Skip to content

@grcengineering GRC Engineering

Change the repository type filter

All

    Repositories list

    18 repositories

    • how-to-harden

      Public
      HCL
      MIT License
      32113Updated May 28, 2026May 28, 2026

    • gigachad-grc

      Public
      Open-source GRC platform for modern security teams. Manage compliance (SOC 2, ISO 27001, HIPAA), risk registers, vendor assessments, and audits—all in one place…
      engineeringrisktrust
      engineeringrisktrustcompliancegrcthird-partygovernancerisk-management
      TypeScript
      Other
      3812704Updated May 28, 2026May 28, 2026

    • daily-findings

      Public
      Daily Findings is a desktop GRC learning app with guided sessions, quizzes, progress tracking, and curated GRC news.
      desktop-apptrainingsecurity
      desktop-apptrainingsecuritynextjscompliancegrcgovernancerisk-managementtauri
      TypeScript
      11104Updated May 22, 2026May 22, 2026

    • nthpartyfinder

      Public
      Everyone is invited!
      Rust
      0103Updated May 18, 2026May 18, 2026

    • cheatsheet

      Public
      The GRC Engineering Cheat Sheet — cheatsheet.grc.engineering
      HTML
      1302Updated May 17, 2026May 17, 2026

    • OCEAN

      Public
      Rust
      11295Updated May 15, 2026May 15, 2026

    • companion

      Public
      The GRC Companion turns vendor reviews, audit walkthroughs, questionnaires, policy work, control discussions, and terminal output into learning loops. It runs w…
      compliancegrcgrc-engineering
      compliancegrcgrc-engineering
      Python
      MIT License
      62501Updated May 12, 2026May 12, 2026

    • awesome-grcengineering

      Public
      Awesome list of GRC Engineering tools, teachings, and resources — the content source for cheatsheet.grc.engineering
      0200Updated May 4, 2026May 4, 2026

    • grcengineering.github.io

      Public
      HTML
      765123Updated Apr 12, 2026Apr 12, 2026

    • cvm

      Public
      Credential Vending Machine — an STS broker that vends short-lived, scoped API credentials for platforms lacking native OIDC federation
      Rust
      0005Updated Apr 4, 2026Apr 4, 2026

    • security-grc-tools

      Public
      Go
      1301Updated Apr 2, 2026Apr 2, 2026

    • risk-register-templates

      Public
      Scripts for creating opinionated Risk Register structures in commonly used work management tools (Jira, Asana, etc.)
      0201Updated Apr 2, 2026Apr 2, 2026

    • open-security-training

      Public
      Interactive web-based cybersecurity and privacy training modules with SCORM support. Deployable as standalone HTML or LMS-integrated content.
      HTML
      12501Updated Apr 2, 2026Apr 2, 2026

    • open-security-policies-and-standards

      Public template
      Open source security policies and standards templates and GitOps workflows
      The Unlicense
      0401Updated Apr 2, 2026Apr 2, 2026

    • gnophish

      Public
      GnoPhish (NOH-phish) is a tool meant to raise awareness among people at an organization about phishing features and techniques so they can better spot, avoid, a…
      The Unlicense
      1201Updated Apr 2, 2026Apr 2, 2026

    • conduit

      Public
      Framework-agnostic evidence exchange protocol for third-party risk management. Inspired by STIX/TAXII and leveraging ASSURE controls for the Proof of Concept.
      Python
      0502Updated Apr 2, 2026Apr 2, 2026

    • community-security-controls

      Public
      An open source repository of community-maintained information security controls. Contains controls mapped to other frameworks as well as community best practice…
      The Unlicense
      0961Updated Apr 2, 2026Apr 2, 2026

    • assets

      Public
      Used for tracking assets in use for GRC Engineering's internet presence and other things
      0001Updated Apr 2, 2026Apr 2, 2026
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.