Loading...
Loading...
Browse, filter, and compare B2B software vendors
68 vendors found
by 6clicks
6clicks is an AI-powered governance, risk, and compliance platform that differentiates itself from traditional GRC software. The platform leverages artificial intelligence to deliver continuous risk monitoring and compliance management capabilities for CISOs and risk professionals, with a focus on providing a distinctive approach to organizational risk management.
by Acrea
Acrea AB is a Swedish GRC software company providing its proprietary Enterprise Information Tool (EIT), a standardized yet highly configurable governance, risk, and compliance platform. Available as on-premise installation or cloud service, EIT enables organizations to manage risks, track compliance, and automate GRC processes with an intuitive interface designed for professionals at all levels.
by Alyne by Mitratech
Alyne by Mitratech is a cloud-native, AI-powered GRC platform that connects corporate legal and compliance functions within a single SaaS solution. Supporting 100+ regulatory frameworks and standards, Alyne enables organizations to assess, monitor, report, and act on risks in real time, with particular strength in financial services and FinTech regulatory compliance.
by Aravo
Aravo is a third-party and supply chain risk management platform built on an 'Intelligence First™' foundation that provides visibility and control across vendor and supplier ecosystems. The platform enables organizations to conduct assessments, monitor risks, and manage the entire lifecycle of third-party relationships across n-tier suppliers. Aravo offers advanced risk scoring and evaluation capabilities, with premium support through 'Aravo Advantage,' and addresses emerging governance challenges including AI risk and trusted AI architectures.
by Archer
Archer is an enterprise governance, risk, and compliance platform that quantifies risk exposure in financial terms and provides AI-powered analytics and continuous controls monitoring across operational, enterprise, IT, and third-party domains. The platform serves over 1,200 customers globally and emphasizes real-time risk detection, regulatory intelligence, agentic AI governance, and modern policy change management to help organizations move from observation to action.
by Ascent AutoResilience
Ascent AutoResilience is an AI-powered integrated GRC platform that enables enterprises to manage governance, risk, compliance, and operational resilience. The platform includes modules for business continuity, enterprise risk management, and third-party risk management with support for multiple deployment options.
by Avertro
Avertro is a cybersecurity-focused GRC platform that transforms governance, risk, and compliance into proactive threat defense capabilities. The platform automates compliance processes and third-party risk assessments while providing continuous monitoring and cyber risk quantification.
by BarnOwl
BarnOwl is a fully integrated governance, risk, compliance, and audit software solution serving over 200 clients globally. The platform is designed to support leading risk management frameworks such as COSO and ISO 31000 while providing flexible, configurable modules for risk management, compliance, and audit.
by Bizzdesign (formerly MEGA International, HOPEX)
Bizzdesign is an enterprise architecture and GRC platform provider, combining its own strategic portfolio management capabilities with the HOPEX platform acquired from MEGA International. The combined platform supports governance, risk, compliance, data governance, and business process management within an enterprise architecture context, used by large regulated organisations globally.
by Riskonnect
Riskonnect is a cloud-based integrated risk management platform that extends beyond traditional GRC to encompass governance, risk, compliance, business continuity, safety reporting, and resilience management. The platform provides unified risk visibility across organizational silos, automated workflow management, and AI-powered insights through Agentforce integration. It maintains strong security certifications including SOC Type 1&2 and ISO 27001.
by CERRIX
CERRIX is a leading European GRC software platform that provides integrated risk, compliance, and audit management capabilities. The platform includes support for frameworks like DORA, ISO 27001, GDPR, MiCA, and NIS2, with real-time dashboards and automated workflows. Following the acquisition of Ruler, CERRIX now incorporates AI-powered regulatory monitoring that enables organizations to connect regulatory changes directly to risks, policies, and controls, enhancing their ability to stay ahead of evolving compliance requirements.
by Commugen
Commugen is a no-code GRC platform built to automate and streamline governance, risk, and compliance processes. The platform aggregates compliance data into a unified view and connects risks, controls, and vulnerabilities to provide integrated risk management for over 100 leading enterprises.
