Comprehensive GRC capabilities with industry-leading AI features. Explore our full platform capabilities across all modules.
Industry-leading capabilities across all major GRC domains, with particular strength in AI-powered automation.
3+ years ahead of competitors. AI document generation, compliance chatbot, risk analysis reports, and guided assessments.
First-mover advantage. Complete ISO 42001 AI governance plus EU AI Act classification wizard, prohibited practices screening, and conformity tracking.
6 modules including AI-powered assessments
Full ISO 22301 with 8 sub-modules
NCR + RCA integration with CAPA
19 frameworks, 500+ templates
8 audit types, guided wizard
Third-party risk with assessments
170+ modules, 19 standards covered
Full CAPA lifecycle management
AI generation + document library
Purpose-built PRU module for UK Corporate Governance Code
Our AI capabilities are 3+ years ahead of most competitors. Claude AI powers document generation, compliance assistance, and intelligent analysis across the platform.
| AI Feature | Capabilities | Market Position |
|---|---|---|
| AI Document Generation | 50+ compliance documents with real-time streaming, supporting all 11 frameworks | UNIQUE |
| AI Compliance Chatbot | 24/7 Claude-powered assistant with multi-standard context awareness | UNIQUE |
| AI Risk Analysis Reports | 6 report types including portfolio analysis, trends, and insights | UNIQUE |
| AI BC Plan Generation | Industry-aware business continuity plan generation with threat context | UNIQUE |
| AI Risk Extraction | Automatically extract risks from assessment reports to risk register | NEW |
| AI Maturity Assessment | 8-domain AI maturity scoring with actionable recommendations | NEW |
| Guided Audit Wizard | Interactive Q&A with automatic finding generation | UNIQUE |
| BIA Wizard | Guided business impact analysis with 5 sections and auto-save | UNIQUE |
| AI Annual Report Generation | Provision 29 PRU disclosure narrative with principal risks summary and viability statement inputs | UNIQUE |
6 Features
| Module | Key Capabilities | Status |
|---|---|---|
| Risk Register | 5x5 matrix, likelihood/impact scoring, multi-criteria analysis, AI insights | AHEAD |
| Risk Treatments | Progress tracking, 4 treatment types (Accept, Mitigate, Transfer, Avoid), budget tracking | PARITY |
| Top 10 Risks | Dynamic ranking, key risk flagging, historical trend tracking | AHEAD |
| Risk Dashboards | Executive, Operational, and Financial views with interactive heat maps | AHEAD |
| Risk Assessments | Guided Q&A wizard, AI streaming responses, automatic risk extraction | UNIQUE |
| Risk Reports | 6 AI-generated report types with intelligent caching | UNIQUE |
7 Features - MARKET LEADER
| Module | Key Capabilities | Status |
|---|---|---|
| AI Portfolio Dashboard | Fund/Fix/Freeze framework for executive AI portfolio decisions | UNIQUE |
| AI Maturity Assessment | 8 domains, 47 questions, 5-level scoring (Initial to Optimizing) | UNIQUE |
| AI Use Cases | Use case registry with 4 risk tiers and lifecycle tracking | UNIQUE |
| AI Models | Model inventory with versioning, performance tracking, bias monitoring | UNIQUE |
| AI Risk Assessments | AI-specific risk analysis with automated extraction and control mapping | UNIQUE |
| AI ISO Assessment | ISO 42001 compliance assessment with gap analysis and roadmap | UNIQUE |
| EU AI Act Classification | 6-step wizard for risk classification, prohibited practices screening, Annex III matching, conformity tracking | UNIQUE |
8 Features
| Module | Key Capabilities | Status |
|---|---|---|
| BC Dashboard | Readiness score, 8 sub-module cards, real-time activity feed | AHEAD |
| Business Functions (BIA) | Guided BIA wizard with RTO/RPO, 4-tier criticality, dependency mapping | UNIQUE |
| Threat Scenarios | 14 categories, 5x5 risk matrix, inherent/residual scoring | AHEAD |
