Loading...
Loading...
Browse, filter, and compare B2B software vendors
68 vendors found
by Diligent
Diligent is an AI-first board management and GRC SaaS platform and market leader in the governance, risk and compliance category. The platform serves board members, GRC professionals, public sector organizations, and enterprise risk managers through 'Diligent One Platform,' a unified solution for governance, risk management, regulatory compliance, and audit functions. Core offerings include Diligent Boards (board management), Diligent Community (public sector governance), BoardEffect (nonprofits/higher education), 3rdRisk (third-party risk management), Diligent Entities (subsidiary management), and Diligent Market Intelligence (shareholder activism, executive compensation, and ESG data). The platform emphasizes AI-driven innovation to automate workflows and deliver real-time risk intelligence.
by Mitratech
Mitratech is a cloud-native, AI-powered GRC platform that connects corporate legal and compliance functions within a single SaaS solution. Supporting 100+ regulatory frameworks and standards, Mitratech enables organizations to assess, monitor, report, and act on risks in real time, with particular strength in financial services and FinTech regulatory compliance.
by 6clicks
6clicks is an AI-powered governance, risk, and compliance platform that differentiates itself from traditional GRC software. The platform leverages artificial intelligence to deliver continuous risk monitoring and compliance management capabilities for CISOs and risk professionals, with a focus on providing a distinctive approach to organizational risk management.
by Aravo
Aravo is a purpose-built third-party and supply chain risk management platform with an 'Intelligence First™' foundation powered by advanced automation, Machine Learning, Generative AI, and Agentic AI. The platform delivers centralized visibility and control across vendor and supplier ecosystems, supporting 5M+ third-party users globally. Aravo enables organizations to conduct assessments, monitor risks, and manage entire lifecycle of third-party relationships across n-tier suppliers with AI-driven evaluation, customizable workflows, and support for 50+ risk and compliance domains. The platform combines scalable SaaS technology with expert services to drive TPRM operational excellence and measurable business outcomes.
by Archer
Archer is an enterprise governance, risk, and compliance platform that quantifies risk exposure in financial terms and provides AI-powered analytics, continuous controls monitoring, and agentic AI governance across operational, enterprise, IT, and third-party domains. The platform serves over 1,200 customers globally and emphasizes modern policy change management, regulatory intelligence, real-time risk detection, critical infrastructure governance, and frameworks like the AI Agent Workforce Charter to help organizations move from observation to action.
by Ascent AutoResilience
Ascent AutoResilience is an AI-powered integrated GRC platform that enables enterprises to manage governance, risk, compliance, and operational resilience. The platform includes modules for business continuity, enterprise risk management, and third-party risk management with support for multiple deployment options.
by Avertro
Avertro is a threat-informed GRC platform that transforms governance, risk, and compliance data into actionable threat defense capabilities. The platform combines compliance automation, third-party risk assessment, and continuous control monitoring with AI-powered threat scenario simulation and quantifiable cybersecurity ROI metrics, enabling security teams to anticipate threats and align security investments with business objectives.
by BarnOwl
BarnOwl is a fully integrated governance, risk, compliance, and audit software solution serving over 200 clients globally. The platform is designed to support leading risk management frameworks such as COSO and ISO 31000 while providing flexible, configurable modules for risk management, compliance, and audit.
by Bizzdesign (formerly MEGA International, HOPEX)
Bizzdesign is an enterprise transformation platform combining strategic portfolio management, governance, risk, compliance, data governance, and business process management. The platform, built on the HOPEX architecture foundation, is positioned as an AI-driven enterprise transformation suite serving large regulated organizations globally seeking operational excellence and governance optimization.
by Riskonnect
Riskonnect is a cloud-based integrated risk management platform that extends beyond traditional GRC to encompass governance, risk, compliance, business continuity, safety reporting, and resilience management. The platform provides unified risk visibility across organizational silos, automated workflow management, and AI-powered insights through Agentforce integration. It maintains strong security certifications including SOC Type 1&2 and ISO 27001.