by CoreStream
CoreStream is a flexible, no-code SaaS-based governance, risk, and compliance platform that enables organizations to design customized risk management systems. The platform offers rapid implementation (avg. 6 weeks, with some deployments as quick as 10 days), supports multi-region data hosting, and provides a community-driven approach with pre-built templates and configurations. Key differentiators include an intuitive UI, seamless tool integration, and the ability to scale from single solutions to comprehensive GRC packages. The platform serves 100+ countries and boasts a 98% client retention rate.
by Corporater
Corporater provides integrated governance, performance, risk, and compliance (GPRC) software solutions that create a digital twin of an organization, enabling holistic governance and risk management. The platform includes specialized capabilities for operational resilience, IT audit management, ESG management, ISO compliance, and risk quantification, with flexible deployment options including SaaS, on-premise, and private cloud.
by Cura Software
Cura Software Solutions provides a comprehensive, flexible governance, risk, and compliance software suite implemented across 250+ enterprise customers globally. The platform enables organizations to achieve a clear picture of risk and compliance through integrated modules for enterprise risk management, operational risk, compliance, audit, and incident management, available as on-premise or SaaS deployments.
by CyberArrow
CyberArrow GRC is a technology-first governance, risk, and compliance platform focused on automation and continuous compliance. The platform supports 40+ compliance frameworks including ISO 27001 and NIST, features 80+ integrations for automated evidence collection, and enables rapid implementation with go-live possible in as little as 3 weeks.
by DataBee
DataBee, a Comcast Company, is a governance, risk, and compliance platform built on a unified security data fabric that delivers continuous assurance through real-time control effectiveness validation and defensible compliance insights. The platform integrates with over 300 data feeds, evolving beyond traditional continuous controls monitoring to enable context-aware AI-driven compliance across multiple regulatory frameworks including NIST, ISO, CIS, and PCI.
by DigitalXForce
DigitalXForce provides an Enterprise Security Risk Posture Management (ESRPM) platform that enables continuous, automated governance, risk, and compliance through cybersecurity mesh architecture. The platform unifies telemetry from multiple enterprise systems including IAM, SIEM, cloud, DevOps, ERP, and CRM with over 250 pre-built integrations.
by Diligent
Diligent is an AI-first board management and GRC SaaS platform and market leader in the governance, risk and compliance category. The platform serves board members, GRC professionals, and public sector organizations through 'Diligent One Platform,' a unified solution for governance, risk management, regulatory compliance, and audit functions. Core offerings include Diligent Boards (board management), Diligent Community (public sector governance), BoardEffect (nonprofits/higher education), and 3rdRisk (third-party risk management). The platform leverages AI-driven innovation to automate workflows, eliminate manual busywork, and deliver real-time risk intelligence across distributed teams and organizations.
by DiliTrust
DiliTrust provides an AI-native governance and legal management platform designed to simplify and connect legal work across organizations. The platform includes integrated modules for board portal management, contract lifecycle management, and document governance with support for GDPR, HIPAA, ISO 27001, and other compliance standards.
by Drata
Drata is an AI-native GRC automation platform that streamlines security and compliance management by automatically collecting evidence and mapping controls across multiple compliance frameworks. The platform supports 26+ frameworks including SOC 2, ISO 27001, HIPAA, and includes hundreds of native integrations with cloud and enterprise systems.
by Enactia
Enactia is an advanced AI-powered RegTech platform that provides a comprehensive GRC suite designed to automate and simplify compliance management across multiple standards and jurisdictions. The platform offers intelligent modules including Compliance Universe, Policy Management, Vendor & Third Party Management, Enterprise Risk Management, Record of Processing Activities (ROPA), and Incident & Data Breach Management, with the ability to cross-map controls and reduce compliance efforts by up to 80% for organizations of any size. The platform now emphasizes Governance, Risk, Compliance, and Ethics automation.
