There are many reasons why Continuum GRC's ITAM assessment application is the top ranked governance, risk, and compliance solution for global businesses and service providers, but these are a few.

Enterprise Security

• Mandatory Multi-Factor Authentication
• Data, Disk and Session Encryption
• SAML SSO Integration
• Blockchain Cryptographic Chain-of-Custody Evidence Management
• Audit Logging, Session and Usage Alerts
• Multi-Tiered Role Based Access
• Full-Featured Account Management
• Accessibility Rules, Restrictions and Features
• FIPS 140-2 validated encryption
• FedRAMP High IL5-ready
• FedRAMP Authorized

Dynamic Dashboards

• Consolidated Executive Review
• Compliance Status
• Risk Rating
• Maturity Rating
• Task and Deliverable Reports
• Gap Reports
• Timeline Performance
• Real-Time Charts, Graphs and Maps
• 1000 Point Score Driven Report Palettes
• Dashboard Integrations
• Automatic Scores and Calculations
• Micro and Macro Reporting Graphics
• Real-Time Dashboards
• Data Trigger Logic Reporting

Document Generation

• Rapid Document Generation
• Blockchain Cryptographic Chain-of-Custody Evidence Management
• Digital Signatures
• Audit Mode Change Control
• Change Detection Indicators
• Customizable Templates
• Template Management
• Multipart Excel, Word, CSV Spreadsheet, PDF, and TXT Document Output (POA&M, SSP, etc.)
• Easy Branding and Formatting
• Complex Auto Mapping-Cross Module Synchronizations
• Robust Document Management

Advanced Communications

• 26 languages supported
• Workflow Reporting and Scheduling
• Task Aging and Reminders
• Messaging Automation
• Administrative Notifications
• Communication Scheduling and Reminders
• Advanced Message Formatting
• Event Trigger Logic Multi-Tiered Messaging
• External Messaging Integrations
• Event Trigger Notifications and Redirections

Easy Automation

• Auto Mapping Between Standards
• Auto Mapping with Custom Forms
• Workflow Management
• Change Control Indicator Triggers
• Show-Hide Logic
• Conditional Logic Event Triggers
• Intuitive Event Driven Form Navigation
• Action Triggered Notifications
• Dynamic Form Expansion and Contractions
• External Application Logic Integrations
• Risk Registry, Control Flagging and Iconic Tagging

Creativity Tools

• Drag-n-Drop Build Tools
• Form Cascading and Smart Linkages
• 23+ Flexible Form Field Elements
• Video, Animations, Static Graphics, and RSS Syndication
• Advertising and Notification Slider and Pop-ups
• Rich Text
• International Languages and Currency Support
• No Programming Required
• Brand, Theme, and White-Label Ready
• Global CSS Control

Integrations and Connectivity

• Access Management with AWS, Microsoft, Google, Okta, Ping, and more
• Vulnerability and Penetration Tools with Saint, Tenable, and more
• Project Reporting and Status with JIRA, Wrike, and more
• Forms, CRM, and Surveys with Survey Monkey, Mailchimp, Salesforce, and more
• Documents, Calendars, and Scheduling with Sheets, Google Calendar, and more
• 100's of other mission-critical business applications using our integration tools
• Boolean Logic Application Connectors
• Webhook Enabled
• Automatically Provisioned Connector Code
• Import-Export Data Management

Innovations and Agility

• Patent Pending
• Day-One Availability and Productivity
• Paradigm Shifting Assessment Methodology
• Industry Disrupting Technology
• Rapid Customization Capabilities
• Customer-Friendly Innovation Support
• Extensive Enhancement Pipeline
• Robust Customer Community

Select your subscription options

Continuum GRC is a modular solution. DIY solutions do not require administrative access, while Enterprise and MSP solutions do. Enterprise options are designed for one company, whereas MSP options are designed for managing many customers.

Select the Modules You Need.

With hundreds to choose from  within these categories, you are sure to find the solution you need.

• Audit & Compliance Framework Modules
• Risk Assessment & Management Modules
• Governance & Policy Development Modules
• Custom created modules

Select the Access You Need

Only Enterprise and MSP solution options require administrative access. DIY solutions do not.

• How many users do you need?
• How many administrators do you need?
• How many examiners do you need?
• Will you manage multiple customers or internal departments in your Continuum GRC system?
• Do you only need access to use the Continuum GRC modules without system administrative access?

Select the Hosting Security You Need

• Organizations with Federal and or CUI data, will need FedRAMP certified AWS GovCloud hosting, otherwise AWS hosting is just right.
• Do you need a dedicated Continuum GRC system, or just access to use our modules?

Select the subscription size you need

Service Provider Solutions

• With our 1+1 administrative access subscriptions, scale as your business grows.
• Manage as many client customers in your Continuum GRC portal as needed.
• Manage as many groups or teams in your Continuum GRC portal as needed.
• Continuum GRC modules will accommodate as many internal teams as you need to scale to.
• Incrementally add users, administrators, assessors, auditors, and modules to your Continuum GRC system.
• Easily custom create purpose-built modules, questionnaires, forms, workflows, notification processes, custom dashboards, and leverage the many powerful system features in your dedicated Continuum GRC system.
• Access to certified professionals who provide consulting support for programs such as FedRAMP, SOC 1, SOC 2, PCI ROC & SAQ, ISO 27001, HIPAA, CJIS, NIST 800-53, and many more.