by CERRIX
CERRIX is a leading European GRC software platform that provides integrated risk, compliance, and audit management capabilities. The platform includes support for frameworks like DORA, ISO 27001, GDPR, MiCA, and NIS2, with real-time dashboards and automated workflows. Following the acquisition of Ruler, CERRIX now incorporates AI-powered regulatory monitoring that enables organizations to connect regulatory changes directly to risks, policies, and controls, enhancing their ability to stay ahead of evolving compliance requirements.
by Commugen
Commugen is a no-code GRC platform built to automate and streamline governance, risk, and compliance processes. The platform aggregates compliance data into a unified view and connects risks, controls, and vulnerabilities to provide integrated risk management for over 100 leading enterprises.
by CoreStream
CoreStream is an AI-enabled, no-code SaaS-based governance, risk, and compliance platform that helps organizations design customized, intelligence-first risk management systems. The platform combines rapid implementation (avg. 6 weeks) with value-based process optimization, supporting multi-region data hosting and pre-built templates across specialized domains including audit management, third-party risk, conflict of interest, and regulatory compliance (GDPR, Provision 29). It serves 100+ countries with a 98% client retention rate.
by Corporater
Corporater provides an integrated Governance, Performance, Risk, and Compliance (GPRC) platform augmented by AI and digital twin technology that creates a unified system for managing GRC alongside strategy and performance management. The platform enables organizations to automate GRC processes, achieve strategic alignment, and operate as connected enterprises through a single, agile architecture that supports specialized capabilities including compliance management, operational resilience, IT audit management, ESG management, ISO compliance, and risk quantification. Deployment options include SaaS, on-premise, and private cloud, with all solutions available independently or seamlessly integrated into custom business-integrated GRC systems.
by Cura Software
Cura Software Solutions provides a comprehensive, flexible governance, risk, and compliance software suite implemented across 250+ enterprise customers globally. The platform enables organizations to achieve a clear picture of risk and compliance through integrated modules for enterprise risk management, operational risk, compliance, audit, and incident management, available as on-premise or SaaS deployments.
by CyberArrow
CyberArrow GRC is a technology-first governance, risk, and compliance platform focused on automation and continuous compliance. The platform supports 40+ compliance frameworks including ISO 27001 and NIST, features 80+ integrations for automated evidence collection, and enables rapid implementation with go-live possible in as little as 3 weeks.
by DataBee
DataBee, a Comcast Company, is a governance, risk, and compliance platform built on a unified security data fabric that delivers continuous assurance through context-aware AI, real-time control effectiveness validation, and defensible compliance insights. The platform integrates with over 300 data feeds and evolves beyond traditional continuous controls monitoring to enable AI governance, threat detection, and context-aware compliance across multiple regulatory frameworks including NIST, ISO, CIS, and PCI.
by DigitalXForce
DigitalXForce provides an Enterprise Security Risk Posture Management (ESRPM) platform that enables continuous, automated governance, risk, and compliance through cybersecurity mesh architecture. The platform unifies telemetry from multiple enterprise systems including IAM, SIEM, cloud, DevOps, ERP, and CRM with over 250 pre-built integrations.
by DiliTrust
DiliTrust provides an AI-native governance and legal management platform designed to simplify and connect legal work across organizations. The platform includes integrated modules for board portal management, contract lifecycle management, and document governance with support for GDPR, HIPAA, ISO 27001, and other compliance standards.
by Drata
Drata is an AI-native GRC automation platform that streamlines security and compliance management by automatically collecting evidence and mapping controls across multiple compliance frameworks. The platform supports 26+ frameworks including SOC 2, ISO 27001, HIPAA, and includes hundreds of native integrations with cloud and enterprise systems.
