Cloud Security Alliance and OneTrust Launch Free Vendor Risk Management Tool for CSA Members

Cloud Security Alliance and OneTrust Launch Free Vendor Risk Management Tool for CSA Members

PR Newswire

SEATTLE, Dec. 4, 2018

Automate the Vendor Risk Management Lifecycle for Compliance with Global Privacy Laws

SEATTLE, Dec. 4, 2018 /PRNewswire/ -- Today the Cloud Security Alliance (CSA) and OneTrust launched a free Vendor Risk Management (VRM) tool to automate the vendor risk lifecycle for compliance with the GDPR, CCPA and other global privacy and security frameworks. The CSA selected OneTrust, the largest and most widely used dedicated privacy management technology platform, to power vendor risk assessment and compliance automation for its more than 90,000 members. CSA members can access the tool today and automate vendor risk management at no cost.

Get started today with the CSA-OneTrust VRM tool

The CSAzOneTrust VRM tool is pre-populated with templates reproducing the CSA's best practices for cloud security and privacy assurance and compliance, including the Cloud Control Matrix (CCM), the Consensus Assessment Initiative Questionnaire (CAIQ) and GDPR Code of Conduct. Privacy and security tea­­ms can also build upon existing templates or create custom vendor assessments based on their business-specific needs.

The CSA-OneTrust VRM tool automates the entire vendor management lifecycle, including onboarding and offboarding vendors, triaging vendors, populating vendor information and monitoring the vendor risk lifecycle, all while maintaining records for accountability and compliance purposes. The tool is powered by Vendorpedia™ by OneTrust, a database of privacy and security details of more than 4,000 vendors that automatically populates vendor assessments based on the most up-to-date vendor information.

"In today's world of rapidly changing regulatory and security requirements, we needed to provide our members a comprehensive and continuously updated solution to manage the complete vendor risk lifecycle," said Jim Reavis, CEO, Cloud Security Alliance. "CSA members span industry, size, region and jurisdiction, and OneTrust's broad appeal, simplified model and international focus has the ability to scale for the diverse needs of our members. We're proud to offer their technology to our members free of cost so they can focus less on the time-consuming process of manually managing vendor relationships and instead focus on strategic imperatives within their teams."

"With the GDPR and CCPA putting the responsibility of personal data management on the shoulders of both data controllers and their vendors, it's crucial that businesses of all sizes can manage their vendors in an automated and centralised platform that's based on the most up-to-date vendor information," said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). "We want to give privacy and security professionals the power to automate and simplify what can be an overwhelming task of managing and monitoring vendor risk. We're honoured to be the solution of choice for the CSA community and to deliver a free solution for organizations using the CSA CCM, CAIQ and GDPR CoC frameworks." 


About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security- specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

About OneTrust
OneTrust is the largest and most widely used dedicated privacy management technology platform for compliance with global privacy laws. More than 1,700 customers, including 200 of the Global 2,000, use OneTrust to comply with global data privacy regulations across sectors and jurisdictions, including the GDPR, ePrivacy (Cookie Law), California Consumer Privacy Act (CCPA) and more. An additional 10,000 companies use OneTrust's technology through partnerships with organisations such as the International Association of Privacy Professionals (IAPP), the world's largest global information privacy community. 

OneTrust is co-headquartered in Atlanta and London with additional offices in Bangalore, Melbourne, Munich and Hong Kong. The fast-growing team of privacy and technology experts surpasses 500 employees worldwide. To learn more, visit

Media Contact: 
Gabrielle Ferree
+1 770-294-4668 

Photo -

Voltar noticias em Inglês