OneTrust Enhances AI Governance Platform with Real-Time Monitoring and Enforcement
OneTrust has made significant advancements to its governance platform, introducing new capabilities aimed at monitoring and enforcing AI policies in real-time. This update marks a shift from traditional static compliance workflows to a more dynamic approach that addresses the evolving nature of AI systems.
New Capabilities in AI Governance
The recent expansion of the platform includes three core features designed to enhance governance:
1. AI Agent Detection and Inventory
This feature continuously discovers and catalogs AI agents, models, and datasets within an organization. It maintains a centralized record of key information such as ownership, purpose, integrations, data access, lineage, and lifecycle changes.
2. AI Policy Manager and Policy Library
Organizations can leverage prebuilt policies aligned with standards like the NIST AI Risk Management Framework and the EU AI Act, or create their own. This tool ensures ongoing compliance monitoring across all models and agents.
3. AI Guardrail Enforcement
This capability inspects various AI systems—including generative AI and traditional machine learning models—to check for guardrail configurations and detect violations. When risks are identified, the system can automatically implement protective measures, such as limiting personal data exposure.
Shifting to Continuous Governance
David Lambda, Chief Product and Technology Officer at OneTrust, emphasized that this update addresses the widening gap between the swift deployment of AI systems and traditional governance practices, which often rely on fixed assessments. As AI becomes more integrated into enterprises, a need for governance that evolves in real-time is critical.
“With these new capabilities, OneTrust advances AI governance from point-in-time compliance to continuous, run-time control across key data and AI platforms,” Lambda stated. This shift helps organizations innovate confidently while managing risks and maintaining trust as AI scales.
Platform Integrations for Enhanced Visibility
Recognizing that AI development increasingly occurs across various cloud platforms, OneTrust has integrated its governance platform with environments and services such as Amazon Bedrock, Azure OpenAI, and Google Vertex. These integrations allow governance teams to monitor AI systems where they are actually built and deployed, thereby improving visibility.
Real-World Applications of the Platform
Several organizations are already utilizing OneTrust’s platform for effective AI governance:
- Blackbaud: This software provider for the social impact sector uses OneTrust to align its AI practices with the NIST AI Risk Management Framework, facilitating stakeholder reviews and oversight across the AI lifecycle.
- Kuehne + Nagel: The transport and logistics firm employs the platform to manage enterprise-wide AI governance through a centralized intake process for AI use cases, ensuring compliance with the EU AI Act.
- Lumen Technologies: This company leverages OneTrust’s automation and centralized controls to scale its privacy operations and enhance regulatory compliance.
Broader Context of AI Governance
The update comes at a time when regulatory bodies across various jurisdictions are pushing forward with AI-specific legislation. The EU AI Act has already prompted compliance efforts among organizations operating in Europe, while the NIST AI RMF serves as a key reference in the United States.
For governance vendors like OneTrust, the challenge lies in bridging regulatory frameworks with the operational realities of AI systems in complex, multi-cloud environments. Successfully implementing real-time governance without hindering AI development pipelines remains a crucial task.
This comprehensive update positions OneTrust to enhance its role in AI governance, helping organizations navigate the complexities of AI deployment while adhering to essential compliance standards.
