A Compliance Self-Assessment Efficiency Tool
Getting Compliance Done
You know your compliance needs, let us help you deliver
What is GRC Playbook®?
GRC Playbook is a fully functional, and highly affordable, governance, risk, and compliance assessment, testing, and reporting efficiency tool.
Written in the C Sharp programming language, the GRC Playbook software runs on top of Microsoft Excel®, one of the most widely used office programs in the world.
Use GRC Playbook to perform risk-based, scalable, and highly cost-effective assessments, and generate automated presentation-ready reporting, to satisfy regulatory and corporate-mandated requirements – from rapid Gap Analyses (SAQs) to full-scale regulatory and COSO-type Risk and Control Matrix (RCM) assessments.
Risk Registers, Heatmaps, Dashboards, Status, and Gap Summaries automatically populate as the assessment data is entered into a Playbook and provides a rich and immediate one-click management reporting environment for individual assessment and globally for aggregated and consolidated reporting, as appropriate.
GRC Playbook is an ideal in-house corporate compliance self-assessment (SAQ) efficiency tool.
1
We know the regulations
We have over 35 years experience providing value-added GRC solutions to businesses world-wide
2
You know your business
You know your business’s changing compliance needs and the budgetary and regulatory challenges you face
2
3
We provide the templates
Our extensive and growing library of Playbook templates covers a broad range of legal and regulatory subject areas
4
You get the job done
Download a Playbook and confidently get your compliance-related mandates done, reviewed, and presented to your senior management and board
4
Based on Authoritative Sources
We ease the pain of your regulatory challenges by helping you to avoid:
Costly content preparation and validation, and the time-consuming development of presentation-ready reports and deliverables
Reputational damage from failed regulatory inspections
Adverse stakeholder actions resulting from the inability to demonstrate adequate compliance due diligence
Last-minute scrambles resulting from senior management and board-level requests for timely status reports on business-critical compliance issues
Adoption of GRC Playbook® could not be easier
Nobody wants to re-invent the wheel – Playbooks are pre-populated, scalable, and can be put to use immediately on download
Playbooks leverage the familiar Excel interface – minimal learning curve so you hit the ground running
Each Playbook is an editable Excel® template derived from authoritative sources hyperlinked directly into the Playbook
Playbooks allow you to demonstrate audit readiness and confidently respond to regulatory inquiries
How we support you
Pre Populated Templates
Each Playbook is a programmed Excel® template derived from authoritative sources hyperlinked directly into the Playbook.
Seamless Onboarding
We will work with you to ensure a seamless onboarding to get you up and running without delay.
Wraparound Support
We will be with you every step of the way, providing you with tailored service to support your compliance needs
Ongoing Updates
All updates and enhancements to the GRC Playbook software and Playbooks will be provided during your subscription period.
