The Forrester Wave™ - Privacy Management Software, Q1 2020 PDF

Licensed for individual use only
The Forrester Wave™: Privacy Management

Software, Q1 2020
The 15 Providers That Matter Most And How They Stack Up
by Enza Iannopollo
March 30, 2020
Why Read This Report Key Takeaways

In our 26-criterion evaluation of privacy OneTrust, TrustArc, And SECURITI.ai Lead
management software providers, we identified The Pack
the 15 most significant ones — Crownpeak, Forrester’s research uncovered a market in which
DataGrail, LogicGate, LogicManager, Nymity, OneTrust, TrustArc, and SECURITI.ai are Leaders;
OneTrust, Poslovna inteligencija, Privacy Company, Crownpeak, SAI Global, and WireWheel are
SAI Global, SAP, SECURITI.ai, Smart Global Strong Performers; DataGrail, Nymity, SAP, Smart
Privacy, Syrenis, TrustArc, and WireWheel — and Global Privacy, and Syrenis are Contenders; and
researched, analyzed, and scored them. This LogicGate, LogicManager, Poslovna inteligencija,
report shows how each provider measures up and Privacy Company are Challengers.
and helps security and risk (S&R) and privacy
Rich Content, Customizability, And Privacy
professionals select the right one for their needs.
Risk Assessments Are Key Differentiators
Spreadsheets fail to provide the formalized,
automated process firms demand as they wrestle
with not only a single set of privacy rules but with
worldwide, varied privacy laws. Smart firms that
use privacy not only as a compliance checkbox
but as a differentiator have even greater demands
of privacy management tools. Vendors that can
provide rich content that feeds automation,
customizability of dashboards and workflows,
and privacy risk assessments that align to the
business position themselves to successfully
deliver superior outcomes to their customers.
This PDF is only licensed for individual use when downloaded from forrester.com or reprints.forrester.com. All other distribution prohibited.
forrester.com
For Security & Risk Professionals
The Forrester Wave™: Privacy Management Software, Q1 2020

by Enza Iannopollo
with Amy DeMartine, Elsa Pikulik, Kate Pesa, and Peggy Dostie
March 30, 2020
Table Of Contents Related Research Documents

2 Compliance Is One Of Many Privacy The Forrester Tech Tide™: Data Security And
Challenges Privacy, Q3 2019
3 Evaluation Summary Shift From Privacy Readiness To Sustained

Compliance
7 Vendor Offerings
The State Of Data Security And Privacy, 2020
8 Vendor Profiles
Leaders
Strong Performers
Share reports with colleagues.
Contenders Enhance your membership with
Challengers Research Share.
13 Evaluation Overview
Vendor Inclusion Criteria
14 Supplemental Material
Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA

+1 617-613-6000 | Fax: +1 617-613-5000 | forrester.com
© 2020 Forrester Research, Inc. Opinions reflect judgment at the time and are subject to change. Forrester®,
Technographics®, Forrester Wave, TechRadar, and Total Economic Impact are trademarks of Forrester Research,
Inc. All other trademarks are the property of their respective companies. Unauthorized copying or distributing
is a violation of copyright law. Citations@forrester.com or +1 866-367-7378
For Security & Risk Professionals March 30, 2020
Compliance Is One Of Many Privacy Challenges