| Recovery Strategies | 9 strategy types (Hot/Warm/Cold standby, Mutual Aid, etc.), cost tracking | PARITY |
| BC Plans | 8 plan types with AI generation, section management, approval workflow | UNIQUE |
| Exercises & Testing | 6 exercise types (Tabletop, Simulation, Full Interruption), findings tracking | PARITY |
| Crisis Activations | Live crisis management with 6-stage lifecycle and severity levels | AHEAD |
| Crisis Teams & Communications | Team roles, escalation procedures, stakeholder templates | PARITY |
6 Features
| Module | Key Capabilities | Status |
|---|---|---|
| Controls Library | 500+ templates across 19 frameworks, catalog + custom controls | PARITY |
| Audit Management | 8 audit types, 10-status workflow, guided wizard with AI assistance | AHEAD |
| Audit Findings | 4 finding types, 7-status lifecycle, control linking and tracking | AHEAD |
| AI ISO Documents | 50+ document types with SSE streaming, covering all 11 frameworks | UNIQUE |
| AI Compliance Chatbot | 24/7 AI assistant with multi-standard context and markdown responses | UNIQUE |
| Training LMS | 170+ modules across 19 standards with quizzes and certificates | AHEAD |
3 Features
| Module | Key Capabilities | Status |
|---|---|---|
| Incident Management | 7 categories, 7-stage lifecycle, RCA methods (5 Whys, Fishbone), financial tracking | AHEAD |
| Non-Conformances | Major/Minor/Observation types, full CAPA lifecycle, ISO clause linking | AHEAD |
| Corrective Actions | Verification workflow, due date tracking, progress monitoring | AHEAD |
3 Features
| Module | Key Capabilities | Status |
|---|---|---|
| Vendor Registry | 4 criticality tiers, automated risk scoring, contract/SLA tracking | AHEAD |
| Vendor Assessments | Questionnaire templates, 12 assessment categories, weighted scoring | AHEAD |
| Vendor Profiles | Full vendor detail with documents, risk links, issue tracking | PARITY |
35 templates | 40 questions - NEW
| Module | Key Capabilities | Status |
|---|---|---|
| Risk Framework Templates | Risk management policy, framework design, and integration guidance | NEW |
| Risk Assessment Methodology | Risk identification, analysis, and evaluation procedures | NEW |
| Risk Appetite & Tolerance | Risk appetite statements, tolerance thresholds, escalation criteria | NEW |
| Risk Treatment Planning | Treatment options, implementation plans, and residual risk acceptance | NEW |
| Stakeholder Communication | Risk reporting templates, board papers, and communication plans | NEW |
42 templates | 48 questions - NEW
| Module | Key Capabilities | Status |
|---|---|---|
| Anti-Bribery Policy | Zero tolerance policy, scope definition, top management commitment | NEW |
| Bribery Risk Assessment | Risk identification by geography, sector, transaction type, and business relationship | NEW |
| Third-Party Due Diligence | Partner/supplier questionnaires, enhanced due diligence procedures | NEW |
| Gifts & Hospitality | Gifts, hospitality, donations, and sponsorship policies and registers | NEW |
| Whistleblowing | Reporting mechanisms, investigation procedures, protection policies | NEW |
| Financial Controls | Payment controls, approval authorities, and red flag monitoring | NEW |
40 templates | 45 questions - NEW
| Module | Key Capabilities | Status |
|---|---|---|
| Compliance Policy | Compliance commitment, culture statements, accountability framework | NEW |
| Obligation Register | Legal, regulatory, and voluntary obligation tracking with ownership | NEW |
| Compliance Risk Assessment | Obligation-based risk identification and control mapping | NEW |
| Training & Awareness | Compliance training programmes, competency requirements, records | NEW |
| Monitoring & Reporting | Compliance monitoring procedures, KPIs, and management reporting | NEW |
| Non-Compliance Handling | Breach reporting, investigation, remediation, and escalation procedures | NEW |
