Application Control & Change Control | Database | Email Archiving | Other | SIEM | Vulnerability Scanners | Web Application Firewalls




Risk and Compliance GRCM Vendors & Products




Acuity Risk Management is an enterprise GRC vendor.


Active Agenda is a risk management solution that covers three major areas, which are, Controls and Administration, Identification & Measurement, and Finance.


Agiliance delivers a reputable product known as RiskVision OpenGRC which provides bottom up and top down frameworks for managing risks.


Arat Risk Assessment Tool is a web based software solution designed for risk assessments.


BWise provides GRC solutions for managing risks and ensuring compliance.


Celestix provides a patch management solution ensuring software is kept up to date and secure.


Citicus provides Citicus ONE risk and compliance management software which has built in tools for managing risks.


Compliance 360 is a software-as-a-service offering, that addresses your GRC requirements.


ControlCase Managed Compliance provides a range of solutions for IT-GRCM.


easy2comply is a GRC software solution that offers internal control and auditing, risk management and more.


GoldSim is simulation software that provides decisions and risk analysis by simulating future performance and comparing designs, plans and policies in order to minimise risks.


IBM OpenPages offers governance, risk, and compliance (GRC) solutions.


Information Security Management delivers a solution known as ISM Risk Assessment Software which enables organisations to produce an information security risk assessment.


Lumension provides a number of products for the purpose of risk and compliance. Its Risk Manager product is a risk management software that enables you to identify, measure, control, reduce risks and demonstrate compliance. Lumension has a configuration management product for policy assessment.


Mcafee has a wide range of point products for managing risk and compliance requirements such as application control, change control, configuration control, policy auditor, file integrity, database monitoring, risk advisor and vulnerability management products.


Metacompliance Ltd is a developer of software for businesses that requires assistance with risk and compliance. There are a few solutions that Metacompliance delivers which help with developing IT security policies.


MetricStream offers risk management, quality management, regulatory compliance and IT GRC solutions.


Modulo Solutions For GRC delivers Modulo Risk Manager which can help you comply with regulations and standards.


Neupart provides a compliance and risk management solution for Government Agencies.


NICE Actimize is a fraud prevention and anti-money laundering solutions provider.


NSFOCUS Information Technology is a network and application security vendor. NSFOCUS delivers Remote Security Assessment System which will help with assessing risks.


Numara Software Compliance Manager enables policy assessment and allows you to demonstrate compliance in this area.


PillarOne is an open source software product used for managing risks and more.


Practical Threat Analysis tool is used in assessing the operational and security risks in systems and building appropriate risk mitigation policies.


Q1 Labs provides a risk management solution known as QRadar Risk Manager that enables the ability to manage compliance, manage vulnerabilities and monitoring security events and activities.


RedSeal Network Advisor will tell you about your firewalls, proxy services, routers, load balancers and other devices and the configuration ruleswithin them and will let you know what access has been permitted through these devices. RedSeal Systems is a developer of security assurance solutions.


RA2 is an ISO27001 risk assessment software which is designed to help you implement an information security management system.


Risk Assessment Accelerator provides risk assessments in different languages for various standards and regulations.


RSA specialises in risk and compliance solutions. In particular its Archer eGRC suite is a product with multiple capabilities such as managing business risks, policies, incidents, threats, business continuity and more.


Rsam Enterprise GRC Platform is a risk assessment management solution.


Shavlik provides patch and configuration management, asset discovery and inventory, anti-virus, virtual machine management and power management functionality in one suite. Shavlik also provides some of these solutions separately.


Smart Risk Assessment can help you meet risk assessment criteria for OCTAVE, ISO 27005 and NIST SP 800-30 and help you comply with standards and regulations. There is also a personal edition which is free to use.


Symantec offers risk and compliance management in their Control Compliance Suite and information foundation products.


Telos delivers a solution known as Xacta® IA Manager that provides GRC standards and policies.


Tripwire has a few solutions supporting risk and compliance such as file integrity monitoring, change auditing and compliance policy management.


Trustwave is a security vendor with a range of product solutions and offers Compliance Security Assessment which is a GRC solution.


Varonis Data Governance Suite is used for managing and protecting data.


Vigilant Software is a risk assessment tool designed to help implement ISO27001.


WCK provides a solution for GRC and security assessment.


ZL Technologies provides a compliance management solution.