by Enactia
Enactia is an advanced AI-powered RegTech platform that provides a comprehensive GRC suite designed to automate and simplify compliance management across multiple standards and jurisdictions. The platform offers intelligent modules including Compliance Universe, Policy Management, Vendor & Third Party Management, Enterprise Risk Management, Record of Processing Activities (ROPA), and Incident & Data Breach Management, with the ability to cross-map controls and reduce compliance efforts by up to 80% for organizations of any size. The platform now emphasizes Governance, Risk, Compliance, and Ethics automation.
by Exterro
Exterro is an AI-powered Data Risk Management platform that uses agentic AI to help organizations identify, manage, and mitigate data risk across eDiscovery, Digital Forensics, Data Governance, and Privacy & Compliance functions. The platform combines specialized AI agents and orchestration to provide visibility and control over data landscapes, helping organizations turn data risk into data confidence through defensible, automated processes.
by Fusion Risk Management
Fusion Risk Management provides enterprise resilience software and services focused on business continuity, IT disaster recovery, operational resilience, third-party risk management, and crisis and incident management. Built on the Salesforce platform, Fusion enables organizations to manage and analyze resilience data, improve operational insights, and comply with regulatory frameworks including DORA and FFIEC.
by Granite Risk Management
Granite is an enterprise risk management platform designed for mid-sized organizations in regulated industries such as energy, finance, and IT. The software helps manage risks and compliance without relying on spreadsheets, with a user base of 30,000 monthly active users across UK and Europe.
by Hyperproof
Hyperproof is an AI-powered GRC platform that centralizes compliance, risk, and security workflows through automation and real-time monitoring. The platform features 200+ integrations, AI-driven control mapping, and Hypersync technology for automated evidence collection from popular business systems.
by IBM OpenPages
IBM OpenPages is a scalable, AI-powered integrated GRC platform available as SaaS or on-premises across multiple cloud regions including IBM Cloud Germany, enabling organizations to manage risk, compliance, and audit functions in one unified solution. The platform supports operational risk, model risk, third-party risk, regulatory compliance, IT governance, and business continuity management, and has received the IDC 2024 SaaS CSAT Award for Financial Governance, Risk and Compliance.
by Ideagen
Ideagen provides integrated GRC software solutions with embedded AI (Mazlan) to help organizations achieve operational excellence, regulatory compliance, and risk reduction. The platform includes dedicated modules for EHS, Compliance, and Quality Management, designed for regulated and high-compliance industries. Ideagen enables collaboration on governance, risk, compliance, and operational management processes, with AI-driven incident prevention, automated reporting, and enterprise-wide risk visibility.
by Acrea AB
Acrea AB is a Swedish GRC software company offering its product suite Indigo GRC, including Indigo GRC Accelerator and Indigo GRC Hub. The platform is a standardized yet highly configurable governance, risk, and compliance solution designed to support organizations in managing risk, ensuring compliance, and automating GRC processes. Available as both a cloud service and on-premise installation, Indigo GRC enables organizations to move from document-based governance to structured, data-driven processes. The platform is designed with an intuitive interface to support professionals at all levels of the organization. Indigo GRC positions itself as a European-focused, rapidly deployable GRC platform purpose-built for organizations navigating EU regulatory requirements such as NIS2, DORA, and GDPR. Its differentiation lies in enabling fast time-to-value through a combination of standardization, configurability, and automation. The vendor primarily targets regulated mid-market to enterprise organizations in Nordic and European markets seeking strong regional expertise.
by Interfacing (IMS)
Interfacing provides an Integrated Management System (IMS) platform for highly regulated sectors (aerospace, life sciences, finance, government) that builds Digital Twin Organizations by establishing governance layer foundations and unified operating models. The platform combines 20+ years of quality and compliance expertise with explainable AI to move beyond fragmented systems and reactive compliance toward intelligent operations. Core capabilities address the root causes of digital transformation stall: governance architecture definition, operating model unification, explainable AI for CAPA root-cause understanding, and process hierarchy validation that prevents recurring quality events.