While achieving compliance with privacy requirements remains a key driver that leads customers to
acquire privacy management software, firms now expect privacy to differentiate their company, products,
and services.1 The ramifications of privacy management on customer engagement, brand reputation,
CX, and, ultimately, revenues affect firms both positively and negatively depending on their commitment
to privacy — or lack thereof.2 These changes also affect the buyer of these solutions: Security officers,
CIOs, CMOs, boards of directors, alongside the privacy officers, are often part of the purchasing
decision-making process and co-owners of the privacy strategy.3 Finally, firms struggle to keep pace with
requirements of multiple privacy regulations around the world, not just against a single set of rules.4
As a result of these trends, privacy management software customers should look for providers that:
›› Provide rich, role-relevant content that the software leverages to automate tasks.
Functionality that provides users with a list of tasks that map against their privacy requirements
and a set of security controls to access the platform is basic. Firms must operationalize their
privacy programs across departments which means privacy management software must account
for multiple user groups, each with specific knowledge needs, risks, and requirements. Leading
software providers invest in rich, proprietary content that is: 1) targeted to specific user groups,
such marketing, sales, HR, etc., and 2) leveraged to help users recognize, assess, and mitigate
specific risks in the context of their activities.
›› Add customizability on top of ease of use for dashboards and workflows. Ease of use is
now a commodity in the privacy management software market, not a differentiator. Vendors that
implement customizability understand that organizations have unique privacy needs in terms of the
outcomes and how they want to achieve them and recognize that a variety of personas use and
buy the software. The flexibility to customize dashboards and workflows according to an individual
firm’s needs without further investment in resources or engagement with system integrators or
service teams is a differentiating feature.
›› Offer privacy risk assessments that align to the broader context of business risks. Privacy
is one aspect of risk management. Typically starting off as a dedicated, compliance effort, more
mature privacy programs progressively abandon their siloed nature to flow into or align to broader
risk management initiatives. Privacy itself constitutes a risk with potential financial, operational,
regulatory, reputational, and customer-specific impacts. Global security decision makers who
responded to our security survey agree, placing privacy as one of the top risks they are most
concerned about for their organizations.5 Consumers agree as well, as surveyed online adults from
five different countries indicated that a commitment to data privacy and confidentiality is one of the
most important corporate values they look for.6
© 2020 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law. 2
Citations@forrester.com or +1 866-367-7378
Evaluation Summary
The Forrester Wave™ evaluation highlights Leaders, Strong Performers, Contenders, and Challengers.
It’s an assessment of the top vendors in the market and does not represent the entire vendor
landscape. You’ll find more information about this market in our reports.7
We intend this evaluation to be a starting point only and encourage clients to view product evaluations
and adapt criteria weightings using the Excel-based vendor comparison tool (see Figure 1 and see
Figure 2). Click the link at the beginning of this report on Forrester.com to download the tool.
FIGURE 1 Forrester Wave™: Privacy Management Software, Q1 2020
Privacy Management Software

Q1 2020
Strong
Challengers Contenders Performers Leaders
Stronger
current OneTrust
offering
TrustArc
SECURITI.ai
SAI Global
Nymity WireWheel
Syrenis SAP
DataGrail Crownpeak
LogicGate Smart Global Governance
LogicManager
Poslovna inteligencija
Privacy Company
Weaker
current
offering
Weaker strategy Stronger strategy
Market presence
FIGURE 2 Forrester Wave™: Privacy Management Software Scorecard, Q1 2020
ja
ci
en
ny
lig
pa
er
te
om
ag
in
k
gh r’s
e
ea
an
g
C
il
na
at
t
tin
us
ra
ei te
np
cM
y
cG
ity
ov
G
w res
ac
Tr
w
ta
ym
sl
gi
gi
ne
iv
ro
r
Da
Po
Fo
Lo
Lo
Pr
O
C
N
Current offering 50% 2.38 2.32 2.03 1.66 2.88 4.71 1.36 1.07
Breadth of the software 10% 1.00 3.00 3.00 0.00 5.00 5.00 1.00 3.00
Core requirements 35% 1.35 1.75 0.75 1.05 2.15 5.00 1.35 0.45
Core functions 30% 3.40 2.80 2.25 2.30 3.10 4.70 1.80 0.55
Usability 25% 3.15 2.25 3.15 2.40 2.80 4.20 1.00 1.80
Strategy 50% 4.05 2.60 1.41 1.65 1.45 4.90 1.31 1.50
Product strategy 35% 5.00 5.00 1.60 3.00 1.00 5.00 1.60 1.00
Market approach 25% 5.00 1.00 1.00 1.00 3.00 5.00 3.00 3.00
Innovation roadmap 35% 3.00 1.00 1.00 1.00 1.00 5.00 0.00 1.00
Growth rate 5% 0.00 5.00 5.00 0.00 0.00 3.00 0.00 1.00
Market presence 0% 2.00 0.00 1.00 1.00 3.00 4.00 0.00 0.00
Installed base 50% 1.00 0.00 1.00 1.00 1.00 5.00 0.00 0.00
Number of enterprise 50% 3.00 0.00 1.00 1.00 5.00 3.00 0.00 0.00
customers
All scores are based on a scale of 0 (weak) to 5 (strong).
FIGURE 2 Forrester Wave™: Privacy Management Software Scorecard, Q1 2020 (Cont.)
e
nc
na
er
ov
lG
ba
i
.a
l
l
gh r’s
e
ba
lo
TI
g
he
tin
tG
ei te
c
RI
lo
Ar
W
w res
ni
U
IG
ar
t
re
ire
C
P
us
Sm
r
SA
SA
SE
Fo
Sy
W
Tr
Current offering 50% 3.26 2.49 3.49 2.02 2.42 3.75 2.93
Breadth of the software 10% 5.00 3.00 3.00 1.00 3.00 5.00 3.00
Core requirements 35% 2.30 1.80 4.50 2.45 2.95 3.00 3.20
Core functions 30% 3.50 3.10 2.70 1.80 2.15 3.90 1.70
Usability 25% 3.60 2.50 3.20 2.10 1.75 4.10 4.00
Strategy 50% 2.85 1.45 4.04 1.70 1.21 4.75 3.00

