We performed a comparison between OneTrust GRC and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two GRC solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Vendors can be assessed and rated out of the tool, and assessments can be scheduled for updates at certain intervals."
"We receive notifications or cases and prioritize them accordingly, which helps us address issues promptly."
"It does help in the automation of our privacy impact assessments."
"We have data from Jira regarding addiction related to Europe as well as California. Additionally, we have data related to the Indian Data Protection Bill. Therefore, GDPR compliance is highly beneficial."
"As a solution for IT risks, it is a very good product."
"The product helps us streamline audit and incident management processes."
"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"OneTrust GRC is stable."
"Its user interface is pretty neat, and there is flexibility in generating the data. You can customize reports at any level. You can directly get reports in Tableau format. If you want to generate statistical data, you can create reports with graphs. There is an adequate amount of flexibility for changing the format, the type of graphs, etc."
"The most valuable features of RSA Archer are the asset management, risk management, and vendor management."
"RSA Archer is a good tool and I have found performing the application, ISMS, and TPRM assessments beneficial."
"Good dashboards and reporting features; it's easy to gather reports quickly."
"With RSA Archer, an admin can set permissions for a normal user to go directly to the tool they need to input some data. Admins can then go through that and approve some requests. Also, they can log in based on these kinds of permissions, including ticketing, service patches, or upgrades."
"I like how Archer requires very little programming ability. A person with minimum coding experience can configure the necessary fields in Archer. It's more of a drag-and-drop solution."
"Flexible record permissions and data import features."
"Even non-technical people can be masters of the product."
"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."
"We encounter difficulties creating multiple platforms or interfaces and manual processes for changing certain settings."
"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."
"OneTrust GRC's workflows aren't automated and need to be manually driven."
"There are several areas for improvement. One is the integration capability. Connecting various DSAR systems can be time-consuming if a single integration takes months to complete."
"The product is not that easy to set up."
"It would be useful for customers if COBIT 2019 could be translated into different languages."
"I would like to see real-time data, from vulnerabilities, and threats."
"Archer could be improved by having more customization. I'm not sure if the backend processes have API calls and those kinds of seamless integrations, but from the front, some of the solutions are very out-of-the-box. It's not customizable, so that could be a little problematic since you have to use their features. In terms of the backend structure, I'm not too sure because I'm not a developer—I was an end user and product owner of Archer—and I don't quite know the backend and developmental features. But since it's an out-of-the-box solution, sometimes customization was challenging and support was a little problematic because we had to reach out to them all the time."
"The solution as a whole could be simplified."
"It would be nice if RSA Archer featured more customization. When customers are updating, they should be notified whether certain updates are optional. The install screen should not proceed to the next page unless we make some selections about which updates we want to install."
"The solution can be a little slow due to the Silverlight feature."
"I find the tech support to be inadequately knowledgeable."
"In terms of what can be improved, our client always says their user experience, IU/UX in RSA Archer. They found it is not as user friendly as other tools."
OneTrust GRC is ranked 5th in GRC with 8 reviews while RSA Archer is ranked 1st in GRC with 38 reviews. OneTrust GRC is rated 7.8, while RSA Archer is rated 8.0. The top reviewer of OneTrust GRC writes "Effective privacy management, but the technical support could improve, and it is difficult to implement". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". OneTrust GRC is most compared with ProcessUnity, AuditBoard, Workiva Wdesk, LogicGate and Bitsight Third-Party Risk Management, whereas RSA Archer is most compared with IBM OpenPages, MetricStream, Microsoft Purview Communication Compliance, Workiva Wdesk and AuditBoard. See our OneTrust GRC vs. RSA Archer report.
See our list of best GRC vendors and best IT Vendor Risk Management vendors.
We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.