Our product · GRC platform

01GRC — compliance without the complexity.

01GRC is our governance, risk and compliance platform. We built it out of the work we do for clients every day — and to replace what GRC usually demands: spreadsheets, consultants and six-figure tools. It brings your entire programme into one place — risk register, controls, evidence, compliance dashboards, vendor risk, resilience and privacy — at a fraction of the cost and effort of legacy platforms, without compromising on rigour.

Visit 01grc.com Our compliance services

The problem

GRC shouldn't be a full-time job for half your team.

Traditional GRC tools were built for enterprises with armies of consultants and seven-figure budgets. For everyone else, that means risk registers and evidence scattered across spreadsheets, audits that eat a whole quarter, and a platform you need expensive specialists just to run.

01GRC consolidates the entire programme into one intelligent platform — purpose-built for efficiency, not enterprise lock-in.

See the full platform

Platform

Everything your team needs. Nothing they don't.

Ten-plus modules covering your whole GRC programme — here are the core ones. The full tour lives on the product site.

Risk register & assessment

Identify, score and track risks across the organisation with heat maps, ownership workflows and current status — all in one living register.

Control library & mapping

Pre-built control templates mapped to key frameworks. Reuse a single control across multiple programmes with 1:N mapping — no duplicate effort, ever.

Structured evidence management

Centralise documents, records, approvals and attestations and link them directly to controls — with a clear audit trail for every submission.

Compliance dashboards

Current posture by framework, by team and by control area. Replace quarterly slide decks with always-current dashboards your leadership can act on.

Vendor & third-party risk

Onboard vendors with built-in questionnaires. Track residual risk, contract dates and assessment status — with full visibility of your third-party exposure.

Policy management

Author, version, distribute and track acknowledgement of every policy — with the audit trail included by default, no separate document-management bolt-on.

Beyond the checklist

Where 01GRC goes further.

Most GRC tools stop at control lists and evidence uploads. 01GRC connects compliance to the business operations, data flows and resilience obligations regulators actually care about.

Business impact & dependency mapping

Map each business process to its assets and vendors, evaluate recovery tolerances (MTD, RTO, RPO), and surface dependency mismatches in diagrams built for leadership review.

Resilience & BCP exercises

Plan, run and document tabletop, simulation, failover and functional exercises — the tested continuity DORA, NIS2 and ISO 22301 require, with regulatory evidence in one place.

Data flows & live RoPA

Link personal data to the assets, processes, vendors and controls handling it. Your DPO gets a live, auditable view and can export the Article 30 RoPA at any time.

Product & practice, together

The platform, backed by the people who built it.

01GRC is a product you can run yourself — built and maintained by a working cybersecurity consultancy. Use it on its own, or pair it with our advisory and compliance services when you want hands-on support to certification and beyond.

Visit 01grc.com