by ISMS.online
ISMS.online is a cloud-based compliance platform that helps organizations manage information security, data privacy, compliance, and emerging risks across 100+ frameworks including ISO 27001, ISO 42001, ISO 45001, ISO 14001, GDPR, HIPAA, SOC 2, and NIST. The platform combines guidance, templates, and automation to streamline compliance management while addressing AI governance, occupational health & safety, environmental management, and supply chain risks. The platform emphasizes user experience and expert support.
by IsoMetrix
IsoMetrix provides integrated risk management software for ESG, sustainability, EHS, enterprise risk management, internal audit, and compliance functions with 25+ years of industry experience. The platform serves organizations across manufacturing, energy, resources, logistics, and infrastructure sectors with a 95% client retention rate.
by LogicGate
LogicGate provides Risk Cloud, an AI-powered no-code GRC platform that streamlines and automates governance, risk, and compliance processes. The platform offers 40+ purpose-built applications covering domains like AI Governance, ESG Risk, Cyber Risk, Operational Risk, and Compliance, with AI-driven features including Spark AI for task automation, automated evidence collection and testing, and Risk Cloud Quantify for financial risk quantification. LogicGate is positioning AI Governance as a market-leading capability, emphasizing real oversight versus performative compliance.
by LogicManager
LogicManager is an enterprise risk management (ERM) platform that enables organizations to manage risks through a risk-based approach to GRC by connecting insights from operations to the boardroom. The platform provides risk prioritization, business analytics, and stakeholder engagement capabilities for enterprise-wide risk management.
by MetricStream
MetricStream is a global SaaS leader in Integrated Risk Management (IRM) and GRC solutions enabling organizations to thrive on risk through informed decision-making. Under new CEO Marc Levine and Vice Chairman Gaurav Kapoor, the company has repositioned around an AI-first 'Intelligent GRC' strategy for proactive risk detection, continuous insights, and faster remediation. The platform offers ConnectedGRC and specialized product lines including BusinessGRC, CyberGRC, and ESGRC built on a single, scalable platform with unified control fabric capabilities. New capabilities include AI agent governance aligned with NIST AI Agent Standards Initiative, security standards compliance, multi-language support across 650+ languages via Intento partnership, and continuous compliance automation across NIST, DORA, GDPR, SEC, NIS2, and EU AI Act frameworks.
by NAVEX Global
NAVEX Global provides an AI-powered GRC platform (NAVEX One) that unifies risk and compliance programs through connected intelligence, enabling organizations to manage governance, risk, compliance, whistleblowing, ethics training, policies, and disclosures in a single integrated tool. NAVEX One now includes Regulatory Change Management Software as a named module that monitors regulatory updates, assesses impact, and manages compliance change workflows. The platform serves 13,000+ organizations globally with board-ready dashboards and AI-driven automation for improved visibility and problem-solving.
by NorthGRC
NorthGRC is a cloud-based information security management system that helps organizations manage IT risks, security, privacy, and compliance requirements efficiently across frameworks including ISO 27001/2, GDPR, NIS2, and PCI DSS.
by OneTrust
OneTrust is the AI-Ready Governance Platform™ built to prevent data misuse and enable continuous governance across privacy, risk, data, and compliance. The platform automates GRC processes (compliance management, controls, third-party risk, data governance, privacy, ESG) while embedding compliance and control across the AI lifecycle. OneTrust connects every governance workflow on a single platform with continuous monitoring, automated controls, and programmatic enforcement—enabling organizations to govern well and move fast while maintaining regulatory compliance and reducing manual compliance work.
by Onspring
Onspring is an AI-powered GRC platform that connects and monitors all business-critical functions, processes, and information across enterprises and government agencies. The cloud-based, low-code/no-code platform enables rapid deployment of risk management, compliance, third-party and supply chain risk, and internal audit programs—with real-time risk visibility, continuous compliance monitoring, and secure AI-driven automation to reduce manual effort and improve decision-making.
by Optial
Optial provides a scalable, modular GRC software platform that centralizes compliance management, audit tracking, incident reporting, and risk mitigation in one user-friendly interface with flexible deployment options including SaaS, on-premise, and private cloud.