Product strategy 35% 3.00 1.00 4.40 1.00 1.60 5.00 3.00
Market approach 25% 3.00 3.00 3.00 3.00 1.00 5.00 3.00
Innovation roadmap 35% 3.00 1.00 5.00 1.00 1.00 5.00 3.00
Growth rate 5% 0.00 0.00 0.00 5.00 1.00 0.00 3.00
Market presence 0% 3.00 3.00 3.00 0.50 1.50 3.00 0.50

Installed base 50% 1.00 1.00 1.00 1.00 0.00 3.00 1.00
Number of enterprise 50% 5.00 5.00 5.00 0.00 3.00 3.00 0.00
customers
All scores are based on a scale of 0 (weak) to 5 (strong).
Vendor Offerings
Forrester included 15 vendors in this assessment: Crownpeak, DataGrail, LogicGate, LogicManager,
Nymity, OneTrust, Poslovna inteligencija, Privacy Company, SAI Global, SAP, SECURITI.ai, Smart
Global Privacy, Syrenis, TrustArc, and WireWheel (see Figure 3).
FIGURE 3 Evaluated Vendors And Product Information
Product version
Vendor Product evaluated evaluated
Crownpeak Universal Consent Platform 3.0.0.0.1
DataGrail DataGrail Privacy Platform
LogicGate LogicGate 3.5.0
LogicManager LogicManager v19
Nymity Nymity
OneTrust OneTrust Privacy Management Software 5.8
Poslovna inteligencija Data Privacy Manager 2.0
Privacy Company Privacy Nexus
SAI Global SAI360 2019.4
SAP SAP Enterprise Consent and Preference 1911

