We have prepared an overview and comparison of SGRC solutions presented on the Russian information security market. There are not many vendors working in this direction, so 5 "players" will participate in the review while the three of them are domestic.
First, we recall that the term SGRC stands for Security Governance, Risk Management and Compliance”. SGRC platforms, according to their names, solve the following problems:
- Governance - information security management with automation processes for asset management, vulnerabilities, documents, tasks, standards, as well as the ability to visualize the state of information security and create reports.
- Risk Management - cyber risk management with automation of a risk-based approach to information security aimed at an economically justified choice of optimal security measures that minimize the identified and calculated risks.
- Compliance - ensuring compliance with legislation, industry and internal standards and requirements (compliance), with the ability to conduct audits and provide reports and results.
Read also...
April 23, 2025
Analytical comparison of Russian SGRC (Security Governance, Risk and Compliance) systems
April 23, 2025
Analytical comparison of Russian vulnerability management products
April 23, 2025
Review of tools for SOC centers
Oct. 10, 2022
Announcing the 13th Oxford Dysfluency Conference: Back to the Future
July 1, 2022
Early Bird Discount Ends Soon