48 templates | 121 questions - ⭐ MOST COMPREHENSIVE
| Module | Key Capabilities | Status |
|---|---|---|
| OH&S Policy & Objectives | Health & safety policy, objectives, and management commitment | NEW |
| Hazard Identification | Hazard identification procedures, risk registers, and control hierarchies | NEW |
| Job Safety Analysis (JSA) | Task-based risk assessment templates and safe work procedures | NEW |
| Permit to Work | Hot work, confined space, electrical isolation, and working at height permits | NEW |
| Emergency Preparedness | Emergency response plans, evacuation procedures, first aid protocols | NEW |
| Incident Investigation | Incident reporting, root cause analysis, corrective action workflows | NEW |
| PPE & Chemical Management | PPE registers, SDS management, chemical handling procedures | NEW |
| Psychosocial Hazards | Mental health risk assessments, workplace stress management, bullying prevention | NEW |
10 Features - UNIQUE MODULE
| Module | Key Capabilities | Status |
|---|---|---|
| Principal Risk Register | 8 risk categories, 3 risk types (Strategic, Emerging, Operational), 5x5 scoring matrix | UNIQUE |
| Operational Risk Linkage | Many-to-many mapping between principal risks and operational risk register entries | UNIQUE |
| Control Effectiveness Testing | Map mitigating controls with effectiveness ratings, testing schedules, and remediation tracking | UNIQUE |
| Board Oversight Tracking | Board review dates, risk owner assignments, committee oversight, governance trail | UNIQUE |
| AI Annual Report Generation | AI-generated PRU disclosure narrative for annual reports with viability statement inputs | UNIQUE |
| KRI Monitoring | Key Risk Indicators with thresholds, trend tracking, and automated breach alerts | UNIQUE |
| Immutable Audit Trail | Complete change history for risk assessments, control updates, and board decisions | UNIQUE |
| Risk Appetite Framework | Define and monitor risk appetite statements aligned to principal risk categories | AHEAD |
| Emerging Risk Horizon Scanning | Track and assess emerging risks with velocity scoring and escalation workflows | AHEAD |
| Viability Statement Support | Scenario analysis and stress testing inputs for the viability statement | AHEAD |
Complete compliance coverage with 400+ document templates and 1,300+ assessment questions.
| Standard | Templates | Questions | Training | Chatbot |
|---|---|---|---|---|
| ISO 27001:2022 | 30 | 150 | 18 modules | Yes |
| ISO 42001:2023 (AI) | 32 | 160 | 15 modules | Yes |
| ISO 22301:2019 (BCM) | 40 | 47 | Yes | Yes |
| ISO 31000:2018 (Risk) | 35 | 40 | Yes | Yes |
| ISO 37001:2016 (Anti-Bribery) | 42 | 48 | Yes | Yes |
| ISO 37301:2021 (Compliance) | 40 | 45 | Yes | Yes |
| ISO 45001:2018 (OH&S) | 48 | 121 | Yes | Yes |
| GDPR | 30 | 150 | 14 modules | Yes |
| SOC 2 Type II | 40 | 205 | 12 modules | Yes |
| PCI DSS 4.0.1 | 33 | 170 | 14 modules | Yes |
| NIST CSF 2.0 | 34 | 162 | 12 modules | Yes |
| ISO 27017:2015 (Cloud Security) | 35 | 45 | 8 modules | Yes |
| ISO 27018:2019 (Cloud Privacy) | 38 | 50 | 9 modules | Yes |
| ISO 27701:2019 (Privacy) | 50 | 65 | 12 modules | Yes |
| Cyber Essentials 2023 | 25 | 35 | 10 modules | Yes |
| Cyber Essentials Plus 2023 | 30 | 40 | 12 modules | Yes |
| IASME Cyber Assurance 2023 | 45 | 55 | 14 modules | Yes |
| IASME DCC 2023 | 35 | 45 | 11 modules | Yes |
| IASME MSP 2024 | 40 | 50 | 13 modules | Yes |
| UK Corporate Governance Code — Provision 29 | PRU Module | 10 capabilities | Yes | Yes | |
Integrated Management System (IMS) Ready: GRCxAI supports all major ISO management system standards in one unified platform. From information security to occupational health & safety, from AI governance to compliance management — achieve certification across multiple standards with shared controls and evidence.
Experience all 50+ features across 19 compliance standards in our comprehensive GRC platform.