30+ Modules

30+ modules. Pick what you need.
Add more anytime.

Every module shares a unified data model. 400+ specialized tabs. 26+ native compliance frameworks (261 via SCF) included with any module.

Core Platform

Dashboard & Analytics

Executive dashboards with real-time compliance posture
Risk heatmaps, trend analysis, and board-ready reporting
Compliance status reporting across all frameworks
Incident trend analysis and control effectiveness metrics
Customizable widgets and drill-down views

Document Management

40+ tabs for comprehensive document lifecycle management
264 policy templates across 23 categories
261 procedure templates across 21 categories
513 pre-generated documents (257 policies + 256 procedures)
137+ personalization variables across 6 variable groups
Word-level diff tracking and review/approval workflows
Comments, collaboration, and change log with timestamps
Multi-format export (PDF, Word, CSV, Excel, JSON)

Project & Task Management

Kanban, Gantt, and Calendar views with filtering
AI Smart Assign for intelligent task routing
SLA engine with automated reminders and escalation rules
Recurring tasks and cross-module task creation from risks, audits, and findings
Project planning with milestones and dependencies

Trust Center

10+ certification types, 12+ document types, 4 access levels
Public-facing trust page with compliance certification showcase
Sub-processor management and security posture overview
Customizable content and branding
Self-service document access for customers and partners

Workflows & Automation

Custom approval chains and multi-step workflows
Automated notifications and escalation rules
Conditional logic and parallel approval paths
Integration with all modules for end-to-end automation

DevOps Compliance Hub

CI/CD pipeline compliance checks and policy gates
Infrastructure as Code (IaC) scanning and drift detection
Container security and Kubernetes compliance monitoring
SBOM generation and software supply chain risk management
Integration with GitHub, GitLab, Jenkins, Docker, and Kubernetes

Tickets

Centralized ticketing for compliance tasks and remediation items
Auto-creation from audit findings, risk assessments, and control failures
SLA tracking with escalation rules and priority management
Integration with Jira, ServiceNow, Zendesk, and Freshdesk
Cross-module ticket linking for full traceability

Risk & Compliance

Risk Management

48 tabs across 7 groups for comprehensive risk oversight
Risk register with 5x5 likelihood x impact scoring
FAIR Risk Quantification with 6 pre-built scenarios
Risk Hygiene Score and Predictive Compliance analytics
Board Report Auto-Generator with real-time data
171 risk templates across 41 categories
Bow Tie diagrams, Monte Carlo simulation, KRI monitoring with threshold alerts
Loss event database, geographic risk maps, and emerging risks dashboard
Risk treatment: Mitigate, Transfer, Accept, Avoid
Direct linkage to controls, incidents, vendors, and evidence

Compliance & Standards

261+ frameworks via SCF (ISO 27001, NIST, SOC 2, HIPAA, GDPR, PCI DSS, and more)
HITRUST 5-step implementation wizard
Control-to-framework mapping matrices with cross-mapping
Requirements tracking with ownership and gap analysis
Compliance score dashboards and remediation tracking
Custom framework support with multi-framework views

Controls Library

130 control templates with 3,500+ control mappings across frameworks
6 control types, 3 implementation types, 5-level maturity model
Control testing schedules with automated reminders
40+ continuous monitoring automated checks
Attestation campaigns and control inheritance
Effectiveness scoring and evidence linking per control
Control-to-risk and control-to-framework mapping

Evidence Collection

11+ tabs for comprehensive evidence management
50+ evidence collectors for hands-free evidence gathering
300 evidence checklists included
Coverage Matrix showing evidence-to-control mapping
Quality scoring across 5 dimensions with freshness alerts
Evidence staleness monitoring and policy drift detection
Auditor data room for secure, organized evidence sharing
Multi-version evidence management with approval workflows

Incident Management

21+ tabs for complete incident lifecycle management
24 response playbooks with CAPA (Corrective and Preventive Action)
MTTR/MTTD metrics tracking for response performance
SIEM integration for automated incident detection
8-stage lifecycle pipeline from detection to closure
3 RCA methods: 5-Why, Fishbone, Causal Chain
MITRE ATT&CK mapping (14 tactics, 60+ techniques)
15 jurisdiction notification templates with regulatory deadlines

Exception Management

8 exception categories, 4 types, 35 pre-built templates
Control exception request workflows with approval chains
SLA-based escalation and compensating controls documentation
Time-bound exceptions with auto-expiry
Exception impact assessment and audit trail

Regulatory Intelligence

50+ pre-defined regulations with change tracking and impact alerts
Obligation-to-control mapping and crosswalks
Compliance readiness scoring (0-100%)
Compliance deadline management
Multi-jurisdiction support

