Popular Governance, Risk and Compliance tools
There are a wide variety of tools available, and procurement should be completed in a thorough manner. Functional and non-functional requirements need to be clearly defined to ensure that the service provided will create value both now and in its future desired state of operation. Below is a brief summary of some popular GRC tools available.
GRC software solution praised for its flexible and easy to integrate toolset. Reviews identified focus on the ease in which an organisation can deploy the tools and experience Return of Investment (ROI). However, reviews also indicated that it lacked in customisable features compared with rival products.
Figure 1, example dashboard from SureCloud
Global provider to major organisations and popular with industry leaders. Archer is flexible, scalable and customisable. However, due to its effectiveness it also requires a certain level of experience or an intention to hire consultancy services to assist with the build and integration. Potentially more suited to larger organisations with mature information security and GRC processes in place.
Figure 2, example dashboard from RSA Archer
An enterprise level provider specialising in ERM, audit and compliance, incident management and environmental data management. Although reviews indicate poor ratings in usability and a convoluted auditing tool, it is praised for its ability to export the data and set reminders for reviewing tasks.
Figure 3, example dashboard from Enablon
A cloud-based GRC tool with powerful features such as machine learning, Artificial Intelligence and an impressive service management system. This provider prides itself on creating a unified data environment with easy-to-use tools such as mobile applications.