Is your governance up to date and immediately available? Or do you need to consult different departments and employees in order to make policy steps and implement codes of conduct? Time consuming and inefficient. Managing and controlling data and processes is essential for consistent management, coherent policy and decision-making rights at function level. Achieving goals in an efficient and effective way, with insight and overview of the risks and current guidelines and/or objectives.



CompLions-GRC is familiar with customer cases where up to 70% time is saved compared to the previous methods based on Excel sheets because there is no more duplication of work. Based on the 'Plug & Play Governance' method, the customer can easily add a control framework and increase the scope of control.


The necessary continuous quality improvement according to the PDCA cycle (Plan-Do-Check-Act) is also a lot easier to implement and guarantee, as are periodic audits by third parties that require less time and therefore costs. This quality improvement is greatly appreciated by both the auditors and the clients.


Another added value offered by GRCcontrol is that the unequivocally stored data is also a perfect source for both internal and external reports. These reports are not only intended for internal use, but are also suitable for the stakeholders.

Demo or request a quote?


With GRCcontrol you anticipate current risks and take appropriate safety measures.


For audit planning including automatic and periodic audits, as well as registration of external audits and registration and handling of improvement tasks.

Raporting System

Comes with various standard reports with the possibility to build your own reports.


For management, specialists and employees, up-to-date insight into your compliance (per organization (part), standard, process, means), risks, incidents and (internal/external) audit findings.

Ready to go

Numerous standards frameworks including best-practice measures mapping, numerous risks/threats set(s) including best-practice measures mapping, examples of questionnaires and registers, reporting and dashboarding.


2-factor authentication on login and encrypted traffic for secure communication and data storage in a certified data centre.


Management system for granting authorisations.


Access control based on individuals and functions including AD linking capabilities.


For recording the execution of successive activities.

Document Management

For recording and distribution of documentation and burden of proof. Includes expiration dates and e-mail notification.


NL, UK, FR and GE


Access control based on individuals, roles and functions including AD/FD linking capabilities.

Incident management

Incident management, including registration and handling by means of protocols (work processes) that can be set up entirely according to your own working method.