OneTrust Appoints John Heyman as CEO to Drive the Next Phase of AI Governance
OneTrust has named John Heyman as Chief Executive Officer, with founder Kabir Barday moving to an active strategic role on the Board of Directors. The change follows strong performance in the fiscal year ended January 31, 2026. The brief is clear: scale the AI-Ready Governance Platform and meet surging enterprise demand for responsible data and AI use.
Heyman is a seasoned technology leader with CEO tenures at Radiant Systems and Snap One, leading both companies through IPOs and sustained growth. His approach emphasizes customer value, swift product iteration, and building teams that can execute. With Barday's continuity on the Board, OneTrust keeps founder DNA while tightening operational focus.
Market pressure is building as enterprises push AI into core workflows and face stricter oversight. OneTrust states that thousands of companies, including more than half of the Fortune 500, rely on its platform to "govern well and move fast." As Heyman notes, "OneTrust's mission to enable innovation through the responsible use of data and AI has never been more critical."
Strategic signals executives should watch
- Leadership built for scale: A CEO with IPO experience often signals readiness for accelerated growth, operational rigor, and capital market options.
- Product focus: Expect faster iteration across privacy, data governance, model risk, and AI oversight-converging controls into one platform.
- Go-to-market motion: Deeper enterprise penetration, partner ecosystems, and integration-led selling across data, model, and application layers.
- Continuity with urgency: Barday's Board role preserves long-term vision while enabling day-to-day execution under Heyman.
What this could mean for your roadmap
- Benchmark your AI governance model against the NIST AI Risk Management Framework and close gaps fast.
- Assess consolidation potential across privacy, data mapping, consent, model governance, and audit-reduce tool sprawl and compliance drift.
- Set measurable outcomes: time-to-review for new models, model registry coverage, policy-to-control mapping, and audit readiness SLAs.
- Tighten cross-functional workflows among security, data, legal, and product to prevent bottlenecks as AI use cases scale.
Due diligence questions for your team and vendors
- Integration depth: How does the platform connect with data catalogs, MDM, model registries, CI/CD, and collaboration tools?
- Model coverage: Are controls consistent across LLMs, fine-tuned models, and third-party AI services and APIs?
- Automation: What is automated today (discovery, risk scoring, policy enforcement), and what is on the near-term roadmap?
- Evidence at scale: Reference customers in complex, multi-region enterprises and proof of performance in regulated industries.
- Metrics: Which governance and risk indicators are native, and how do they surface to executives and boards?
- Data lineage and explainability: How are traceability, documentation, and testing handled across the AI lifecycle?
Thomas Laffont, Board member and co-founder of Coatue, called AI a once-in-a-generation opening for OneTrust to become the governance layer organizations need for data and AI-underscoring the company's intent to lead this market.
For company details and product updates, visit OneTrust.
Upskilling the executive bench
If you're aligning leadership on AI governance and risk, a focused learning track helps. Explore role-based options at Complete AI Training to get your team speaking the same language, fast.
Your membership also unlocks:
