Managing OneTrust Workflows and Templates
PLNU uses OneTrust to manage vendor-related processes such as onboarding, engagement reviews, and risk assessments. These workflows and templates are periodically updated to improve clarity, address gaps, or adapt to new requirements.
📌 Overview of Key Workflows
| Workflow |
Description |
| Vendor Onboarding Workflow |
Used for initiating a new vendor relationship, including initial assessments and compliance checks. |
| New Engagement Workflow |
Used when engaging an existing or new vendor for a new service, product, or use case. |
These workflows trigger related assessments and track progress through completion.
📄 Commonly Used Templates
Templates are reusable forms used in both onboarding and review processes. They are periodically refined for accuracy and completeness.
| Template |
Purpose |
| New Vendor Request |
Captures details of a new vendor for initial review and workflow initiation. |
| Information Security Review |
Evaluates the vendor's information security posture and data handling practices. |
| Vendor Risk Assessment |
Assesses potential risk factors such as data sensitivity, financial exposure, and operational reliance. |
🔄 Updating Workflows and Templates
Workflows and templates may be revised when:
- Gaps or unclear logic are discovered
- Questions need improvement or rewording
- Regulatory or institutional needs change
Changes are typically made within the OneTrust platform by the system administrators or designated risk/compliance staff.
💡 Tip: Keep track of the last modified date and versioning within OneTrust to maintain a clear audit trail of changes.
🔐 System Access & Governance
Only designated OneTrust administrators and risk management personnel should modify workflows or templates. Changes should be communicated to stakeholders when they may impact intake, review processes, or reporting.