OneTrust

OneTrust is a governance platform covering data privacy, third-party risk, and regulatory compliance across more than 300 jurisdictions. With 14,000 customers, it supports GDPR, CCPA, HIPAA, ISO 27001, SOC 2, and many others from a single interface.

For accounting firms, the two most relevant scenarios are handling EU client data under GDPR and advising clients in regulated sectors. On the GDPR side, OneTrust automates consent collection, maintains a Record of Processing Activities, and handles data subject access and deletion requests without manual coordination across systems. Firms with an advisory practice can recommend OneTrust to clients in healthcare, financial services, or retail, taking on a governance role rather than focusing solely on tax or bookkeeping.

Key modules include data discovery and classification, cookie and consent management, third-party vendor risk assessments, DPIAs, AI risk assessments, and a no-code workflow engine that routes tasks without developer involvement. Regulatory intelligence from 40-plus in-house researchers keeps the framework library current as new rules come into force.

OneTrust works with Slack, Google Workspace, Microsoft 365, AWS, and Okta, and supports multiple languages for multinational firms.

Pricing scales with the number of systems and users and is not published. There is no free trial. OneTrust is available globally and fits small to mid-sized firms; solo practitioners are unlikely to need its breadth. Consulting and reseller partner programmes are available through OneTrust's partner portal.