Management
SAP Data Privacy Governance
SECURITI.ai PRIVACI.ai
Smart Global Governance Smart Global Privacy + Smart Data Lifecycle 2.4.0
Syrenis Cassie R2.13.0.0
TrustArc TrustArc Privacy Platform
WireWheel WireWheel
Vendor Profiles
Our analysis uncovered the following strengths and weaknesses of individual vendors.
Leaders
›› OneTrust leads with rich functionality and strong vision but risks losing focus. The blend of
privacy expertise, an unparalleled knowledge base, thought leadership, and a hyper-agile privacy
engineering team powers the offering from OneTrust. Its Privacy Management Software solution is
comprehensive and enables firms to operationalize their privacy program no matter the geography,
company size, or maturity level.
Due to the richness of the product features, a stream of continuous innovation, and the ability to
customize the offering to specific customer needs, OneTrust maintains its leadership position in
this market. However, the rapid evolution of the company to embrace increasingly sophisticated
features, an ever-expanding product portfolio, combined with a global and demanding customer
base, must be managed carefully or will become a threat to OneTrust’s continued success.
›› TrustArc made significant improvements, but strategic challenges lie ahead. Leading-edge
technology powers the TrustArc Privacy Platform. It offers a customer onboarding experience that
delivers highly relevant, customized, and actionable content. Market-leading privacy expertise
permeates the product offering and, in turn, creates a strong business vision and direction.
However, areas for improvement remain: Integration options are limited, and data discovery is still
mainly a survey-led process.
Compared with our previous evaluation, TrustArc has made significant improvements to its offering.
During this evaluation, TrustArc announced the acquisition of Nymity, a long-standing privacy
compliance software, also evaluated in this Forrester Wave. While the acquisition has plenty of
potential, the ultimate outcome cannot be taken for granted. How these two teams integrate
product and go to market will determine either the formation of a cumbersome, old-fashioned
privacy tool or the emergence of a privacy powerhouse.
›› SECURITI.ai is the new player to watch in the market leadership space. Privacy automation in
action — not only a marketing concept — is the differentiating element of this offering. Powered by
a bot, PRIVACI operationalizes requirements such as consent management and governance, the
fulfilment of individual privacy rights (IPRs), reporting, and risk assessments. Primarily focused on
larger enterprises, the software also offers automated data discovery. Forrester was unable to validate
its usability with real customer input, as customer references provided did not share any feedback.
Created by security and data governance veterans, this product has been the greatest surprise
of this evaluation. However, success in the market requires as much subject matter expertise and
thought leadership as cutting-edge technology. The ability of this team to create and leverage rich
proprietary content and to establish a forward-looking and differentiating vision in the market will
be the key to attaining and maintaining a leadership position.
Strong Performers
›› Crownpeak puts privacy management at the core of customer experience. Helping customers
design and execute better digital experiences is in the DNA of this company, and privacy
management sits at the heart of this value proposition. The Universal Consent Platform provides
support for the collection and governance of customer consent. The real-time web scanning
feature helps customers monitor which third parties utilize customers’ data. Dashboards help
demonstrate compliance but also include customer-engagement metrics such as consent rates.
Lack of training on how to use the software and slow implementations are some of the shortfalls
customers reported.
With a privacy vision focused on trust and customer experience, this solution delivers value
especially to those organizations that see privacy as an opportunity to build trustworthy
relationships with their customers. However, the sole focus on consent also means that customers
must invest in additional products to run their privacy program. The future availability of integration
options and their ease of use will determine the future of this software.
›› SAI Global brings a mature risk management approach to privacy. SAI360 provides customers
with a library of risk, security, and privacy standards and policies that are easy to use and
implement. It was also one of the first privacy offerings on the market to include dynamic training
modules as part of the privacy management software. Content includes a number of GDPR and
CCPA requirements mapped into the software, alongside other privacy regulations such as HIPAA,
COPPA, and US state-level privacy requirements.
SAI Global’s vision, product features, and customer feedback align with the key objectives their
