Modular solutions that GROW with your business.
Continuum GRC’s ITAM management platform comes complete with a suite of features, support and services to help you with GRC assessments, policy development, and managing the complexities of enterprise security.
There are many reasons why Continuum GRC's ITAM assessment application is the top ranked governance, risk, and compliance solution for global businesses and service providers, but these are a few.

Enterprise Security
- Mandatory Multi-Factor Authentication
- Data, Disk and Session Encryption
- SAML SSO Integration
- Blockchain Cryptographic Chain-of-Custody Evidence Management
- Audit Logging, Session and Usage Alerts
- Multi-Tiered Role Based Access
- Full-Featured Account Management
- Accessibility Rules, Restrictions and Features
- FIPS 140-2 validated encryption
- FedRAMP High compliant

Dynamic Dashboards
- Consolidated Executive Review
- Compliance Status
- Risk Rating
- Maturity Rating
- Timeline Performance
- Real-Time Charts, Graphs and Maps
- 1000 Point Score Driven Report Palettes
- Dashboard Integrations
- Automatic Scores and Calculations
- Micro and Macro Reporting Graphics
- Real-Time Dashboards
- Data Trigger Logic Reporting

Document Generation
- Rapid Document Generation
- Blockchain Cryptographic Chain-of-Custody Evidence Management
- Customizable Templates
- Excel, Word, CSV Spreadsheet, PDF, and TXT Document Output
- Easy Branding and Formatting
- Complex Auto Mapping-Cross Module Synchronizations
- Robust Document Management

Advanced Communications
- 26 languages supported
- Workflow Reporting and Scheduling
- Task Aging and Reminders
- Messaging Automation
- Administrative Notifications
- Communication Scheduling and Reminders
- Advanced Message Formatting
- Event Trigger Logic Multi-Tiered Messaging
- External Messaging Integrations

Easy Automation
- Auto Mapping Between Standards
- Workflow Management
- Show-Hide Logic
- Conditional Logic Event Triggers
- Intuitive Event Driven Form Navigation
- Action Triggered Notifications
- Dynamic Form Expansion and Contractions
- External Application Logic Integrations

Creativity Tools
- Drag-n-Drop Build Tools
- Form Cascading and Smart Linkages
- 23+ Flexible Form Field Elements
- Video, Animations, Static Graphics, and RSS Syndication
- Rich Text
- International Languages and Currency Support
- No Programming Required
- Brand, Theme, and White-Label Ready
- Global CSS Control

Integrations and Connectivity
- Access Management with AWS, Microsoft, Google, Okta, Ping, and more
- Vulnerability and Penetration Tools with Saint, Tenable, and more
- Project Reporting and Status with JIRA, Wrike, and more
- Forms, CRM, and Surveys with Survey Monkey, Mailchimp, Salesforce, and more
- Documents, Calendars, and Scheduling with Sheets, Google Calendar, and more
- 100's of other mission-critical business applications using our integration tools
- Boolean Logic Application Connectors
- Webhook Enabled
- Automatically Provisioned Connector Code
- Import-Export Data Management

Innovations and Agility
- Patent Pending
- Day-One Availability and Productivity
- Paradigm Shifting Assessment Methodology
- Industry Disrupting Technology
- Rapid Customization Capabilities
- Customer-Friendly Innovation Support
- Extensive Enhancement Pipeline
- Robust Customer Community
Select your subscription options

Select the Modules You Need.
- Audit & Compliance Framework Modules
- Risk Assessment & Management Modules
- Governance & Policy Development Modules
- Custom created modules

Select the Access You Need
- How many users do you need?
- How many administrators do you need?
- How many examiners do you need?
- Will you manage multiple customers or internal departments in your Continuum GRC system?
- Do you only need access to use the Continuum GRC modules without system administrative access?

Select the Hosting Security You Need
- Organizations with Federal and or CUI data, will need FedRAMP certified AWS GovCloud hosting, otherwise AWS hosting is just right.
- Do you need a dedicated Continuum GRC system, or just access to use our modules?
Select the modules you need

Audit & Compliance
Continuum GRC has auto mapped the world's standards and frameworks seamlessly together. These are the most commonly requested modules, but certainly not our entire inventory!
- FedRAMP
- PCI ROC & SAQ
- SSAE 18 SOC 1, & SOC 2
- CONMON
- POA&M
- CSF
- CJIS
- DFARS NIST 800-171
- CMMC
- C5
- ISO 27001, 27005, 27017, 27018
- HIPAA NIST 800-66
- NIST 800-53
- NERC CIP & 693
- COSO
- SEC, NFA, & FINRA
- CIS
- CTPAT
- Cyber Essentials
- FDA 21
- FIPS
And so many more!