by Exterro
Exterro is an AI-powered Data Risk Management platform that uses agentic AI to help organizations identify, manage, and mitigate data risk across eDiscovery, Digital Forensics, Data Governance, and Privacy & Compliance functions. The platform combines specialized AI agents and orchestration to provide visibility and control over data landscapes, helping organizations turn data risk into data confidence through defensible, automated processes.
by Fusion Risk Management
Fusion Risk Management provides enterprise resilience software and services focused on business continuity, IT disaster recovery, operational resilience, third-party risk management, and crisis and incident management. Built on the Salesforce platform, Fusion enables organizations to manage and analyze resilience data, improve operational insights, and comply with regulatory frameworks including DORA and FFIEC.
by Granite Risk Management
Granite is an enterprise risk management platform designed for mid-sized organizations in regulated industries such as energy, finance, and IT. The software helps manage risks and compliance without relying on spreadsheets, with a user base of 30,000 monthly active users across UK and Europe.
by Hyperproof
Hyperproof is an AI-powered GRC platform that centralizes compliance, risk, and security workflows through automation and real-time monitoring. The platform features 200+ integrations, AI-driven control mapping, and Hypersync technology for automated evidence collection from popular business systems.
by IBM OpenPages
IBM OpenPages is a scalable, AI-powered integrated GRC platform available as SaaS or on-premises across multiple cloud regions including IBM Cloud Germany, enabling organizations to manage risk, compliance, and audit functions in one unified solution. The platform supports operational risk, model risk, third-party risk, regulatory compliance, IT governance, and business continuity management, and has received the IDC 2024 SaaS CSAT Award for Financial Governance, Risk and Compliance.
by Ideagen
Ideagen provides GRC software solutions with embedded AI to help organizations achieve operational excellence, regulatory compliance, and risk reduction. The platform is designed for regulated and high-compliance industries and enables collaboration on governance, risk, compliance, and operational management processes.
by Interfacing (IMS)
Interfacing provides an Integrated Management System (IMS) platform built for highly regulated sectors including aerospace, life sciences, finance, and government. The platform combines 20+ years of quality and compliance expertise with explainable AI capabilities, emphasizing governance layer definition, process hierarchy validation, and contextual operational insights. Core focus areas include audit resilience, CAPA system enhancement, process mining with understanding, and digital transformation governance.
by ISMS.online
ISMS.online is a cloud-based compliance platform that helps organizations manage information security, data privacy, compliance, and emerging risks across 100+ frameworks including ISO 27001, ISO 42001, ISO 45001, ISO 14001, GDPR, HIPAA, SOC 2, and NIST. The platform combines guidance, templates, and automation to streamline compliance management while addressing AI governance, occupational health & safety, environmental management, and supply chain risks. The platform emphasizes user experience and expert support.
by IsoMetrix
IsoMetrix provides integrated risk management software for ESG, sustainability, EHS, enterprise risk management, internal audit, and compliance functions with 25+ years of industry experience. The platform serves organizations across manufacturing, energy, resources, logistics, and infrastructure sectors with a 95% client retention rate.
by LogicGate
LogicGate provides Risk Cloud, an AI-powered no-code GRC platform that streamlines and automates governance, risk, and compliance processes. The platform offers 40+ purpose-built applications covering domains like AI Governance, ESG Risk, Cyber Risk, Operational Risk, and Compliance, with AI-driven features including Spark AI for task automation, automated evidence collection and testing, and Risk Cloud Quantify for financial risk quantification.
by LogicManager
LogicManager is an enterprise risk management (ERM) platform that enables organizations to manage risks through a risk-based approach to GRC by connecting insights from operations to the boardroom. The platform provides risk prioritization, business analytics, and stakeholder engagement capabilities for enterprise-wide risk management.