customers want to achieve: 1) integrate privacy with the company’s overall risk management and
governance efforts; 2) increase organizational resilience; and 3) increase organizational privacy
culture. This product goes to market with a bold 10-day SLA for implementation that works if
the customer uses the software “as is,” but time to implement and complexity increase if any
customization work is required.
›› WireWheel is on a trajectory to leadership but is not quite there yet. Founded at the end
of 2016, WireWheel has developed and improved its platform in a way that customers defined
as “impressive.” With a focus on midmarket customers, this software provides companies
with a semi-automated privacy management offering that combines ease of use and quick
implementation with scalability and flexibility. The core of the offering is encapsulated in the
“privacy studio,” which empowers a very efficient approach to privacy compliance. The flagship
feature is the fulfilment of IPRs and the integrated customer verification.
Our evaluation shows that the solution has plenty of potential, but the team has not harnessed
it yet. From a siloed data classification engine that is largely underutilized to valuable proprietary
content that the software doesn’t leverage, this product has a real opportunity to reach a leadership
position in the future. WireWheel’s key challenge will be how it adjusts and executes its vision and
innovation roadmap.
Contenders
›› DataGrail is on the path to strong performance but must address significant gaps. DataGrail
Privacy Platform offers a set of capabilities that solve a limited number of privacy requirements and
use cases. The existing customer base is still very limited, but a no-code proposition for integration
and a good number of existing connectors enable the solution to support increasingly complex
environments. Data discovery and ingestion capabilities are more automated than most offerings
in the market. The flagship feature today is the IPRs fulfilment, but we were underwhelmed by the
limited options for customer identity verification and the unappealing report interfaces.
Customers reported easy implementation, flexibility, and quick time-to-value. Although DataGrail’s
vision combines privacy compliance with customer trust, and the usability of the solution is a
plus, the offering today is limited to only some requirements. In particular, the lack of a module to
support consent is the greatest missed opportunity.
›› Nymity empowers a vision of privacy that is about efficiency and accountability. Helping
enterprises be efficient and accountable for their privacy compliance program is the key goal of this
team. With a privacy research team that has been in business for almost 20 years and content-rich
libraries, this software has become a compliance de facto standard for its customers. However, it
is a product for experts. In fact, mainly those with a deep expertise in privacy policy and regulatory
matters can make the most out of this software’s frameworks, interfaces, and content. Customers
mentioned that implementation is not straightforward, and customization is difficult.
Our evaluation found that a vision built with a singular focus on efficiency is underwhelming.
Efficiency is not the only metric that privacy teams and their organizations track and measure. In
the privacy market, buyers’ needs have evolved, and this product hasn’t responded to the change
with the necessary speed and accuracy. During the course of the evaluation, this company was
acquired by TrustArc.
›› SAP innovates through its partner strategy more than its privacy portfolio. Targeted primarily
on existing SAP customers, this privacy offering leverages a set of products from the SAP portfolio
and a new partnership with BigID. The native SAP privacy products include SAP Customer
Data Cloud solutions (CIAM for B2C, CIAM for B2B, and Enterprise Consent and Preference
Management) and SAP Data Privacy Governance. As in our previous evaluation, SAP Customer
Data Cloud solutions continue to be the most interesting pieces of the offering. They marry robust
compliance features, such as time stamping for consent collection and long-term archiving of
consent receipts, to features that allow companies to enforce consent decisions on downstream
and third-party systems. SAP Data Privacy Governance is anchored to SAP legacy governance,
risk, and compliance (GRC) tooling and approach.
SAP’s strategic partnership with BigID is the biggest innovation we have seen from SAP in this
evaluation. From automated data discovery to the fulfilment of IPRs, BigID provides a number
of key features to the overall offering. The successful integration of BigID capabilities (brought
to market as SAP Privacy Management by BigID) and the continuing partnership are vital to the
success of SAP’s overall privacy offering.
›› Smart Global Governance focuses on GDPR compliance. Europe-based Smart Global

