eGRC - Management System

the intelligent, integrated and automated GRC software solution for your company!
The Data-Driven-Solution "embedded GRC" (short form: eGRC) is the core product of GORISCON GmbH and enables companies of any size and industry a targeted and efficient implementation in different areas such as Information Security, Data Protection and Risk Management through IT-supported processes.

We offer a common database, so that your previous standards, guidelines and assessments are linked and you gain quality and time as a result. This enables you to identify and manage your risks at any time.

With eGRC, you can bring transparency and security to your company.



Saves time

eGRC significantly reduces centralization and implementation through its integrated workflow and provision of ready-to-use templates.

Leverage automation

eGRC automates all workflows your company faces in an implementation or lifecycle.

Easy to customise

GORISCON provides eGRC with various requirements such as ISO 27001, GDPR, KRITIS, and more. However, it is not limited to these requirements alone. Customers can personlise and add requirements that correspond to their internal risk framework.


eGRC is an audit-ready solution and gives auditors a central overview of how Information Security and Data Protection are managed in the organisation.

ISO/IEC 27005 Based Risk Assessment

The Risk Assessment module meets all requirements of the ISO/IEC 27005 risk assessment standard. We guarantee our customers that the risk assessment process in eGRC more than meets industry best practices.

Supported norms and standards:

  • BSI basic protection
  • NIST
ISO standards:
  • ISO/IEC 27001 - Information Security Management System(ISMS)
  • ISO/IEC 27005 - IT Rik Analysis & Risk Management
  • ISO 9001 - Quality Management
  • ISO 14001 - Environmental Management
  • ISO 31000 - Risk Management
  • ISO 80001 - Risk Management for Networked Medical Technology

Industry standards:

Financial Services Industry:
  • MaRisk
  • DORA / EBA Guidelines
  • B3S