by Optro (formerly AuditBoard)
Optro (rebranded from AuditBoard in March 2026) is a cloud-based connected risk platform trusted by the Fortune 500 that delivers unified governance, risk, and compliance management through a single, AI-powered system of action. The platform provides AI-powered automation, integrated audit management, and compliance control across multiple frameworks including SOX, HIPAA, and GDPR, with emerging focus on AI risk management oversight and AI-enabled fraud detection.
by Origami Risk
Origami Risk offers a cloud-native SaaS platform purpose-built for resilience, serving six configurable solution verticals: P&C Insurance, RMIS, EHS, GRC, Healthcare, and Integrated Risk Management. The platform integrates risk management, compliance, internal audit, controls, business continuity, and claims administration workflows. Core capabilities include Origami AI (data validation, workflow automation, and AI-powered analytics), Origami Mobile for field data capture, advanced reporting dashboards, and API-driven integrations. Positioned as an AI-first platform where 'AI only works if it works for you,' emphasizing practical, user-controlled implementation of AI into existing operations.
by OXIAL
OXIAL is a Swiss-founded provider of AI-enhanced GRC software and supervised managed services, offering a comprehensive platform covering risk management, compliance, controls, audit, IT security, and GDPR. OXIAL's distinctive 'Supervised GRC' (sGRC) model combines software with ongoing expert advisory services, enabling large organizations including major financial institutions to manage and mitigate complex risks.
by Panaseer
Panaseer is a continuous controls monitoring platform that provides real-time visibility into cybersecurity posture by integrating data from existing security, IT, and business tools to automate the measurement of control effectiveness across cyber control domains.
by Phinity Risk Solutions
Phinity Risk Solutions develops cloud applications for the information risk and governance market, integrating into risk and compliance processes to help organizations decrease risk exposure through unified platform management.
by ProcessGene
ProcessGene offers specialized Process-Driven GRC and BPM software powered by an integrated workflow platform, serving multi-subsidiary enterprises. The proprietary Multi-Org technology enables centralized global control with local flexibility for both GRC and BPM applications. The cloud-based SaaS solution provides direct enterprise software connectivity, automates business process realization subject to regulatory compliance, and supports guaranteed rapid production deployment within days across organizations.
by ProcessUnity
ProcessUnity provides a cloud-based GRC platform that helps organizations assess, measure, and mitigate risk across third-party relationships, policy management, enterprise risk, regulatory compliance, incident management, and related governance functions.
by Protecht
Protecht is an AI-enhanced GRC software platform providing full governance, risk, and compliance capabilities including enterprise risk management, audit, compliance, controls, cyber and IT risk, operational resilience and BCM, vendor risk, and workplace health and safety. The platform features Cognita, an intelligent AI assistant that identifies critical gaps, guides users in real time, and automates administrative tasks to enable faster, more confident decision-making across the enterprise.
by Qmulos
Qmulos provides real-time compliance automation and continuous controls monitoring solutions through its Q-Compliance application, helping enterprises simplify technical evidence collection, streamline workflows, and strengthen their security posture.
by Resolver (Kroll)
Resolver, a Kroll Business, provides integrated GRC software that helps governance, risk, and compliance teams gain efficiency in managing risk intelligence and safeguarding organizations through streamlined reporting and risk management solutions. The platform's capabilities were expanded through Kroll's acquisition of Crisp in 2022, incorporating real-time risk intelligence and resilience solutions.
by Responsum
Responsum is a unified privacy, security, risk, and compliance platform that enables organizations to manage privacy operations, security posture, risk assessment, and AI governance across frameworks like GDPR, ISO 27001, and NIST. The platform centralizes compliance documentation, automates assessments (DPIAs, TIAs), provides real-time security monitoring, risk prioritization, and AI governance controls, while supporting third-party risk management and cross-functional collaboration.
