Your comprehensive Governance, Risk & Compliance resource center featuring tools and information for regulatory compliance management
Central hub and overview of all GRC tools and resources available on OpenGRC Info. Your starting point for governance, risk, and compliance management.
Visit Main Page →Important legal information, terms of use, disclaimer, and liability limitations for the OpenGRC Info platform and its tools.
View Disclaimer →Collection of additional utilities and miscellaneous tools to support various GRC activities and general security tasks.
Visit Utilities Hub →Security utility for generating and verifying password hashes using various cryptographic algorithms for secure password management and verification.
Use Password Hash Tool →Visual canvas and diagramming tools for creating compliance diagrams, process flows, and visual representations of GRC frameworks.
Open Canvas Tools →Action management and workflow tools for tracking compliance tasks, managing remediation activities, and organizing GRC workflows.
Open Action Management →Network and Information Systems Security Directive (NIS-2) main hub with comprehensive resources for EU cybersecurity compliance and critical infrastructure protection.
Visit NIS-2 Hub →Comprehensive visual mindmap showing the general structure, requirements, and key components of the NIS-2 Directive for easy understanding and navigation.
View General Mindmap →Specialized mindmap based on ENISA (European Union Agency for Cybersecurity) guidance and recommendations for NIS-2 implementation.
View ENISA Mindmap →Comprehensive gap analysis tool to assess current cybersecurity posture against NIS-2 requirements and identify areas needing improvement.
Perform Gap Analysis →Business Impact Analysis methodology specifically designed for NIS-2 compliance, helping organizations understand the potential impact of cyber incidents.
Learn BIA Methodology →Practical checklist for conducting Business Impact Analysis under NIS-2 requirements, ensuring all critical aspects are properly evaluated.
Use BIA Checklist →Technical system analysis tool for evaluating IT systems and infrastructure against NIS-2 cybersecurity requirements and standards.
Analyze Systems →Detailed mapping tool showing how NIS-2 requirements align with existing cybersecurity frameworks and standards for comprehensive compliance management.
View Requirements Mapping →Comprehensive audit framework and guidelines for conducting NIS-2 compliance audits, including checklists and evaluation criteria.
Access Audit Framework →Asset inventory and management tool specifically designed for NIS-2 compliance, helping organizations catalog and protect critical digital assets.
Manage Asset Inventory →Strategic roadmap and project planning tool for implementing NIS-2 compliance requirements in a structured and manageable approach.
Create Implementation Roadmap →Advanced filtering tool for searching and organizing NIS-2 requirements by sector, size, or specific compliance needs.
Filter Requirements →General Data Protection Regulation main hub with comprehensive resources for data protection compliance and privacy management.
Visit GDPR Hub →Comprehensive overview of all GDPR deadlines and timing requirements for data subject requests, breach notifications, and compliance obligations.
View GDPR Deadlines →Technical and Organizational Measures (TOM) generator for creating comprehensive documentation of data protection measures required under GDPR.
Generate TOM Documentation →Payment Card Industry Data Security Standard hub with resources for secure payment processing and card data protection compliance.
Visit PCI DSS Hub →Comprehensive glossary of PCI DSS abbreviations, terms, and definitions to help understand payment security terminology and requirements.
Browse PCI Abbreviations →Artificial Intelligence governance and ethics hub covering EU AI Act compliance, responsible AI implementation, and AI risk management frameworks.
Visit AI Governance Hub →State of the Art assessment hub for evaluating technical standards and determining appropriate security measures according to current best practices.
Visit SotA Hub →Practical assessment tool for evaluating whether security measures meet the current state of the art in technology and best practices.
Use SotA Assessment Tool →ISO 27000 series Information Security Management System hub with tools and resources for implementing and maintaining ISMS according to international standards.
Visit ISO 27k Hub →Statement of Applicability (SOA) generator for creating comprehensive documentation of applicable ISO 27001 controls and their implementation status.
Generate SOA Document →General Governance, Risk, and Compliance hub with cross-cutting tools, training programs, and resources applicable across multiple regulations and frameworks.
Visit GRC Hub →Administrative commitment generator for creating formal management declarations and commitment statements for various compliance frameworks and security programs.
Generate Admin Commitment →Comprehensive glossary of Governance, Risk, and Compliance terms, definitions, and concepts to help understand GRC terminology and frameworks.
Browse GRC Terms →Comprehensive GDPR training program covering data protection principles, compliance requirements, and practical implementation guidance for organizations and individuals.
Start GDPR Training →Comprehensive cybersecurity training program covering security fundamentals, threat awareness, and best practices for organizational cybersecurity programs.
Start Cybersecurity Training →Comprehensive legal and regulatory register for tracking applicable laws, regulations, and compliance requirements across different jurisdictions and industries.
Access Legal Register →Specialized commitment generator for creating GDPR-specific management declarations and organizational commitment statements for data protection compliance.
Generate GDPR Commitment →Comprehensive risk assessment and management tool for identifying, analyzing, and evaluating risks across various compliance frameworks and business processes.
Use Risk Assessment Tool →Comprehensive training program covering the EU AI Act requirements, artificial intelligence governance, and compliance obligations for AI systems and providers.
Start AI Act Training →