacy, security and third-party risk management. More than 2,500 customers, both big and small and across 100 countries, use OneTrust to demonstrate compliance with privacy regulations including the GDPR, California Consumer Privacy Act, Brazil LGPD, and hundreds of the world's privacy laws.

OneTrust's size and scale allows it to offer the easiest-to-use and most affordable solution for implementing use cases including: Privacy Maturity Benchmarking, Data Protection by Design and Default (PbD), Data Protection Impact Assessments (PIA/DPIA), Third-Party Vendor Risk Management, Incident and Breach Response, Data Mapping (Records of Processing), Customer Preference Management, Consent Management, Website Scanning & Cookie Compliance, Mobile App Scanning, Data Subject/Consumer Rights Management and Policy & Notice Management.

The platform's intelligence comes from DataGuidance by OneTrust, an in-depth and up-to-date source of privacy and security regulatory summaries, guidance, templates, case law, and analysis. The database is updated daily by over 20 in-house privacy researchers, along with a network of 500 lawyers across over 300 jurisdictions.

OneTrust's 700 employees are located across co-headquarters in Atlanta and in London with additional locations in Bangalore, Melbourne, San Francisco, New York, Munich and Hong Kong. To learn more, visit OneTrust.com.

Sample Customers

Fannie Mae, Cabela's, BNP Paribas, PWC, AIR Worldwide, Con Edison, The Container Store, OshKosh, Steris, University of South Florida, Emblem Health, Lloyds Bank

randstand, into, halfbrick

Buyer's Guide

Bitsight vs. OneTrust GRC

October 2024

Free Report: Bitsight vs. OneTrust GRC

Find out what your peers are saying about Bitsight vs. OneTrust GRC and other solutions. Updated: October 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our Bitsight vs. OneTrust GRC report.

See our list of best IT Vendor Risk Management vendors.

We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.