CompLions can provide various standards frameworks as 'best practice', including an underlying set of measures and set of threats. Think of frameworks such as ISO, NIST, NEN, ISAE and BIO. In addition, GRCcontrol offers the complete freedom to independently add its own standards, SLAs and guidelines. Possibly with the support of our partners.


AVG/GDPR Data Mapping

Measures from the 'best practice set' supplied as standard can easily be linked to one or more requirements (controls), the standards frameworks, legislation and/or regulations. This eliminates duplicate implementation tasks in relation to organisational units in numerous management systems (Excel/databases and applications). This makes it very easy to adapt or add additional control frameworks, internal frameworks and legislation and regulations.

CompLions & Partners

GRCcontrol offers the possibility to add standards, SLAs and guidelines in just a few clicks. You can do this independently, but also with the support of our partners. For the implementation of our tools, for software support and for certification, we work together with experienced partners, who are active in various market segments. Think for example of KPMG, CAP Gemini and Ordina. On technology we work with companies such as Microsoft, Matrix42, Netwrix, KIWA, BSI and Bureau Veritas.

Demo or request a quote?


With GRCcontrol you anticipate current risks and take appropriate safety measures.


For audit planning including automatic and periodic audits, as well as registration of external audits and registration and handling of improvement tasks.

Raporting System

Comes with various standard reports with the possibility to build your own reports.


For management, specialists and employees, up-to-date insight into your compliance (per organization (part), standard, process, means), risks, incidents and (internal/external) audit findings.

Ready to go

Numerous standards frameworks including best-practice measures mapping, numerous risks/threats set(s) including best-practice measures mapping, examples of questionnaires and registers, reporting and dashboarding.


2-factor authentication on login and encrypted traffic for secure communication and data storage in a certified data centre.


Management system for granting authorisations.


Access control based on individuals and functions including AD linking capabilities.


For recording the execution of successive activities.

Document Management

For recording and distribution of documentation and burden of proof. Includes expiration dates and e-mail notification.


NL, UK, FR and GE


Access control based on individuals, roles and functions including AD/FD linking capabilities.

Incident management

Incident management, including registration and handling by means of protocols (work processes) that can be set up entirely according to your own working method.