Popular Governance, Risk and Compliance tools

There are a wide variety of tools available, and procurement should be completed in a thorough manner. Functional and non-functional requirements need to be clearly defined to ensure that the service provided will create value both now and in its future desired state of operation. Below is a brief summary of some popular GRC tools available.

SureCloud

GRC software solution praised for its flexible and easy to integrate toolset. Reviews identified focus on the ease in which an organisation can deploy the tools and experience Return of Investment (ROI). However, reviews also indicated that it lacked in customisable features compared with rival products.

Figure 1, example dashboard from SureCloud

RSA Archer

Global provider to major organisations and popular with industry leaders. Archer is flexible, scalable and customisable. However, due to its effectiveness it also requires a certain level of experience or an intention to hire consultancy services to assist with the build and integration. Potentially more suited to larger organisations with mature information security and GRC processes in place.

Figure 2, example dashboard from RSA Archer

Enablon

An enterprise level provider specialising in ERM, audit and compliance, incident management and environmental data management. Although reviews indicate poor ratings in usability and a convoluted auditing tool, it is praised for its ability to export the data and set reminders for reviewing tasks.

Figure 3, example dashboard from Enablon

ServiceNow

A cloud-based GRC tool with powerful features such as machine learning, Artificial Intelligence and an impressive service management system. This provider prides itself on creating a unified data environment with easy-to-use tools such as mobile applications.

Figure 4, example dashboard from ServiceNow.

Read other chapters in the series:

Part 1: Governance, risk and compliance >>

Part 2: Important factors and considerations >>

Should you require assistance in procuring, migrating or using a service please contact Xcina Consulting. We provide our clients with pragmatic advice and guidance to ensure they achieve a robust and defensible position. For more information contact us at info@xcinaconsulting.com.

References

Cau, David. Governance, Risk and Compliance (GRC) software, Business needs and the market trends. Available at: Www2.deloitte.com. 2022. [online] Available at: <https://www2.deloitte.com/content/dam/Deloitte/lu/Documents/risk/governance-risk-compliance-software_DCA.pdf> [Accessed 20 April 2022]. Accessed 19 Apr 22.

The 10 Best GRC Tools and Platforms for 2022. The 10 Best GRC Tools And Platforms For 2022 (thedigitalprojectmanager.com), accessed 08 Apr 22.

SureCloud vs Sword GRC: Gartner Peer Insights 2022, accessed 19 Apr 22.

Archer GRC SaaS Tool (archerirm.com), accessed 19 Apr 22.

Archer Reviews 2022: Details, Pricing, & Features | G2, accessed 19 Apr 22.

Top Governance, Risk & Compliance (GRC) Tools of 2022 (cioinsight.com), accessed 20 Apr 22.

Enablon Review: Pricing, Pros, Cons & Features | CompareCamp.com, accessed 20 Apr 22.

The Importance Of UI for GRC Software Solutions I SureCloud, accessed 20 Apr 22.

RSA Archer + Innovation: A Match Made in Risk Management Heaven – Dell Technologies, accessed 20 Apr 22.

If you have any comments or questions on any aspect of this content, please contact:

Peter Lane

Information Security Consultant

Speak to me directly by Email

Stay in control of your inbox

Register your details to receive our featured insights,
news and analysis covered by our Information Security team.

Stay up to date and discover how the requirements impact your business.

SUBSCRIBE TO
INFORMATION SECURITY