Some of Our Most Popular Playbook Templates
Internal Control over Financial Reporting (ICFR)
The Library of Core ICFR Playbooks addresses the following entity and transaction-level activities:
- Baseline Controls in Small Entities
- Entity Level Controls (Tone at the Top)
- Financial Statement Close and Reporting
- General Control Activities over Technology (ITGC)
- Information Technology Application Controls (ITAC)
- Systems Development Life Cycle (SDLC)
- Purchases Cycle (Procure-to-Pay)
- Revenue Cycle (Order-to-Cash)
- Payroll Cycle
- Inventory Cycle
- Treasury and Investments Cycle
- Commitment and Contingencies
- Taxes, and
- Shareholders' Equity
Information Technology (IT)
This Information Technology (IT) Library includes the following Playbooks:
- General Control Activities over Technology (ITGC)
- Information Technology Application Controls (ITAC)
- System Development Life Cycle (SDLC)
CyberSecurity
The Cybersecurity Library includes the following Playbooks:
- Cybersecurity Framework (NIST CSF) V1.1
- Cybersecurity Framework (NIST CSF) V2.0 DRAFT
- Ransomware Risk Management Framework (NIST)
- Basic Ransomware Protection and Recovery (NIST_JCA)
- Supply Chain Risk Management Baseline (NIST 800-53 Revision 5 and 800-53B)
- Cybersecurity Maturity Model (CMMC 2.0) Level 1 Foundational
- Cybersecurity Maturity Model (CMMC 2.0) Level 2 Advanced
- Cybersecurity Assessment Tool (CAT) Inherent Risk Profile Worksheet (FFIEC)
- Cybersecurity Assessment Tool (CAT) Baseline Assessment (FFIEC)
- Cybersecurity Preparedness and Operational Resiliency (SEC/OCIE)
- Cybersecurity (NYDFS NYCRR §500)
- Standards for Safeguarding Customer Information (GLBA/FTC)
Anti-Money Laundering, Counter-Terrorist Financing, and Sanctions
The Anti-Money Laundering, Counter-Terrorist Financing, and Sanctions Library includes the following Playbooks:
- Anti-Money Laundering and Counter-Terrorist Financing (FATF)
- BSA/AML-CP: BSA/AML Compliance Program
- BSA/AML-SARs: BSA/AML Suspicious Activity Reporting (SARs)
- BSA/AML-CIP: BSA/AML Customer Identification Program (CIP)
- BSA/AML-IS: BSA/AML Information Sharing
- BSA/AML-OFAC: BSA/AML Office of Foreign Assets Control (OFAC)
- BSA/AML Activity Monitoring and Filtering (NYDFS 23 NYCRR 504)
- OFAC-SCP: OFAC Sanctions Compliance Program (SCP)
Privacy and Data Protection
This Privacy and Data Protection Regulation Library includes the following GDPR and CCPA Playbooks:
- GDPR Controller
- GDPR Processor
- GDPR Information Security
- GDPR Direct Marketing
- GDPR Records Management
- GDPR Data Sharing, and
- GDPR CCTV Video Surveillance
- California Consumer Privacy Act (CCPA)
Anti-Bribery and Corruption
This Anti-Bribery and Corruption Library includes the following Playbook:
- Foreign Corrupt Practices Act (FCPA)
- Kleptocracy and Foreign Public Corruption (FinCEN), and
- The UK Bribery Act 2010.
Growth, Profitability, and Business Development
The Growth, Profitability, and Business Development Library includes the following Playbooks:
- Business Development Framework
- Profitable Revenue Growth:
- Acquiring New Customers
- Retaining and Growing Existing Customers, and
- Optimizing Pricing
Environmental, Social, and Governance (ESG)
This Environmental, Social, and Governance (ESG) Library includes the following Playbooks:
- Environmental, Social, and Governance (ESG)
- TCFD ESG Guidance
- SEC Climate-Related Disclosure Guidance
- ISS ESG Proxy Voting Guidelines
Corporate Compliance Program
The Corporate Compliance Program Playbook addresses the following:
- Design
- Adequately Resourced and Empowered to Function Effectively
-
Working in Practice
HIPAA Risk Assessment and Security Rule
The HIPAA Risk Assessment and Security Rule Assessment Playbook addresses the following HIPPA Security Rules:
- F1 – Risk Assessment
- F2 – Administrative Safeguards
- F3 – Physical Safeguards
- F4 – Technical Safeguards
- F5 – Organizational Requirements
- F6 – Policies, Procedures and Documentation Requirements
World-leading expert in Governance, Risk, and Compliance
Over 35 years of experience in solving your governance, risk, and compliance needs, condensed into one subscription.
-
Don’t reinvent the wheel
-
Wow your stakeholders
-
Give your business, regulators, and stakeholders the assurances they need
“We want to help you kick-start, and succesfully deliver, your governance, risk management and compliance mandates and initiatives.”
Kevin M. Hyams CPA, FCA, CFE
Some of the Subject Areas Included in Your GRC Playbook Subscription