Governance

Email archiving solution with automated backup and compliance features

End-to-end platform for secure enterprise AI deployment with compliance controls

Identity data platform that unifies, observes, and acts on identity data

Digital workplace platform connecting people, tools, and processes securely

A compliance management platform that simplifies CMMC Level 1 certification for defense contractors through guided workflows, policy templates, and evidence management tools.

A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.

Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.

A data security and AI governance platform that provides unified control and management of data assets across hybrid cloud environments with focus on AI security and compliance.

End-to-end platform for securing AI systems across their entire lifecycle

Governance layer for monitoring and controlling AI coding agents within policy rules

ServiceNow Governance, Risk, and Compliance (GRC) is an integrated suite of products that enables organizations to build operational resilience, mitigate risks, and ensure compliance across the enterprise through a unified platform, data model, AI-powered insights, and automated workflows.

SAP GRC and cybersecurity solutions provide integrated capabilities for managing enterprise risk, compliance, international trade, cybersecurity, and identity and access governance, leveraging predictive analytics, real-time monitoring, and automation.

Verity is a comprehensive compliance management tool that helps organizations manage their governance, risk, and compliance initiatives.

A GaaS platform that simplifies and streamlines compliance processes for MSPs, ensuring their policies are properly aligned, authorized, adopted, and assessed.

Retraced is an audit logging solution that provides compliant, searchable audit trails for applications with client libraries for Go and JavaScript.

InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.

CustomProcessor is a policy management tool that enables users to create and manage custom policies for IETF policy frameworks through a user-friendly interface.

A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.

A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.

A community-driven GRC solution that is simple, affordable, and open-source.