by MetricStream
MetricStream is a global SaaS leader in Integrated Risk Management (IRM) and GRC solutions enabling organizations to thrive on risk through informed decision-making. Under new CEO Marc Levine and Vice Chairman Gaurav Kapoor, the company has repositioned around an AI-first 'Intelligent GRC' strategy for proactive risk detection, continuous insights, and faster remediation. The platform offers ConnectedGRC and specialized product lines including BusinessGRC, CyberGRC, and ESGRC built on a single, scalable platform with unified control fabric capabilities. New capabilities include AI agent governance and security standards compliance, multi-language support across 650+ languages, and continuous compliance automation across NIST, DORA, GDPR, and EU AI Act frameworks.
by NAVEX Global
NAVEX Global provides an AI-powered GRC platform (NAVEX One) that unifies risk and compliance programs, enabling organizations to manage regulations, risk, training, whistleblowing, policies, and disclosures in a single integrated tool with board-ready dashboards. NAVEX also offers specialized solutions including Regulatory Change Management software for monitoring regulatory updates and managing compliance change workflows.
by NorthGRC
NorthGRC is a cloud-based information security management system that helps organizations manage IT risks, security, privacy, and compliance requirements efficiently across frameworks including ISO 27001/2, GDPR, NIS2, and PCI DSS.
by OneTrust
OneTrust is an AI-governance-first trust intelligence platform that automates governance, risk, and compliance processes with emphasis on responsible AI and data use. The platform integrates traditional GRC functions (compliance management, controls, third-party risk, data governance, privacy, ESG) with dedicated AI Governance capabilities for continuous risk management, AI ROI visibility, and regulatory compliance (CCPA, EU AI Act, NIST AI RMF). Positioned as essential infrastructure enabling innovation at scale through unified consent governance, privacy automation, and trusted data frameworks.
by Onspring
Onspring is an automated business process solutions platform and top-ranked GRC software suite that connects and monitors all business-critical functions, processes, and information. The cloud-based, low-code/no-code platform enables enterprises and government agencies to build applications and workflows without IT involvement, delivering transformational visibility and enabling rapid deployment of risk management, compliance, third-party risk, and internal audit programs.
by Optial
Optial provides a scalable, modular GRC software platform that centralizes compliance management, audit tracking, incident reporting, and risk mitigation in one user-friendly interface with flexible deployment options including SaaS, on-premise, and private cloud.
by Optro (formerly AuditBoard)
Optro (rebranded from AuditBoard in 2026) is a cloud-based connected risk platform trusted by the Fortune 500 that delivers unified governance, risk, and compliance management. The platform provides AI-powered automation, integrated audit management, and compliance control across multiple frameworks including SOX, HIPAA, and GDPR.
by Origami Risk
Origami Risk offers an integrated GRC suite for enterprise risk, compliance, internal audit, internal controls, and business continuity management on a single SaaS platform. The platform is purpose-built for resilience with configurable and scalable capabilities, advanced AI-powered automation, no-code workflow automation, intelligent data validation and transformation, and AI-driven analytics. Solutions span P&C Insurance, RMIS, EHS, GRC, Healthcare, and Integrated Risk Management with mobile capabilities for field data capture.
by OXIAL
OXIAL is a Swiss-founded provider of AI-enhanced GRC software and supervised managed services, offering a comprehensive platform covering risk management, compliance, controls, audit, IT security, and GDPR. OXIAL's distinctive 'Supervised GRC' (sGRC) model combines software with ongoing expert advisory services, enabling large organizations including major financial institutions to manage and mitigate complex risks.
by Panaseer
Panaseer is a continuous controls monitoring platform that provides real-time visibility into cybersecurity posture by integrating data from existing security, IT, and business tools to automate the measurement of control effectiveness across cyber control domains.
by Phinity Risk Solutions
Phinity Risk Solutions develops cloud applications for the information risk and governance market, integrating into risk and compliance processes to help organizations decrease risk exposure through unified platform management.
by ProcessGene
ProcessGene offers specialized GRC and business process management (BPM) software for multi-subsidiary enterprises, featuring proprietary Multi-Org technology that enables centralized global control with local flexibility. The cloud-based solution provides direct enterprise software connectivity, supports business process realization, and can be implemented rapidly across organizations.
