Case Study: ORTEC achieves centralized, automated global audit and IT & Security risk management with OneTrust GRC

How ORTEC Powers Global Audit and IT and Security Risk Management with OneTrust GRC

ORTEC, a 1,500‑employee global leader in mathematical optimization and advanced analytics, faced growing regulatory complexity (CCPA, GDPR, LGPD, ISO 27001, HIPAA, NIST) and in 2018 decided to stop using email and spreadsheets to manage governance, risk, and compliance. To centralize and streamline GRC across its global teams, ORTEC selected OneTrust and implemented OneTrust GRC modules, including IT Risk Management and Audit Management (leveraging Athena AI).

OneTrust deployed an ITRM workflow and automated Audit Management with Athena AI and RPA to engage business owners, auto‑populate and assign risks, link controls across standards, and generate audit reports. ORTEC reports increased first‑line engagement, faster and more efficient risk assessments, a complete audit history for external auditors, and an “impressive ROI” from OneTrust’s Audit Management—reducing manual effort and enabling a proactive, risk‑based approach while planning to expand OneTrust use to vendor lifecycle management.

Ortec

Marcel Lodewijk

Data Protection Officer