by RiskBusiness
RiskBusiness is a practitioner-founded GRAC (Governance, Risk, Audit and Compliance) platform provider with over 200 financial services clients globally. Built by ex-financial services professionals, the platform Graci 360° combines integrated governance, risk, audit and compliance software with proprietary risk content including KRI libraries, scenario libraries, and operational loss case studies. The vendor operates GOLD (Global Operational Loss Database), which it acquired from UK Finance in March 2022. RiskBusiness holds SOC 2 accreditation and provides specialist risk intelligence services and advisory services to financial institutions including the World Bank and IMF.
by Riskonnect
Riskonnect provides enterprise-scale AI-powered risk, compliance, and resilience software that unifies risk data and intelligence across enterprise functions. The platform is positioned around AI-driven orchestration (Agentforce 360) to connect risk signals, orchestrate cross-functional responses, and translate risk exposure into business and financial impact. Core GRC capabilities include business strategy, enterprise risk management, compliance, policy management, internal controls, internal audit, IT risk management, AI governance, third-party risk management, and project risk management. The platform also delivers specialized solutions for insurable risk management (RMIS, claims, policy administration, billing), health & safety, business continuity, operational resilience, crisis management, and threat intelligence.
by RISMA Systems
RISMA Systems provides integrated GRC software that enables organizations to manage and document their compliance, risk management, and controls through a robust, flexible, and highly scalable technology platform supporting all governance, risk, and compliance areas.
by Rosca Technologies
Rosca Technologies is a cybersecurity solutions company offering strategic cyber threat management, penetration testing, and managed detection and response services to protect organizations from cyber threats.
by Ruleguard
Ruleguard offers a GRC and compliance software platform designed for the financial services industry, providing modules for compliance tracking, risk management, policy management, and third-party oversight. The platform enables enterprises to manage regulatory obligations, track compliance activities, and maintain governance across their operations.
by SAP GRC
SAP GRC is a suite of modular governance, risk, and compliance solutions integrated with SAP S/4HANA, covering enterprise risk management, identity and access governance, cybersecurity, and data protection. The platform enables organizations to align objectives, manage risks, and ensure regulatory adherence across their business.
by ServiceNow GRC
ServiceNow GRC is a platform that unifies governance, risk, and compliance activities across an organization through automated workflows and AI insights. The solution helps enterprises anticipate threats, maintain compliance, and boost operational resilience enterprise-wide. The platform has expanded to address emerging risk domains including ESG risk management, AI governance, and next-generation risk management capabilities, supporting organizations in managing both traditional and emerging compliance requirements.
by Sprinto
Sprinto is an Autonomous Trust Platform that continuously detects, determines what's at risk, and acts across compliance, vendor risk, AI governance, and more. The platform interprets 200+ compliance frameworks and custom regulations, maps them to live infrastructure, and executes autonomous remediation to close control gaps. Core capabilities include unified commitments management, continuous compliance monitoring with autonomous remediation, autonomous third-party risk management with automated discovery and tiering, autonomous AI governance mapping to ISO 42001 and NIST AI RMF, live risk posture calculation continuously recalculating inherent and residual risk from real-time signals, and automated Trust Center and security questionnaire capabilities. Built for organizations from Series A to enterprise, with Sprinto Ignite offering simplified compliance solutions for tech startups.
by Starhive
Starhive is an AI-powered asset management platform that provides comprehensive, flexible asset tracking across physical, software, and leased assets. The platform centralizes usage, configuration, financial, and risk data, offering AI-driven insights and supporting multiple asset management use cases. With over 500 integrations and configurability for diverse organizational needs, Starhive helps teams optimize asset ROI, reduce administrative overhead, and maintain compliance across various frameworks.
by SureCloud
SureCloud is a governance, risk, and compliance platform that automates risk and compliance processes through Gracie AI, an governed AI assistant that scales GRC expertise. The platform connects risk management, compliance monitoring, vendor assessment (TPRM), internal audit, data privacy, and business continuity in one unified system. Core capabilities include native continuous controls monitoring, automated evidence collection, automated control testing, AI-driven report generation, custom AI skills creation, and event-based architecture ensuring full auditability. SureCloud serves organizations of all sizes and is positioned as an action-execution platform, not a reporting tool.