Privacy Management

15 tabs across 5 groups for full privacy lifecycle
238 privacy templates (186 PIAs, 32 ROPA, 20 policies)
DSAR lifecycle with 4 identity verification methods and SLA tracking
72-hour breach notification countdown with jurisdiction tracking
ROPA, visual data flow mapping, and cross-border transfers
Privacy Impact Assessments (PIA/DPIA)
Multi-regulation: GDPR, CCPA/CPRA, LGPD, India DPDP

BC/DR Planning

16 BC/DR templates for continuity and disaster recovery plans
Business Impact Analysis (BIA) with RTO/RPO target tracking
5 exercise types: tabletop, walkthrough, simulation, parallel, full interruption
AI-powered scenario planning and recovery prioritization
Asset dependency mapping and crisis incident response
Continuity controls tracking with plan versioning

Asset Inventory

28 asset management templates
12 asset types, 65+ fields, 7-stage lifecycle management
10 integration connectors for automated asset discovery
Zero Trust scoring (6-factor) and ESG tracking
Control assignment per asset with dependency tracking
Asset register with GRC classification and risk mapping

Implementation

12 standards supported (ISO 27001, SOC 2, HIPAA, NIST, PCI DSS, and more)
5-step program wizard for guided implementation
Gap assessment with 100+ questions per standard
Milestone management with progress dashboards
Gap-to-task conversion and remediation workflows

Audit

Audit Management

28 tabs across 6 groups for end-to-end audit management
75 audit program templates included
AI-assisted planning, fieldwork, and finding drafting
Quality Assurance and Improvement Program (QAIP)
Continuous Monitoring dashboards
AICPA-standard workpapers and SOX/COSO scoping
Stakeholder Portal for secure evidence sharing
Cross-audit intelligence and trend analysis
PBC list management and finding remediation tracking
Audit committee packs, time tracking, and resource matrix

Issues & Findings

39 pre-built issue templates across 9 categories
5 RCA methods with AI classification
Financial impact tracking and remediation workflows
Centralized issue and finding tracker across all modules
Priority and severity classification with owner assignment

Questionnaire AI

16 built-in templates (SIG, CAIQ, HECVAT, and more)
AI auto-fill from live GRC data with 95% KB accuracy
SME workload tracking and response assignment
Trust Center integration for self-service questionnaire sharing
Bulk auto-fill with review and approval workflow
Historical response library for continuous improvement

Third Party

Vendor Risk Management

30+ tabs across 7 groups for vendor risk assessment and tier classification
12 vendor lifecycle templates for onboarding through offboarding
Supply chain mapping and concentration risk analysis
Breach impact modeling, vendor discovery, and attack surface monitoring
ESG scoring, cyber insurance tracking, and lifecycle management
Vendor self-service portal (white-label)
SecurityScorecard and Bitsight integration

Contract Management

12+ tabs for complete contract lifecycle
500+ clause library, 11 contract types, 8 pre-built templates
DocuSign and Adobe Sign integration for e-signatures
Contract lifecycle management with auto-renewal
AI contract intelligence with term extraction
Compliance matrix generation and SLA monitoring
Key dates, renewal tracking, and expiry alerts
Contract-to-vendor linkage with document versioning

Human Risk

Security Awareness Training

43 templates, 55+ categories across 3 levels in 4 content formats
AI Avatar Videos: 1.5-2 min per topic with subcategory quizzes and category-level certifications
Deep Dive Videos: 6-7 min expert-led sessions for thorough topic understanding
Presentation Slides: Deep learning decks for team workshops and management presentations
Email Infographics: Delivered via campaigns with sent, delivery, and read tracking
Gamification: XP points, leaderboards, streaks, powerup store
7 role tracks (IT, Finance, HR, DevOps, Healthcare, Legal, Executive)
Spaced repetition for knowledge decay prevention, risk scoring (0-100)

Phishing Simulation

67+ tabs for campaign management and analytics
12+ campaign categories with 488 phishing templates
Threat intel feeds: CISA KEV, PhishTank, URLhaus, VirusTotal, Shodan
200+ landing pages for credential capture testing
14 attack vectors: Email, SMS, Voice, QR Code, USB, Chat, and more
MITRE ATT&CK mapping for attack categorization
AI Command Center with ML-powered campaign intelligence
Direct integration with risk register — auto-training enrollment

Background Screening

7 data sources: SAM, OIG LEIE, OFAC, State Medicaid, State Court, NSOPW, Abuse Registry
Jaro-Winkler + Soundex fuzzy matching for accurate name resolution
HR integration (6 platforms) for automated onboarding checks
Batch screening capability for bulk processing
Continuous re-screening schedules with alerts
Full screening history and audit trail

Frequently Asked Questions

See Every Module in Action

Schedule a personalized demo tailored to your specific compliance needs.

Schedule a Demo