We performed a comparison between OneTrust GRC and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two GRC solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have data from Jira regarding addiction related to Europe as well as California. Additionally, we have data related to the Indian Data Protection Bill. Therefore, GDPR compliance is highly beneficial."
"It does help in the automation of our privacy impact assessments."
"OneTrust GRC is stable."
"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"As a solution for IT risks, it is a very good product."
"OneTrust GRC offers policy management, including documentation, distribution, attestation, and policy management."
"Vendors can be assessed and rated out of the tool, and assessments can be scheduled for updates at certain intervals."
"The product helps us streamline audit and incident management processes."
"Easy to implement with a high level of automation."
"Enables development of any application, automation of any workflow including the GRC work processes."
"RSA Archer has reduced the time and effort required for meetings."
"One of the useful features is the ability to connect to various systems in order to accommodate data."
"The product is very flexible."
"The most valuable part of the product is the ease-of-use and the opportunity to create custom security applications easily."
"Archer seamlessly integrates data systems without requiring additional software."
"It has various valuable features. For example, showing us if a control aligns with specific standards or frameworks helps us understand it better and verify its compliance."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."
"OneTrust GRC's workflows aren't automated and need to be manually driven."
"The product is not that easy to set up."
"There are several areas for improvement. One is the integration capability. Connecting various DSAR systems can be time-consuming if a single integration takes months to complete."
"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."
"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."
"We encounter difficulties creating multiple platforms or interfaces and manual processes for changing certain settings."
"It would be useful for customers if COBIT 2019 could be translated into different languages."
"The technology's a little outdated."
"It's resource-hungry, that's the best way of putting it."
"I find the tech support to be inadequately knowledgeable."
"There is no inbuilt alert in Archer to let us know that a data feed has failed or did not run for different reasons. So, we don't even get to know that a feed has not run until somebody reports it to us. This has been a problem all the time. Data feeds have always been a big headache for us because there is no feature to let us know if a feed has not run or has failed. If Archer had a feature to send us an email notification when a feed has failed, it would've been very helpful. This is the reason why our users are slowly moving away to another platform. Some of the modules that I have been managing are being moved to ServiceNow. Next year, a lot of our modules will be moved from RSA Archer to ServiceNow, and the data feed issue has been one of the main reasons."
"The product is expensive."
"The design and advanced workflow need to be improved."
"There should be a way to export and get data from the system in PDF or PowerPoint presentation format. This would be a great addition."
OneTrust GRC is ranked 5th in GRC with 9 reviews while RSA Archer is ranked 1st in GRC with 38 reviews. OneTrust GRC is rated 8.0, while RSA Archer is rated 8.0. The top reviewer of OneTrust GRC writes "Effective privacy management, but the technical support could improve, and it is difficult to implement". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". OneTrust GRC is most compared with ProcessUnity, AuditBoard, Workiva Wdesk, LogicGate and Bitsight Third-Party Risk Management, whereas RSA Archer is most compared with IBM OpenPages, MetricStream, Microsoft Purview Communication Compliance, Workiva Wdesk and Snow Governance & Risk. See our OneTrust GRC vs. RSA Archer report.
See our list of best GRC vendors and best IT Vendor Risk Management vendors.
We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.