Governance provides Smart Global Privacy that helps businesses address mostly GDPR-specific
compliance challenges, at least for now. While the existing customer base is significant in terms of
number of customers, the software is largely used by small and medium businesses. The software
includes one of the most detailed data protection impact assessments we have seen across
vendors, and it is quite flexible to accommodate the needs and expectations of different users.
However, the product has many opportunities for improvement such as expanding integration
options and strengthening its identity verification options.
While this vendor has a plan to add as many as 24 privacy regulations to this product, it currently
remains a GDPR-specific tool, which is limiting. In addition, our evaluation found that the
underlying approach of the software is mainly about formal compliance with the rules, which in turn
offers little support for the operationalization of a privacy program.
›› Syrenis has ambitious software plans, but it underdelivers. With a small set of customers, UK-
headquartered Syrenis supports a limited range of privacy requirements and use cases. The privacy
management software, Cassie, offers multichannel consent management and governance, which
is its flagship feature. Through the software, customers can manage security controls and enforce
decisions on data sharing and data retention, which is a plus. Lack of training and guidance on
how to use the software, limited report flexibility and granularity, and challenges with enterprise-
grade deployments were weaknesses our evaluation uncovered.
Users of the platform are required to discover and classify data before importing it into the platform
as a separate exercise, which decreases efficiency and accuracy. To allow clients to match data
to the right user across multiple systems, Cassie copies and stores a range of their clients’ users’
personal identifiers. Clients can configure the amount of data that the software stores, but it
requires holding multiple identifiers to perform in a useful manner. It’s Forrester’s strong opinion
that this approach increases complexity and risks.
Challengers
›› LogicGate bets on flexibility and excellent customer service to conquer the market. Chicago
headquartered, LogicGate offers a limited range of privacy requirements and use cases as part of
their GRC software. Serving primarily midmarket organizations, LogicGate differentiates its offering
with highly customizable dashboards and interfaces that help organizations manage privacy risk
alongside other risk management disciplines efficiently. For example, customers can leverage
their vendor management module to support privacy use cases. Customers value the quality of
customer service today.
Our evaluation found that many customer-facing features rely overly on LogicGate service team’s
manual implementation, which can be a barrier to further expansion of both product features and
customer base. Lack of integration options and the limited breadth of the privacy regulations
mapped in the software are some of the current limits of the software.
›› LogicManager differentiates its basic privacy offering with flexible dashboards. LogicManager’s
privacy management offering coexists alongside a range of risk management tools that overall make
this software a strong offering in the GRC space. The idea behind the offering is simple: Customers
can leverage the existing risk policy library, the frameworks, remediation, and control testing features
to meet their privacy requirements. While the software offers flexible configuration options for
dashboards, visualization across interfaces and assessments can be improved. In addition, some
assessments and frameworks are overly long and complicated to complete.
The ability to manage privacy risk alongside other business risks is valuable and becomes even
more valuable when proprietary content is leveraged. However, the amount of content customers
get depends on their subscription. The solution lacks a prepackaged privacy offering. Customers
must adapt existing assessments and frameworks to their privacy program, which frustrates
customers who expect fast return on investment.
›› Poslovna inteligencija is too ambitious with its innovation roadmap. Currently focused on
GDPR-specific compliance requirements, Poslovna inteligencija’s Data Privacy Manager has a
small number of midmarket clients. In addition to the traditional full-time Data Protection Officer
(DPO) scenario, this product is also designed specifically to support the shared-DPO model, where
different firms can buy the service of a single DPO, typically from legal or consulting firms. But the
real value of this offering is the opportunity to manage security controls for data retention schedule
and deletion of data. However, customers identified a number of challenges associated to limited
integration options and lack of guidance on implementation.
According to the roadmap, this product will undergo an extremely ambitious series of improvements
over the next 24 months. If executed as scheduled, the performance of the product will dramatically
improve. But both the planned enhancements and the innovation roadmap appear unrealistic.
›› Privacy Company supports firms taking the first step into privacy management. With a focus
on GDPR, the Netherlands-based Privacy Company created Privacy Nexus that helps a significant
number of small businesses to comfortably move away from spreadsheets, but without pushing the
envelope too much. The approach to data discovery and ingestion is completely manual, but the
software offers templates for privacy impact assessments and privacy by design. Customers can
also use the solution to get started with the creation of a basic data flow map and an inventory of
their processing activities. Dashboards are searchable and include specific metrics on third-party
risk. Privacy Company’s market approach fits its customer base.
The evaluation found that the software is helpful for businesses with fairly straightforward
environments and at the very beginning of their maturity journey. The current features will need
significant improvement to effectively support customer demands that are more mature and complex.
Evaluation Overview
We evaluated vendors against 26 criteria, which we grouped into three high-level categories:
›› Current offering. Each vendor’s position on the vertical axis of the Forrester Wave graphic
indicates the strength of its current, native offering. Key criteria for these solutions include core
privacy requirements such as consent management and IRP management and fulfilment, core
functions such as data discovery and integration, and usability such as visualization and flexibility.
›› Strategy. Placement on the horizontal axis indicates the strength of the vendors’ strategies. We
evaluated vision, market approach, and innovation roadmap.
›› Market presence. Represented by the size of the markers on the graphic, our market presence
scores reflect each vendor’s installed base and number of enterprise clients.
Vendor Inclusion Criteria
Forrester included 15 vendors in the assessment: Crownpeak, DataGrail, LogicGate, LogicManager,

