38 pages · 190 API routes · 29 AI document types · 70+ frameworks

Every feature, explained.

GRCEye is not a one-screen dashboard. It's a full GRC operating system — seven specialized modules working as one integrated platform.

Try it free See solutions by industry

Platform pages

70+

Compliance frameworks

3,500+

Pre-mapped controls

AI document types

Explore every module

Select a module to see all its features in detail.

Risk Management

See, measure, and treat every risk — not just list them.

GRCEye's risk module is built for security teams that need to communicate risk in terms the business understands. From qualitative heatmaps to Monte Carlo financial quantification, every risk has an owner, a score, a treatment plan, and a next-review date.

Try this module free

Risk Register

Full CRUD with likelihood × impact scoring, severity auto-classification, owner assignment, and next-review scheduling.

5×5 Heatmap

Interactive visual heatmap. Click any cell to filter the register. Color-coded by severity with customisable thresholds.

Monte Carlo Quantification

10,000-iteration simulation producing ALE, SLE, P90, and P95 values — turning qualitative scores into financial figures.

Risk Scenarios

Model Threat → Vulnerability → Asset → Control chains. Track current and target probability/impact per scenario.

Custom Risk Matrices

Define your own probability and impact scales (3×3, 5×5, or any custom size) with custom labels, colors, and score mappings.

Risk Acceptance

Formal waiver workflow with justification, approver assignment, expiration date, and compensating controls tracking.

Everything else included

Beyond the core modules, GRCEye includes a complete suite of supporting capabilities.

Activity Log — full audit trail of every user action

Trust Center — public-facing compliance page for customers

Regulatory Change Tracking — monitor deadlines affecting your frameworks

Applied Controls — track cost, effort, progress %, and ETA

Security Exceptions — formal waivers with approval workflow

Risk Quantification — Monte Carlo ALE/SLE/P90/P95

Multi-tenant isolation — each org's data is fully separated

9 built-in roles — granular module-level access control

JWT auth + refresh tokens + API token management

Weekly automated PDF reports — 5 report types

Webhook delivery logs — full observability

3 languages — English, French, Arabic (full RTL)

GRCEye vs. doing it manually

See what changes when you replace spreadsheets and email with a purpose-built platform.

Task

Manual / Spreadsheet

With GRCEye

Framework gap assessment

2–8 weeks of manual control review

Hours — AI analyses all controls at once

Policy creation

Days of writing + legal review

Seconds — AI generates complete document

Vendor contract review

Manual clause-by-clause reading

Minutes — AI flags risky clauses instantly

Cross-framework mapping

Spreadsheet with 500+ rows

Automatic — controls mapped across all frameworks

Compliance evidence tracking

Email chains + shared folders

Structured per-control evidence with auditor access

Audit management

Word docs + email back-and-forth

Dedicated auditor portal with checklist + PDF report

Risk quantification

Qualitative high/medium/low only

Monte Carlo simulation: ALE, SLE, P90, P95

Board reporting

Manual slides assembled monthly

Automated weekly PDF reports — 5 report types

Ready to replace your GRC spreadsheets?

14-day free trial. Full access to all 7 modules. No credit card required.

Start free trial See solutions by industry