GRC Lighthouse [Alpha]

Project [codename Alpha] is an initiative to identify the top challenges information security and risk profesionals face in managing Governance, Risk and Compliance activities. With challenges documented we are focusing on the building blocks of a lightweight extensible control framework which will help to address such challenges in efficiently and enhance visibility, metrics and implementation of governance, risk and compliance programs. If you would like to get involved just contact us!


Still trying to manage risk assesments, audits, reports, evidence with Spreadsheets? Trying to import, export, correlate, get metrics, automate notifications, keep track of what is actually happening? sound familiar? well we decided to build it ourselves!


Our solution

After years of listening to thousands of information security professionals talk about the same pain points we realised something has to be done. The great majority of data breaches are down to human intervention whether direct or indirect, intentional or unintentional. Effectively we need a system that enables you to log/document/measure standards, frameworks, policies, processes, procedures, tasks, risks, assets, metrics, performance, KPI's, controls. The system should be available and be accesible to anyone and easy to understand.



Lightning Fast UI build with the latest tech. Can you believe it?


Policies & Procedures

Turn policies into action, measure conformance, track dependencies. Yes really.


Risk Assesment

Easily Manage Risks, link anything (Assets, Controls, Requirements...)


Project Management

Assign, review, approve, schedule, plan, track, single and recurring tasks.
No more losing track.


Risk Management

Executive and Detailed Reporting anytime with in depth analytics. No more Spreadsheets.


Training & Communication

In-built KPIs, CSFs, L&D Metrics. Staff development analytics without the pain.


Control Mapping

PCI DSS, ISO27001, GDPR, NIST, CIS... Manage multiple standards with one consolidated control framework.



Automated reporting with in-depth drill down, always up to date

Sign up for an early release demo

We're building something great, sign up here to schedule a demo

Schedule a Demo