Skip to content

@grcengineering GRC Engineering

Change the repository type filter

All

    Repositories list

    18 repositories

    • gigachad-grc

      Public
      Open-source GRC platform for modern security teams. Manage compliance (SOC 2, ISO 27001, HIPAA), risk registers, vendor assessments, and audits—all in one place…
      engineeringrisktrust
      engineeringrisktrustcompliancegrcthird-partygovernancerisk-management
      TypeScript
      Other
      3913917Updated Jun 29, 2026Jun 29, 2026

    • how-to-harden

      Public
      HCL
      MIT License
      42313Updated Jun 29, 2026Jun 29, 2026

    • nthpartyfinder

      Public
      Everyone is invited!
      Rust
      MIT License
      0107Updated Jun 29, 2026Jun 29, 2026

    • daily-findings

      Public
      Daily Findings is a desktop GRC learning app with guided sessions, quizzes, progress tracking, and curated GRC news.
      desktop-apptrainingsecurity
      desktop-apptrainingsecuritynextjscompliancegrcgovernancerisk-managementtauri
      TypeScript
      11204Updated Jun 19, 2026Jun 19, 2026

    • cheatsheet

      Public
      The GRC Engineering Cheat Sheet — cheatsheet.grc.engineering
      HTML
      1502Updated May 17, 2026May 17, 2026

    • OCEAN

      Public
      Rust
      11395Updated May 15, 2026May 15, 2026

    • companion

      Public
      The GRC Companion turns vendor reviews, audit walkthroughs, questionnaires, policy work, control discussions, and terminal output into learning loops. It runs w…
      compliancegrcgrc-engineering
      compliancegrcgrc-engineering
      Python
      MIT License
      62801Updated May 12, 2026May 12, 2026

    • awesome-grcengineering

      Public
      Awesome list of GRC Engineering tools, teachings, and resources — the content source for cheatsheet.grc.engineering
      3301Updated May 4, 2026May 4, 2026

    • grcengineering.github.io

      Public
      HTML
      769123Updated Apr 12, 2026Apr 12, 2026

    • cvm

      Public
      Credential Vending Machine — an STS broker that vends short-lived, scoped API credentials for platforms lacking native OIDC federation
      Rust
      0005Updated Apr 4, 2026Apr 4, 2026

    • security-grc-tools

      Public
      Go
      1401Updated Apr 2, 2026Apr 2, 2026

    • risk-register-templates

      Public
      Scripts for creating opinionated Risk Register structures in commonly used work management tools (Jira, Asana, etc.)
      0301Updated Apr 2, 2026Apr 2, 2026

    • open-security-training

      Public
      Interactive web-based cybersecurity and privacy training modules with SCORM support. Deployable as standalone HTML or LMS-integrated content.
      HTML
      23601Updated Apr 2, 2026Apr 2, 2026

    • open-security-policies-and-standards

      Public template
      Open source security policies and standards templates and GitOps workflows
      The Unlicense
      0501Updated Apr 2, 2026Apr 2, 2026

    • gnophish

      Public
      GnoPhish (NOH-phish) is a tool meant to raise awareness among people at an organization about phishing features and techniques so they can better spot, avoid, a…
      The Unlicense
      1201Updated Apr 2, 2026Apr 2, 2026

    • conduit

      Public
      Framework-agnostic evidence exchange protocol for third-party risk management. Inspired by STIX/TAXII and leveraging ASSURE controls for the Proof of Concept.
      Python
      0602Updated Apr 2, 2026Apr 2, 2026

    • community-security-controls

      Public
      An open source repository of community-maintained information security controls. Contains controls mapped to other frameworks as well as community best practice…
      The Unlicense
      0961Updated Apr 2, 2026Apr 2, 2026

    • assets

      Public
      Used for tracking assets in use for GRC Engineering's internet presence and other things
      0001Updated Apr 2, 2026Apr 2, 2026
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.