Nymity, OneTrust, Poslovna inteligencija, Privacy Company, SAI Global, SAP, SECURITI.ai, Smart
Global Privacy, Syrenis, TrustArc, and WireWheel. Each of these vendors has:
›› A standalone privacy management software. All vendors in this evaluation offer a standalone
privacy management software that customers can purchase without other investments in adjacent
products or services. They also have dedicated resources that support how clients implement and
use the software.
›› A dashboard to manage, monitor, and govern a privacy program. All software we evaluated
include a dashboard that covers multiple regulatory requirements across one or more explicitly
referred to privacy regulations and standards.
›› Interest from or relevance to Forrester clients. Forrester clients often discuss the participating
vendors and products during inquiries and interviews. Alternatively, the participating vendor may, in
Forrester’s judgment, have warranted inclusion because of differentiating features.
Engage With An Analyst

Gain greater confidence in your decisions by working with Forrester thought leaders to apply
our research to your specific business and technology initiatives.
Analyst Inquiry Analyst Advisory Webinar
To help you put research Translate research into Join our online sessions
into practice, connect action by working with on the latest research
with an analyst to discuss an analyst on a specific affecting your business.
your questions in a engagement in the form Each call includes analyst
30-minute phone session of custom strategy Q&A and slides and is
— or opt for a response sessions, workshops, available on-demand.
via email. or speeches.
Learn more.
Learn more. Learn more.
Forrester’s research apps for iOS and Android.

Stay ahead of your competition no matter where you are.
Supplemental Material
Online Resource
We publish all our Forrester Wave scores and weightings in an Excel file that provides detailed product
evaluations and customizable rankings; download this tool by clicking the link at the beginning of this
report on Forrester.com. We intend these scores and default weightings to serve only as a starting
point and encourage readers to adapt the weightings to fit their individual needs.
The Forrester Wave Methodology
A Forrester Wave is a guide for buyers considering their purchasing options in a technology
marketplace. To offer an equitable process for all participants, Forrester follows The Forrester Wave™
Methodology Guide to evaluate participating vendors.
In our review, we conduct primary research to develop a list of vendors to consider for the evaluation.
From that initial pool of vendors, we narrow our final list based on the inclusion criteria. We then gather
details of product and strategy through a detailed questionnaire, demos/briefings, and customer
reference surveys/interviews. We use those inputs, along with the analyst’s experience and expertise in
the marketplace, to score vendors, using a relative rating system that compares each vendor against
the others in the evaluation.
We include the Forrester Wave publishing date (quarter and year) clearly in the title of each Forrester
Wave report. We evaluated the vendors participating in this Forrester Wave using materials they
provided to us by December 16, 2019, and did not allow additional information after that point. We
encourage readers to evaluate how the market and vendor offerings change over time.
In accordance with The Forrester Wave™ Vendor Review Policy, Forrester asks vendors to review our
findings prior to publishing to check for accuracy. Vendors marked as nonparticipating vendors in the
Forrester Wave graphic met our defined inclusion criteria but declined to participate in or contributed
only partially to the evaluation. We score these vendors in accordance with The Forrester Wave™ And
The Forrester New Wave™ Nonparticipating And Incomplete Participation Vendor Policy and publish
their positioning along with those of the participating vendors.
Integrity Policy
We conduct all our research, including Forrester Wave evaluations, in accordance with the Integrity
Policy posted on our website.
Endnotes
For more information, see the Forrester report “The Top Trends Shaping Privacy In 2019.”
1
For more information, see the Forrester report “Forrester’s 2019 Consumer Privacy Segmentation: Europe.”
2
For more information, see the Forrester report “Make Privacy A Competitive Differentiator.”
3
For more information, see the Forrester report “Shift From Privacy Readiness To Sustained Compliance.”
4
We asked global security decision makers to “Please rate your concern for each of the following types of risk and the
5
potential impact they could have on your organization.” “Data privacy risk” was the second-most frequently selected
type of risk for which respondents were highly or extremely concerned about. Base: 3,890 global security decision
makers. Source: Forrester Analytics Global Business Technographics® Security Survey, 2019.
We asked online adults in the US, Canada, Italy, France, and the UK “Which aspects of corporate social responsibility
6
are important to you?” “Commitment to information confidentiality and data privacy” was one of the most commonly
cited answers out of nine possible responses, with a range of 39% to 48% indicating their concern about this subject.
Base: 4,818 (US), 4,755 (Canada), 3,669 (Italy), 3,636 (France), and 3,623 (UK) online adults. Source: Forrester
Analytics Consumer Technographics North American Retail And Travel Topic Insights 2 Survey, 2019 and Forrester
Analytics Consumer Technographics European Retail And Travel Topic Insights 2 Survey, 2019.
For more information, see the Forrester report “Shift From Privacy Readiness To Sustained Compliance.”
7
For more information, see the Forrester report “Demystifying De-Identification, Anonymization, And
Pseudonymization.”
For more information, see the Forrester report “The Forrester Tech Tide™: Data Security And Privacy, Q3 2019.”
For more information, see the Forrester report “The Top Trends Shaping Privacy In 2019.”
For more information, see the Forrester report “Forrester’s Global Map Of Privacy Rights And Regulations, 2019.”
For more information, see the Forrester report “New Tech: GDPR And Privacy Management Software, Q4 2018.”
forrester.com
We work with business and technology leaders to drive customer-

