Frequently Asked Questions

The co-founders are a father-daughter team collaborating to make a highly affordable and well-proven self-assessment compliance efficiency tool available to the compliance market. Anyone with a PC and Microsoft Excel can use it. Kevin Hyams is the CEO of GRC Playbook. Kevin is a Chartered Accountant, CPA, and Certified Fraud Examiner with 35 years of experience producing efficiency tools for major multinationals and Big 4 accounting firms. Michali Hyams is the COO of GRC Playbook. She is a policy and advocacy specialist with a graduate diploma in law and an M.Phil from Trinity College Dublin.

Our product has global and universal applicability.

GRC Playbook is a fully functional governance risk and compliance assessment and reporting delivery efficiency tool embedded in Microsoft Excel^®.

GRC Playbook is a cost-effective, risk based compliance assessment solution optimized for efficiency and clearly focused on satisfying stakeholder needs. GRC Playbook leverages the familiar Excel interface and is easy to use and quick to learn.

It runs on top of Microsoft Excel^®, one of the most widely used office programs in the world.

GRC Playbook has been designed with efficiency and ease of use at its core, integrating lean and agile methodologies and facilitating scalable and highly cost-effective assessments and reporting to satisfy regulatory and corporate mandated requirements – from rapid Gap Analyses to full scale COSO type Risk and Control Matrix (RCM) assessments.

Automated Risk Registers, Heatmaps, Dashboards, Status and Gap Summaries, provide a rich and immediate one-click management reporting environment for individual assessment and globally for aggregated and consolidated reporting, as appropriate. 

GRC Playbook is an ideal consulting delivery and business development tool, and an in-house corporate compliance control self-assessment efficiency tool.

The contents of the Playbooks are derived from authoritative source materials so that accountants can increase the scope of their consulting work without the need to do specialist research on the topics covered by our modules. The authoritative guidance is hyperlinked straight into the Playbook.

GRC Playbook enhances your reputation and profile by establishing your firm as a “full-service” organization in the eyes of clients and prospects.

With our innovative software solution and extensive library of Playbooks, GRC Playbook provides subscribers with the ability to offer value-added services that can command higher fees and can be value-billed. The out of the box, ready to go appeal of our subscription allows firms a business development alternative to audit and other attest engagements for non-attest clients which allows for lower-risk, lower-exposure engagements (working with and supporting management)  that deepens their relationship with owners, directors, principals, officers and senior management of their client organizations.

We have done the hard work so they don’t have to.

Consultants will be able to offer and deliver to their clients a full range of additional services –  assessing and reporting on compliance with, for example:

• Internal Control over Financial Reporting
• Cyber Security
• Privacy and Data Protection
• Corporate Compliance Program
• Anti-Bribery and Corruption
• Anti-Money Laundering and Sanctions
• SOC 1 and 2
• Growth, profitability and Business Development
• Etc.,

Our Playbooks, which are Smart Excel^® Templates, address the financial (ICFR), operational (growth, profitability and process improvement) and regulatory compliance mandates facing individuals and organizations of all sizes and industries world-wide.  Each Playbook is a fully loaded Excel^® template derived from authoritative sources hyperlinked directly into the Playbook.  Our current library of Playbooks includes:

• Growth, Profitability and Business Development
• Internal Control over Financial Reporting (ICFR)
• Cybersecurity Framework (NIST CSF)
• Cybersecurity Maturity Model (CMMC 2.0) Level 1 Foundational
• Cybersecurity Maturity Model (CMMC 2.0) Level 2 Advanced
• Cybersecurity Assessment Tool (CAT) Inherent Risk Profile Worksheet (FFIEC)
• Cybersecurity Assessment Tool (CAT) Baseline Assessment (FFIEC)
• Cybersecurity Preparedness and Operational Resiliency (SEC/OCIE)
• Cybersecurity (NYDFS NYCRR §500)
• Standards for Safeguarding Customer Information (GLBA/FTC)
• Cryptocurrency Security
• Corporate Compliance Program
• HIPAA Risk Assessment and Security Rule
• Standards for Safeguarding Customer Information (GLBA FTC Part 314)
• Anti-Bribery and Corruption (ABC) – FCPA
• SOC 2^® for Service Organizations
• Privacy and Data Protection (GDPR; CCPR; etc.,)
• Anti-Money Laundering and Sanctions
• NYSDFS Cybersecurity, Transaction Monitoring and Virtual Currencies
• Controls at a Qualified Custodian (Investment Advisers Act of 1940 – Rule 206(4)-2)

Our Playbooks, which are Smart Excel^® Templates, address the financial (ICFR), operational (growth, profitability and process improvement) and regulatory compliance mandates facing individuals and organizations of all sizes and industries world-wide.  Each Playbook is a fully loaded Excel^® template derived from authoritative sources hyperlinked directly into the Playbook.  

GRC Playbook has been designed with efficiency and ease of use at its core, integrating lean and agile methodologies and facilitating scalable and highly cost-effective assessments and reporting to satisfy regulatory and corporate mandated requirements – from rapid Gap Analyses to full scale COSO type Risk and Control Matrix (RCM) assessments.

Automated Risk Registers, Heatmaps, Dashboards, Status and Gap Summaries, provide a rich and immediate one-click management reporting environment for individual assessment and globally for aggregated and consolidated reporting, as appropriate. 

GRC Playbook is an ideal consulting delivery and business development tool, and an in-house corporate compliance control self-assessment efficiency tool.

Playbooks are immediately downloadable, giving you the functionality and efficiency you need to complete, report on, and deliver scalable assessments. 

Everything you need to get the job done, on a platform you already know.