PwC and OneTrust

Data trust and risk management reimagined, powered by OneTrust

Support your trust, business and risk management strategies through tech-enablement with PwC and OneTrust

Data trust has quickly become a business imperative. According to PwC’s 2023 Trust Survey, 50% of consumers say they have experienced a trust-damaging event, with the majority of those consumers saying they ended the relationship with the company. It’s time to put trust at the center of your data and risk management strategies.

Together, PwC and OneTrust can bring a coordinated and tailored approach to your data trust and risk management vision. OneTrust’s Trust Intelligence Platform provides a suite of privacy, AI governance, data governance, risk management, security, compliance, internal and third-party risk management, ESG, and other trust solutions.

Combined with PwC’s strategy, implementation, deployment, and change management knowledge, we can assist your business in governing, discovering, protecting, reducing and reporting on data so you can meet your ultimate data value objectives and help reduce risk.

Data trust challenges

In today’s complex and ever-changing regulatory landscape, organizations are facing a number of challenges when it comes to managing privacy, security, third-party, ESG, AI and overall data risks.

These challenges include:

Many organizations have a complex and fragmented data landscape, which makes it difficult to track and manage data.

Many organizations struggle to assess their data, privacy, security, third-party, and ESG risks; prioritize their risk mitigation efforts; and make informed decisions about how to manage their risks.

Data privacy and data protection regulations are becoming increasingly complex and demanding, making it increasingly difficult for organizations to track their compliance progress, identify compliance gaps, and remediate compliance issues.

Many organizations have manual processes for managing data, privacy, security, third-party, and ESG risks. This can be time-consuming and error-prone.

Many organizations struggle to measure the trust that their customers, employees, and other stakeholders have in them, lacking the tools to measure their trust posture and to track their progress over time. This makes it difficult for organizations to make improvements to their trust programs and to demonstrate their commitment to trust.

Other challenges include:

  • Ineffective implementation or difficulty scaling or maintaining privacy, third-party risk management (TPRM), governance, risk, compliance (GRC) capabilities
  • Lack of governance, visibility into data, automation, or duplicated activities attributing to inefficiencies in the Privacy, TPRM, or GRC programs
  • Challenge managing risk, compliance with regulations and frameworks, and enterprise issues leading to inability to inform business decision and demonstrate trust

Why PwC and OneTrust

As companies continue to use personal information in new ways, regulator and consumer scrutiny continues to rise, and the speed of risks increases, it is imperative to build a cohesive and holistic solution for their data trust and transparency objectives. Many organizations struggle to develop enhanced and sustainable data trust capabilities enabled by technology, but PwC and OneTrust can help.

  • Build a culture of data trust and transparency and maintain regulatory readiness
  • Enhance program operations and harmonize risk and compliance programs to help create a risk aware organization that can be both proactive and strategic
  • Develop a holistic view of risk to help mitigate internal and external privacy, security, and data risks

Enable your business through data trust

Maintaining regulatory readiness

Deploying privacy technology and supporting processes across the organization will help not only to meet immediate privacy requirements, but also prepare for upcoming applicable regulations

Building data trust

As consumers become more careful about sharing data, it's imperative for companies to meet the expectations and experience their consumers expect

Optimizing program operations

With the challenge of managing and operating a comprehensive privacy program, the goal is to not simply stand up a privacy program, but to understand how and where technology can help scale them

Helping realize customer value

As organizations continue to ingest a growing volume of personal information, a fundamentally sound data management program is key to improve decision-making and optimize usage of data

How PwC can help with OneTrust

Design and strategy support

Assist in evaluation of the current state environment and provide strategic and tactical recommendations to enhance data trust program maturity.

Operation and implementation support

Provide operational and implementation support using one or more OneTrust modules to operationalize and enhance existing processes.

Managed services

Operate OneTrust modules on behalf of our clients in a managed services or outsourced arrangement.


Identify opportunities to expand the scope of OneTrust usage amongst clients in different industries.

The value of PwC and OneTrust

PwC and OneTrust have an established alliance that can be leveraged throughout our engagement with you.

We have extensive experience assisting clients with OneTrust products and operationalizing them on their behalf.

PwC’s Cybersecurity, Risk and Regulatory practice has a global staffing model with resources that are OneTrust certified, trained or experienced in OneTrust products.

PwC services integrated with OneTrust solutions

Helping to make data trust and transparency your competitive advantage using OneTrust’s Trust Intelligence Platform

Privacy and data governance

Our team of experienced privacy and data governance strategists and engineers brings decades of experience to help clients responsibly manage their data lifecycle, tackle privacy compliance requirements, and deliver consumer-centric privacy experiences. We can bring the right-sized approaches to our clients’ tech-enabled trust journeys, considering business strategies, consumer and regulatory expectations, and industry-specific perspectives.

GRC and security assurance

PwC takes a personalized approach to tailor Policy, Audit, Risks, Controls, and Issues to the organization's needs through OneTrust’s Policy Management, IT Risk Management, Audit Management, and control library. From strategy through execution, the goal of a tech enabled GRC program is to help our clients envision, design, launch, manage and continually enhance their digital integrated risk management and compliance solutions.

Download capabilities brochure

AI governance

Responsible AI can help to manage new and amplified risks associated with generative AI. Our approach to Responsible AI, PwC’s Responsible AI, can help deliver trust-by-design through the AI life cycle with frameworks, templates and code-based assets.

Third party risk management

Our team applies industry experience and deep understanding of regulatory expectations so we can develop innovative approaches within the OneTrust solution. We help our clients effectively manage their risk exposure so they can properly identify, mitigate and monitor the third-party risks within their operations. We can help our clients design, build, implement, and manage fit-for-purpose third party risk programs that can help protect their operations, brand and reputation at a better cost to operations.

ESG and sustainability

Increased ESG reporting and verification often requires high quality ESG data in a complex data model, engaging multiple stakeholders. PwC has developed accelerators and entered into alliance relationships so we can help you deliver efficient, reliable, impactful and sustainable ESG outcomes.

"The trust issue is becoming more critical and challenging as we continue to see more laws, regulations and enforcement in areas like privacy, data protection, cybersecurity, third party risk management, digital safety and ESG, combined with accelerated innovation and adoption of emerging technologies such as generative AI; requiring greater operational management while posing increased risk for non-compliance. Many companies are looking to strike the balance between regulatory compliance and the need to unlock the value of their data so they can stay competitive. This is where data trust and transparency comes in. At its core, a data trust framework can help identify solutions above and beyond compliance — instead prioritizing the trust and value exchange between organizations and customers. Together PwC and OneTrust are helping companies be better positioned to innovate and enable business strategies at scale in a responsible and trustworthy manner"

Toby Spry - PwC and OneTrust Alliance Lead Partner, Data Risk & Privacy

Contact us

Toby Spry

Principal, Data Risk & Privacy and OneTrust Alliance Leader, PwC US


Brian L George

Director, Data Risk & Privacy, PwC US


Michael Hale

Director, Data Risk & Privacy, PwC US


Phil Marina

Principal, Cyber, Risk & Regulatory, PwC US


Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.