In a context of accelerating regulations, the rise of artificial intelligence, and environmental, social, and governance (ESG) challenges, the implementation of trust management, data, and privacy programs is becoming essential for many companies.

AI Act, Dora, NIS2, PCI DSS, SOC 2, Sapin 2, ISO 27001, ISO 9001… Major companies and international groups are subject to an increasing number of standards, laws, regulations, and other directives that apply in France, Europe, and globally.

“The volume of regulations has doubled in 15 years. Every day, 12 new laws or updates are published. This is why the Trust Intelligence market is booming. Data, and more specifically trusted data, is at the heart of every company’s concerns. After investing in ERP deployment twenty years ago, CRM ten years ago, and experience management programs five years ago, organizations now consider responsible data and AI use as their new competitive advantage,” says Vanessa Cugniere, Managing Director France of OneTrust.

300 Patents Filed and an R&D Team

To keep up with regulatory and technological changes and navigate this new complexity, the publisher relies on a network of 1,600 legal research contributors, 40 expert collaborators, and over 500 lawyers across 300 jurisdictions to provide clients with continuous, real-time global regulatory analysis. AI has been integrated to conduct precise research and summaries. They also leverage over 300 patents filed worldwide.

“We work closely with our clients and continuously evolve our platform to anticipate these changes. We have R&D teams worldwide. We also interact with European and international regulatory bodies as well as the Big Four firms, which strengthens our ecosystem and keeps us at the forefront,” explains Vanessa Cugniere.

One of OneTrust’s primary observations is that companies today have varying levels of maturity in data and risk management. “The most successful companies are those that use data and AI safely and responsibly. Their KPIs demonstrate the relevance of their choices: through strategic programs implemented over the long term with their clients, they generate more revenue for themselves and their ecosystem,” comments Vanessa Cugniere, Managing Director France of OneTrust.

The Rise of AI Concerns Companies

Although organizations didn’t wait for companies like OneTrust to implement data privacy and GRC programs, the rise of AI is leading them to turn to such actors.

“Faced with the increasing sophistication of AI, some companies lack visibility on data mapping and collection or usage modalities, which departments use AI, which suppliers are involved, and how to apply the ‘privacy by design’ principle to AI systems. Thanks to our platform and partners, we can support them in establishing governance based on risk and compliance management for responsible and secure data and AI use,” notes Vanessa Cugniere.

“Our priority is the responsible use of AI. As new technologies like generative AI become more popular, massive data collection and the ability to deliver measurable results and mitigated risks become imperative. These measurable results are achieved through KPIs, dashboards, and a cockpit that enable decision-making and the implementation of more mature personal data protection programs. Data collection must be analyzed but also, and above all, matured,” adds Vanessa Cugniere.

In anticipation of the AI Act’s entry into force in 2026, OneTrust has already released a solution called “AI Governance.” “Effective data governance facilitates early detection of data-related risks, improving project success rates by applying controls to data in the pipeline and AI models during development, experimentation, and deployment. Overall, the solution enables informed decision-making, minimizes the time and cost of evaluating proprietary and third-party AI systems, and ultimately builds trust with clients while staying compliant with regulations,” reveals Vanessa Cugniere.

A Truly Integrated Platform

OneTrust offers a comprehensive and integrated platform aimed at centralizing and managing data and AI securely, responsibly, and in compliance with regulatory guidelines through automation. The platform covers various aspects including Data Privacy, Data Governance, GRC, Data Security Posture Management, and more.

To successfully carry out such projects, the entire company must be organized around trusted data management. CISO/RSSI, DPO, Chief Data Officers, CIO, CTO, and Compliance officers are all involved in managing this data, which has become the new currency within companies.

“Thanks to the platform, they can address their Infosec program challenges by automating certification processes, notably for Dora, ISO 27001/27701, SOC 2, Europrivacy, NIST, etc. They can continuously assess data and security levels, automatically correct issues related to data policies, and maintain regulatory compliance by ensuring that data is known, protected, and governed according to jurisdiction and data type,” adds Vanessa Cugniere.

“Finally, instant access to risk analyses of thousands of third parties allows monitoring of ongoing threats faced by companies and mitigation of IT and third-party risks through a single collaborative platform,” concludes the Country Manager of OneTrust France.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.