by ProcessUnity
ProcessUnity provides a cloud-based GRC platform that helps organizations assess, measure, and mitigate risk across third-party relationships, policy management, enterprise risk, regulatory compliance, incident management, and related governance functions.
by Protecht
Protecht is an AI-enhanced GRC software platform that provides full governance, risk, and compliance capabilities tailored to functional obligations, enabling organizations to measure and monitor risks and take appropriate actions across the enterprise.
by Qmulos
Qmulos provides real-time compliance automation and continuous controls monitoring solutions through its Q-Compliance application, helping enterprises simplify technical evidence collection, streamline workflows, and strengthen their security posture.
by Resolver (Kroll)
Resolver, a Kroll Business, provides integrated GRC software that helps governance, risk, and compliance teams gain efficiency in managing risk intelligence and safeguarding organizations through streamlined reporting and risk management solutions. The platform's capabilities were expanded through Kroll's acquisition of Crisp in 2022, incorporating real-time risk intelligence and resilience solutions.
by Responsum
Responsum is a privacy management software solution that assists privacy professionals in managing compliance and mitigating risks across data protection frameworks such as GDPR, ISO 27001, and NIST through centralized management of privacy operations.
by RiskBusiness
RiskBusiness is a practitioner-founded GRAC (Governance, Risk, Audit and Compliance) platform provider with over 200 financial services clients globally. Built by ex-financial services professionals, the platform combines integrated GRC software (GRACI) with proprietary risk content including KRI libraries, scenario libraries, operational loss case studies, and regulatory content. RiskBusiness also operates GOLD (Global Operational Loss Database) on behalf of UK Finance, and provides specialist risk intelligence services to 15 international financial institutions including the World Bank and IMF.
by Riskonnect
Riskonnect provides AI-powered risk, compliance, and resilience software that unifies risk data and intelligence across enterprise functions. Core GRC capabilities include enterprise risk management, compliance, IT risk management, policy management, third-party risk management, internal audit, and AI governance. The platform also delivers specialized solutions for insurable risk management (RMIS, claims, policy administration, billing), business continuity and operational resilience, and health & safety. Organizations use Riskonnect to connect risk signals, orchestrate cross-functional responses, and translate risk exposure into business and financial impact.
by RISMA Systems
RISMA Systems provides integrated GRC software that enables organizations to manage and document their compliance, risk management, and controls through a robust, flexible, and highly scalable technology platform supporting all governance, risk, and compliance areas.
by Rosca Technologies
Rosca Technologies is a cybersecurity solutions company offering strategic cyber threat management, penetration testing, and managed detection and response services to protect organizations from cyber threats.
by Ruleguard
Ruleguard offers a GRC and compliance software platform designed for the financial services industry, providing modules for compliance tracking, risk management, policy management, and third-party oversight. The platform enables enterprises to manage regulatory obligations, track compliance activities, and maintain governance across their operations.
by SAP GRC
SAP GRC is a suite of modular governance, risk, and compliance solutions integrated with SAP S/4HANA, covering enterprise risk management, identity and access governance, cybersecurity, and data protection. The platform enables organizations to align objectives, manage risks, and ensure regulatory adherence across their business.
by ServiceNow GRC
ServiceNow GRC is a platform that unifies governance, risk, and compliance activities across an organization through automated workflows and AI insights. The solution helps enterprises anticipate threats, maintain compliance, and boost operational resilience enterprise-wide. The platform has expanded to address emerging risk domains including ESG risk management, AI governance, and next-generation risk management capabilities, supporting organizations in managing both traditional and emerging compliance requirements.
by Sprinto
Sprinto is an Autonomous Trust Platform that continuously detects, responds to, and acts on compliance and risk events in real time. The platform automatically interprets 200+ compliance frameworks and custom regulations, maps them to live infrastructure, closes control gaps autonomously, and maintains current evidence without manual intervention. Core capabilities include continuous compliance monitoring with autonomous remediation, autonomous third-party risk management with vendor discovery and tiering, shadow AI detection mapped to ISO 42001 and NIST AI RMF, and dynamic risk posture calculation across cloud, identity, SaaS, and vendor environments. Built for organizations from Series A to enterprise.