Enterprise Solutions

• Leverage the 1+1 administrative access subscriptions and scale to your organization's needs.
• Manage as many enterprise groups or teams in your Continuum GRC portal as needed.
• Continuum GRC modules will accommodate as many internal teams as you need to scale to.
• Incrementally add users, administrators, and modules to your Continuum GRC system.
• Easily custom create purpose-built modules, questionnaires, forms, workflows, notification processes, custom dashboards, and leverage the many powerful system features in your dedicated Continuum GRC system.

DIY Solutions

• Select from the many Audit & Compliance modules
• Choose from our Risk Assessment & Risk Management modules
• Customize the Governance & Policy Development packages for your requirements
• Custom Continuum GRC created, purpose-built modules, questionnaires, forms, workflows, notification processes, and dashboards managed by the Continuum GRC team.
• Access to certified professionals who provide consulting support for programs such as FedRAMP, SOC 1, SOC 2, PCI ROC & SAQ, ISO 27001, HIPAA, CJIS, NIST 800-53, and many more.

Select the modules you need

Audit & Compliance

Continuum GRC has auto mapped the world's standards and frameworks seamlessly together. These are the most commonly requested modules, but certainly not our entire inventory!

• FedRAMP
• StateRAMP
• EUCS
• PCI ROC & SAQ
• SSAE 18 SOC 1, & SOC 2
• CONMON
• POA&M
• CSF
• CJIS
• DFARS NIST 800-171
• CMMC
• C5
• ISO 27001, 27005, 27017, 27018, 17020, 17021
• HIPAA NIST 800-66
• NIST 800-53
• NERC CIP & 693
• COSO
• SEC, NFA, & FINRA
• CIS
• CTPAT
• Cyber Essentials
• FDA 21
• FIPS

And so many more!

Risk Assessment & Management

All of our Continuum GRC modules calculate risk and maturity, but these modules are specifically aligned to common industry standards.

• NIST 800-30
• NIST 800-37
• ISO/IEC 27005
• COSO ERM
• Third-Party Risk Assessments
• Vendor Risk Assessments
• Physical Security Risk Assessments
• Site Visit Risk Assessments

And so many more!

Privacy

Identify your organization’s privacy protection risks against any legislative, regulatory requirements, or international best practices leveraging our patent pending automation, all the while cross mapping to your compliance requirements.

Modules include:

• GDPR
• CCPA
• DPIA

And so many more!

Governance & Policies

Our extensive library of customizable policy templates includes, but is not limited to the following documents.

• Information Systems and Technology Security Charter
• Information Systems and Technology Security Policy
• Asset Identification and Classification Standard
• Asset Protection Standard
• Asset Management Standard
• Acceptable Use Standard
• Vulnerability Assessment and Management Standard
• Threat Assessment and Monitoring Standard
• Security Awareness Standard

And so many more!

These are popular policy suites that are custom created to comply with these common standards.

• AICPA SOC Compliant Policy Suite - Do It Yourself ($1,649 USD)
  
  
• ISO 27001 Compliant Policy Suite - Do It Yourself ($1,699 USD)
  
  
• FedRAMP-FISMA Compliant Policy Suite - Do It Yourself ($2,799 USD)
  
  
• PCI Compliant Policy Suite - Do It Yourself ($1,649 USD)
  
  
• HIPAA Compliant Policy Suite - Do It Yourself ($1,799 USD)

You will be redirected to the Policy Machine by selecting any of these options.

Customer Support

• Online Continuum GRC Service Manager available to all subscribers
• Call +1 (888) 896-6207 for Continuum GRC customer service
• Online Continuum GRC knowledge base for all subscribers
• Online Continuum GRC Administration Manual for all subscribers with dedicated hosting
• Dedicated Service Agent for all subscribers with dedicated hosting
• Monday through Friday, 9AM MNT to 5PM MNT online support for subscribers without dedicated hosting

Setup

• *24-Hour availability for all independent module subscriptions in our inventory
• *24-Business Hour availability for all AWS dedicated hosting subscriptions
• *96-Business Hour availability for all AWS GovCloud dedicated hosting subscriptions
• *Rapid turn-around on all custom created and standards-based modules created by the Continuum GRC team

* Setup times may vary depending on the nature of special requests, hosting provider availability, government restrictions, and other unforeseen circumstances.

Training & Orientation

• Online Continuum GRC training videos and literature available to all subscribers
• Online Continuum GRC Orientation videos and literature available to all subscribers with dedicated hosting
• Virtual Continuum GRC 2-Day Boot Camp options for all subscribers with dedicated hosting
• On-site Continuum GRC 2-Day Boot Camp options for all subscribers with dedicated hosting
• On-demand time and materials-based Continuum GRC Consulting sessions

Certification Options

• (CGRCP) Continuum GRC Professional: The certification for auditors, examiners, assessors, and anyone who must demonstrate the understanding and application of GRC principles and practices.
• (CGRCA) Continuum GRC Administrator: The certification for Continuum GRC administrators who support enterprise and managed service providers GRC requirements.