by Swiss GRC
Swiss GRC is a governance, risk, and compliance software solution offering an integrated platform with modules for risk management, internal controls, compliance management, information security management (ISMS), business continuity management (BCM), third-party risk management, and business process modelling (BPM). The company has over 30 years of experience delivering GRC solutions globally with headquarters in Lucerne, Switzerland, and is specifically optimized for DACH-region regulatory requirements including DORA, NIS2, BSI IT-Grundschutz, and GDPR.
by Symbiant
Symbiant is a modular, AI-embedded governance, risk, compliance, and audit management software platform trusted by organizations since 1999. The platform delivers comprehensive GRC and audit functionality with integrated AI capabilities that uncover hidden threats, identify root causes, and predict control failure impacts. Designed as an affordable, customizable single source of truth for GRC and audit activities across all sectors, Symbiant offers agile scalability starting from £100 per module per month for unlimited users.
by UpGuard
UpGuard is a Cyber Risk Posture Management (CRPM) platform delivering a unified, AI-powered view of organizational cyber risk across external vendors, third parties, and internal workforce. The platform includes continuous vendor risk assessments, vulnerability scanning, security questionnaires, Human Risk Management (User Risk), Attack Surface Management, Threat Monitoring within Breach Risk, Trust Exchange for streamlined security communications, and Risk Automations—enabling automated threat resolution in seconds. UpGuard recently secured $75M in Series C funding, expanded threat intelligence coverage by 5x, and has broadened its questionnaire library to include emerging compliance frameworks like DORA.
by Vanta
Vanta is an Agentic Trust Platform that automates governance, risk, and compliance activities through specialized AI agents. The platform includes the Compliance Agent for automating evidence collection across 35+ frameworks (SOC 2, ISO 27001, HIPAA, PCI, GDPR, HITRUST, and more), TPRM Agent for continuous vendor risk monitoring (enhanced by Riskey acquisition), Customer Trust Agent for security questionnaire automation, and Risk Management Agent for continuous controls monitoring. Vanta delivers continuous GRC with real-time alerts, automated workflows, and integrated risk management—enabling organizations to prove trust continuously from a single platform.
by VComply
VComply is a cloud-based governance, risk, and compliance platform that enables organizations to manage compliance, assess and mitigate risks, automate policy management, and streamline audit processes. The platform unites compliance tasks, policies, risks, and cases in a single interface designed for audit readiness. VComply emphasizes measurable risk visibility through unified governance-risk processes, supports continuous audit readiness with AI-driven capabilities, and offers industry-specific compliance solutions including ESG controls, financial services, and operational risk management.
by Wolters Kluwer
Wolters Kluwer is repositioning as a cross-industry professional services platform combining trusted, expert-curated content with Expert AI technology. While maintaining GRC solutions (TeamMate, OneSumX, ComplyTrack), the company now emphasizes vertical-specific offerings including legal (Future Ready Lawyer), finance/CFO, healthcare, and compliance capabilities. Core positioning centers on AI-powered intelligent workflows and real-time decision-making for professionals across legal, finance, tax, accounting, and healthcare sectors, supported by newly established AI Center of Excellence and proprietary 'FAB' innovation platform.
by Workiva
Workiva is a cloud-based platform for governance, risk, compliance, sustainability, and financial reporting that connects people, data, and processes to enable integrated assurance. The platform provides risk management, internal audit, policy management, and compliance automation across an organization.
by ZenGRC
ZenGRC is a governance, risk, and compliance platform that provides risk management, vendor management, compliance automation, and AI-powered control assessment with support for over 30 industry-standard compliance frameworks. The platform offers both commercial and FedRAMP-compliant government solutions with flat-fee pricing.