by Starhive
Starhive is an AI-powered asset management platform that provides comprehensive, flexible asset tracking across physical, software, and leased assets. The platform centralizes usage, configuration, financial, and risk data, offering AI-driven insights and supporting multiple asset management use cases. With over 500 integrations and configurability for diverse organizational needs, Starhive helps teams optimize asset ROI, reduce administrative overhead, and maintain compliance across various frameworks.
by SureCloud
SureCloud is a governance, risk, and compliance platform that automates risk and compliance processes. The platform offers both SureCloud Foundations (a connected GRC platform for growing risk and compliance teams) and enterprise-wide solutions for organizations of various sizes. Core capabilities include risk management, compliance monitoring, vendor assessment, audit capabilities, and dynamic risk intelligence with automation features.
by Swiss GRC
Swiss GRC is a governance, risk, and compliance software solution that provides an integrated platform with modules for risk management, internal controls, compliance management, and third-party risk management. The company has over 30 years of experience delivering GRC solutions globally with headquarters in Lucerne, Switzerland.
by Symbiant
Symbiant is a modular, AI-embedded governance, risk, compliance, and audit management software platform trusted by organizations since 1999. The platform delivers comprehensive GRC and audit functionality with integrated AI capabilities that uncover hidden threats, identify root causes, and predict control failure impacts. Designed as an affordable, customizable single source of truth for GRC and audit activities across all sectors, Symbiant offers agile scalability starting from £100 per module per month for unlimited users.
by UpGuard
UpGuard is a Cyber Risk Posture Management (CRPM) platform delivering a unified, AI-powered view of organizational cyber risk across external vendors, third parties, and internal workforce. The five-pillar platform includes continuous vendor risk assessments, vulnerability scanning, security questionnaires, Human Risk Management (User Risk), and Risk Automations enabling automated threat resolution. UpGuard recently secured $75M in Series C funding and introduced Risk Automations to help security teams resolve threats in seconds.
by Vanta
Vanta is a trust management platform that leverages AI to automate governance, risk, and compliance activities. Its Agentic Trust Platform features specialized AI agents including the Compliance Agent for evidence collection and remediation, the TPRM Agent for vendor risk assessment, and the Customer Trust Agent for security questionnaire automation. The platform provides continuous monitoring, automated evidence collection across multiple frameworks, intelligent risk assessments, and aims to transform how organizations manage security, compliance, and trust.
by VComply
VComply is a cloud-based governance, risk, and compliance platform that enables organizations to manage compliance, assess and mitigate risks, automate policy management, and streamline audit processes. The platform unites compliance tasks, policies, risks, and cases in a single interface designed for audit readiness. VComply emphasizes measurable risk visibility through unified governance-risk processes, supports continuous audit readiness with AI-driven capabilities, and offers industry-specific compliance solutions including ESG controls, financial services, and operational risk management.
by Wolters Kluwer
Wolters Kluwer provides governance, risk, and compliance solutions including TeamMate (for integrated audit and GRC), OneSumX (combining regulatory intelligence with policy management), and ComplyTrack (designed for healthcare). The company now offers advanced AI-powered solutions across multiple professional domains, helping organizations manage regulatory obligations, mitigate risk, and make more informed decisions through expert-curated content and intelligent workflow guidance.
by Workiva
Workiva is a cloud-based platform for governance, risk, compliance, sustainability, and financial reporting that connects people, data, and processes to enable integrated assurance. The platform provides risk management, internal audit, policy management, and compliance automation across an organization.
by ZenGRC
ZenGRC is a governance, risk, and compliance platform that provides risk management, vendor management, compliance automation, and AI-powered control assessment with support for over 30 industry-standard compliance frameworks. The platform offers both commercial and FedRAMP-compliant government solutions with flat-fee pricing.