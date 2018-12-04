Automate the Vendor Risk Management Lifecycle for Compliance with Global Privacy Laws

SEATTLE, Dec. 4, 2018 /PRNewswire/ -- Today the Cloud Security Alliance (CSA) and OneTrust launched a free Vendor Risk Management (VRM) tool to automate the vendor risk lifecycle for compliance with the GDPR, CCPA and other global privacy and security frameworks. The CSA selected OneTrust, the largest and most widely used dedicated privacy management technology platform, to power vendor risk assessment and compliance automation for its more than 90,000 members. CSA members can access the tool today and automate vendor risk management at no cost.

The CSAzOneTrust VRM tool is pre-populated with templates reproducing the CSA's best practices for cloud security and privacy assurance and compliance, including the Cloud Control Matrix (CCM), the Consensus Assessment Initiative Questionnaire (CAIQ) and GDPR Code of Conduct. Privacy and security teams can also build upon existing templates or create custom vendor assessments based on their business-specific needs.

The CSA-OneTrust VRM tool automates the entire vendor management lifecycle, including onboarding and offboarding vendors, triaging vendors, populating vendor information and monitoring the vendor risk lifecycle, all while maintaining records for accountability and compliance purposes. The tool is powered by Vendorpedia by OneTrust, a database of privacy and security details of more than 4,000 vendors that automatically populates vendor assessments based on the most up-to-date vendor information.

"In today's world of rapidly changing regulatory and security requirements, we needed to provide our members a comprehensive and continuously updated solution to manage the complete vendor risk lifecycle," said Jim Reavis, CEO, Cloud Security Alliance. "CSA members span industry, size, region and jurisdiction, and OneTrust's broad appeal, simplified model and international focus has the ability to scale for the diverse needs of our members. We're proud to offer their technology to our members free of cost so they can focus less on the time-consuming process of manually managing vendor relationships and instead focus on strategic imperatives within their teams."

"With the GDPR and CCPA putting the responsibility of personal data management on the shoulders of both data controllers and their vendors, it's crucial that businesses of all sizes can manage their vendors in an automated and centralised platform that's based on the most up-to-date vendor information," said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). "We want to give privacy and security professionals the power to automate and simplify what can be an overwhelming task of managing and monitoring vendor risk. We're honoured to be the solution of choice for the CSA community and to deliver a free solution for organizations using the CSA CCM, CAIQ and GDPR CoC frameworks."

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security- specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud - from providers and customers, to governments, entrepreneurs and the assurance industry - and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

About OneTrust

OneTrust is the largest and most widely used dedicated privacy management technology platform for compliance with global privacy laws. More than 1,700 customers, including 200 of the Global 2,000, use OneTrust to comply with global data privacy regulations across sectors and jurisdictions, including the GDPR, ePrivacy (Cookie Law), California Consumer Privacy Act (CCPA) and more. An additional 10,000 companies use OneTrust's technology through partnerships with organisations such as the International Association of Privacy Professionals (IAPP), the world's largest global information privacy community.

OneTrust is co-headquartered in Atlanta and London with additional offices in Bangalore, Melbourne, Munich and Hong Kong. The fast-growing team of privacy and technology experts surpasses 500 employees worldwide. To learn more, visit OneTrust.com.

