Incident Management

Make incident management a proactive initiative to protect your business, rather than a moment in time event.

Integrate incident planning and response with your ongoing risk management initiatives using OneTrust GRC Incident Management.

GRC Incident Management

Operationalize Incident Management

OneTrust GRC provides a flexible workflow to detail and document efforts as you triage, remediate, and if necessary notify designated the appropriate stakeholders and authorities in the event of an incident. Link incidents to risk records to gain historical context into what action has already been taken and identify opportunities for improvement.

One-Trust-All-Icons-RGB_Checklist letter doc all black

Create Response Playbook

Easily configure repeatable workflows to guide and designate incident response tasks.

One-Trust-All-Icons-RGB_Speed all black

Link to Risk Records

Measure and track a broader scope of incident events risk realized over time.

One-Trust-All-Icons-RGB_Check search glass all black

Generate Notification Guidance

Onetrust DataGuidance Intelligence can detail action required based on the incident circumstances.

One-Trust-All-Icons-RGB_Invoice all black

Document & Execute Required Actions

Identify notification requirements, document and submit to the appropriate regulatory authorities

The widening regulatory scope of authorities and public platforms holding businesses accountable has made incident management a critical initiative. Businesses must proactively review their potential exposure, in addition to developing an incident response execution plan.

Incident Details

Create Response Playbook

  • Identify violations based on data elements, such as operating territories, the and the type of data involved to identify
  • Weigh existing business operations against breach notification requirements to evaluate compliance
  • Create detailed response plans that meet regulatory requirements using customizable workflows to support incident management
20200326 Incident Scope 1440x1024

Measure the scope of the incident

  • Review incidents and potentially compromised data and assets identified during an investigation
  • Highlight the reach of the incident across impacted jurisdictions and regulatory authorities
  • Review existing controls to measure the actual or potential extent of the event.
20200326 Incident Dashboard 1440x1024

Review related business activities

  • Identify controls associated with the impacted processes of the incident as well as related business activities
  • Catalog incidents in your GRC platform, link to existing risk or create a new risk record
  • Add context to incident management and review a broader business perspective across asset inventories and risk records
20200326 Incident Guidance 1440x1024

Generate Notification Guidance

  • Cut through layers of regulatory requirements by measuring against a variety of regulatory sources with a single assessment.
  • Pinpoint what relevant guidelines have been violated or that may be related to an incident even,
  • Identify what the implications are for your business operations given the existing incident scope
  • Outline steps to remediate the circumstances and maintain future compliance
20200407 Incident Scope 1440 x 1024

Document and execute required action

  • Cross-reference hundreds of laws maintained by a team of lawyers and independent consultants
  • Identify and obtain guidance on notification requirements per region using Incident Guidance Assessments
  • Identify the action required based on what authorities require in terms of documentation and notification, as well as necessary timelines
  • Utilize templated responses to streamline response
Onetrust All Rights Reserved