obsessed vision, strategy, and execution that accelerate growth.
Products and Services
›› Research and tools
›› Analyst engagement
›› Data and analytics
›› Peer collaboration
›› Consulting
›› Events
›› Certification programs
Forrester’s research and insights are tailored to your

role and critical business initiatives.
Roles We Serve
Marketing & Strategy Technology Management Technology Industry
Professionals Professionals Professionals
CMO CIO Analyst Relations
B2B Marketing Application Development
B2C Marketing & Delivery
Customer Experience Enterprise Architecture
Customer Insights Infrastructure & Operations
eBusiness & Channel ›› Security & Risk
Strategy Sourcing & Vendor
Management
Client support
For information on hard-copy or electronic reprints, please contact Client Support at
+1 866-367-7378, +1 617-613-5730, or clientsupport@forrester.com. We offer quantity
discounts and special pricing for academic and nonprofit institutions.
146976

The Forrester Wave™ - Privacy Management Software, Q1 2020 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

The Forrester Wave™ - Privacy Management Software, Q1 2020 PDF

Uploaded by

Copyright:

Available Formats

Licensed for individual use only

The Forrester Wave™: Privacy Management

Why Read This Report Key Takeaways

The Forrester Wave™: Privacy Management Software, Q1 2020

Table Of Contents Related Research Documents

3 Evaluation Summary Shift From Privacy Readiness To Sustained

Vendor Inclusion Criteria

Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA

Compliance Is One Of Many Privacy Challenges

FIGURE 1 Forrester Wave™: Privacy Management Software, Q1 2020

Privacy Management Software

LogicGate Smart Global Governance

Weaker strategy Stronger strategy

FIGURE 2 Forrester Wave™: Privacy Management Software Scorecard, Q1 2020

All scores are based on a scale of 0 (weak) to 5 (strong).

FIGURE 2 Forrester Wave™: Privacy Management Software Scorecard, Q1 2020 (Cont.)

Strategy 50% 2.85 1.45 4.04 1.70 1.21 4.75 3.00

Market presence 0% 3.00 3.00 3.00 0.50 1.50 3.00 0.50

All scores are based on a scale of 0 (weak) to 5 (strong).

FIGURE 3 Evaluated Vendors And Product Information

Crownpeak Universal Consent Platform 3.0.0.0.1

DataGrail DataGrail Privacy Platform

LogicGate LogicGate 3.5.0

LogicManager LogicManager v19

OneTrust OneTrust Privacy Management Software 5.8

Poslovna inteligencija Data Privacy Manager 2.0

Privacy Company Privacy Nexus

SAI Global SAI360 2019.4

SAP SAP Enterprise Consent and Preference 1911

Syrenis Cassie R2.13.0.0

TrustArc TrustArc Privacy Platform

›› Smart Global Governance focuses on GDPR compliance. Europe-based Smart Global

Vendor Inclusion Criteria

Forrester included 15 vendors in the assessment: Crownpeak, DataGrail, LogicGate, LogicManager,

Engage With An Analyst

Analyst Inquiry Analyst Advisory Webinar

Forrester’s research apps for iOS and Android.

The Forrester Wave Methodology

We work with business and technology leaders to drive customer-

Forrester’s research and insights are tailored to your

You might also like