Risk Assessment & Management
All of our Continuum GRC modules calculate risk and maturity, but these modules are specifically aligned to common industry standards.
- NIST 800-30
- NIST 800-37
- ISO/IEC 27005
- COSO ERM
- Third-Party Risk Assessments
- Vendor Risk Assessments
- Physical Security Risk Assessments
- Site Visit Risk Assessments
And so many more!

Privacy
Identify your organization’s privacy protection risks against any legislative, regulatory requirements, or international best practices leveraging our patent pending automation, all the while cross mapping to your compliance requirements.
Modules include:
- GDPR
- CCPA
- DPIA
And so many more!

Governance & Policies
Our extensive library of customizable policy templates includes, but is not limited to the following documents.
- Information Systems and Technology Security Charter
- Information Systems and Technology Security Policy
- Asset Identification and Classification Standard
- Asset Protection Standard
- Asset Management Standard
- Acceptable Use Standard
- Vulnerability Assessment and Management Standard
- Threat Assessment and Monitoring Standard
- Security Awareness Standard
And so many more!
These are popular policy suites that are custom created to comply with these common standards.
- AICPA SOC Compliant Policy Suite - Do It Yourself ($1,649 USD)
- ISO 27001 Compliant Policy Suite - Do It Yourself ($1,699 USD)
- FedRAMP-FISMA Compliant Policy Suite - Do It Yourself ($2,799 USD)
- PCI Compliant Policy Suite - Do It Yourself ($1,649 USD)
- HIPAA Compliant Policy Suite - Do It Yourself ($1,799 USD)
You will be redirected to the Policy Machine by selecting any of these options.
Select the subscription size you need

Service Provider Solutions
- With our 1+1 administrative access subscriptions, scale as your business grows.
- Manage as many client customers in your Continuum GRC portal as needed.
- Manage as many groups or teams in your Continuum GRC portal as needed.
- Continuum GRC modules will accommodate as many internal teams as you need to scale to.
- Incrementally add users, administrators, assessors, auditors, and modules to your Continuum GRC system.
- Easily custom create purpose-built modules, questionnaires, forms, workflows, notification processes, custom dashboards, and leverage the many powerful system features in your dedicated Continuum GRC system.
- Access to certified professionals who provide consulting support for programs such as FedRAMP, SOC 1, SOC 2, PCI ROC & SAQ, ISO 27001, HIPAA, CJIS, NIST 800-53, and many more.
Annual Subscriptions


Enterprise Solutions
- Leverage the 1+1 administrative access subscriptions and scale to your organization's needs.
- Manage as many enterprise groups or teams in your Continuum GRC portal as needed.
- Continuum GRC modules will accommodate as many internal teams as you need to scale to.
- Incrementally add users, administrators, and modules to your Continuum GRC system.
- Easily custom create purpose-built modules, questionnaires, forms, workflows, notification processes, custom dashboards, and leverage the many powerful system features in your dedicated Continuum GRC system.
Annual Subscriptions


DIY Solutions
- Select from the many Audit & Compliance modules
- Choose from our Risk Assessment & Risk Management modules
- Customize the Governance & Policy Development packages for your requirements
- Custom Continuum GRC created, purpose-built modules, questionnaires, forms, workflows, notification processes, and dashboards managed by the Continuum GRC team.
- Access to certified professionals who provide consulting support for programs such as FedRAMP, SOC 1, SOC 2, PCI ROC & SAQ, ISO 27001, HIPAA, CJIS, NIST 800-53, and many more.
Annual Subscriptions


Customer Support
- Online Continuum GRC Service Manager available to all subscribers
- Call +1 (888) 896-6207 for Continuum GRC customer service
- Online Continuum GRC knowledge base for all subscribers
- Online Continuum GRC Administration Manual for all subscribers with dedicated hosting
- Dedicated Service Agent for all subscribers with dedicated hosting

Setup
- *24-Hour availability for all independent module subscriptions in our inventory
- *24-Business Hour availability for all AWS dedicated hosting subscriptions
- *96-Business Hour availability for all AWS GovCloud dedicated hosting subscriptions
- *Rapid turn-around on all custom created and standards-based modules created by the Continuum GRC team
* Setup times may vary depending on the nature of special requests, hosting provider availability, government restrictions, and other unforeseen circumstances.

Training & Orientation
- Online Continuum GRC training videos and literature available to all subscribers
- Online Continuum GRC Orientation videos and literature available to all subscribers with dedicated hosting
- Virtual Continuum GRC 2-Day Boot Camp options for all subscribers with dedicated hosting
- On-site Continuum GRC 2-Day Boot Camp options for all subscribers with dedicated hosting
- On-demand time and materials-based Continuum GRC Consulting sessions

Certification Options
- (CGRCP) Continuum GRC Professional: The certification for auditors, examiners, assessors, and anyone who must demonstrate the understanding and application of GRC principles and practices.
- (CGRCA) Continuum GRC Administrator: The certification for Continuum GRC administrators who support enterprise and managed service providers GRC requirements.