SMACK GRC Solutions

SMACK GRC is an Enterprise GRC solution created to meet the needs of the 3 lines of assurance. It provides a solution to manage your GRC requirements making those in risk, compliance and controls more efficient and effective in their positions. Created by risk, audit and compliance professionals, SMACK GRC offers a product with the functionality our team has always desired in a GRC tool.

Solutions for GRC

SMACK GRC is an Enterprise GRC solution created to meet the needs of the 3 lines of assurance including those in Audit, Risk, Compliance and management.

Controls Management

  • Manage periodic control operation, certification and testing
  • Configurable control notifications. You may not want to send control notifications to all users at the same frequency, or at all. Control Notifications are configurable for new, open and overdue controls for control operation, testing and certification.
  • Control Owners, Delegates and Assignees may receive notification emails with links to complete their controls operation or certification.
  • Controls may be assigned to anyone with an email address. They do not need to be an application user.
  • Dynamic multi-dimensional reporting. Pre-built dashboards and reports, see standing of controls by location, regulatory requirement, vendor or system profile, Organizational Unit, control domain, etc. Build you own custom reports
  • Configurable. Each organization has different needs when it comes to controls management. It is easy to add new fields, add to or change the functionality according to your organizations' needs

Risk Management

  • Track and manage your organizations' risks
  • Perform periodic risk assessments
  • Track risk exposure across Projects, Audits, Controls, Observations and Actions
  • Dynamic multi-dimensional reporting. See potential risk exposures in one convenient view via associations with Audits, Projects, Controls, Controls Assessments, Observations and Actions. Build your own custom reports
  • Configurable. Each organization has different needs when it comes to risk management. It is easy to add new fields, add to or change the functionality according to your organizations' needs
  • Send Risk Assessment Surveys to risk owners

Audit and Project Management

  • Task and Time management
  • Assign users tasks and allocate time and easily see users availability (or lack thereof) for additional audits or projects, see budget vs actual including projects that
  • Includes PBC functionality - send Prepared by Client requests to anyone with an email address. They do not need to be a QB user. They can upload requested files so they will be available to the whole audit/project team.
  • Dynamic multi-dimensional reporting. Pre-built dashboards and reports. See Project status and findings by location, regulatory requirement, vendor or system profile, control domain, etc. Build your own custom reports
  • See projects on a Gantt chart, projects behind schedule, projects over budget based on percentage complete
  • Configurable. Each organization has different needs when it comes to audit and project management. It is easy to add new fields, add to or change the functionality according to your organizations' needs

Issue/Action Management

  • Assign actions to anyone with an email address. They do not need to be a QB user.
  • Configurable action notifications. You may not want to send action notifications to all users at the same frequency, or at all. Action notifications are fully configurable for new, open and overdue actions.
  • Owners, Delegates and Assignees may receive notification emails with links to complete their actions.
  • Fully configurable. Each organization has different needs when it comes to managing issues and actions. It is easy to add new fields, add to or change the functionality according to your organizations' needs
  • Dynamic multi-dimensional reporting. Pre-built dashboards and reports. See Issues and Actions by location, regulatory requirement, vendor or system profile, control domain, etc. Build your own custom reports.

Controls Assessment Management

  • Assign Controls Assessments to anyone with an email address. They do not need to be a QB user.
  • Configurable notifications. You may not want to send notifications to all users at the same frequency, or at all. Notifications are fully configurable for new, open and overdue Controls Assessments.
  • Owners, Delegates and Assignees may receive notification emails with links to complete their assessments.
  • Dynamic multi-dimensional reporting. Pre-built dashboards and reports, see standing of controls by location, regulatory requirement, vendor or system profile, control domain, etc. Build you own custom reports
  • Configurable. Each organization has different needs when it comes to controls assessments. It is easy to add new fields, add to or change the functionality according to your organizations' needs

Vendor Management

  • Send Vendor Control Assessments to anyone with an email address. They do not need to be a QB user.
  • Configurable notifications. You may not want to send notifications to all users at the same frequency, or at all. Notifications are fully configurable for new, open and overdue Controls Assessments.
  • Owners, Delegates and Assignees may receive notification emails with links to complete their assessments.
  • Dynamic multi-dimensional reporting. Pre-built dashboards and reports, see standing of controls by location, regulatory requirement, vendor or system profile, control domain, etc. Build you own custom reports
  • Configurable. Each organization has different needs when it comes to vendor management. It is easy to add new fields, add to or change the functionality according to your organizations' needs
  • Track System and Vendor metadata including criticality, CIA attributes, etc.

Configurable and flexible solutions

SMACK GRC is built on the popular Quick Base platform which is used by more than half of the Fortune 100. Because SMACK GRC is built on Quick Base, you will have full control to configure SMACK GRC for your unique requirements. This is not only includes your own branding and colors, but also reports, fields, drop-down values, automation and notifications. You can also add whole new modules to SMACK GRC quickly and easily. SMACK GRC is fast to implement, includes dynamic reporting and has valuable functionality which missing in those products offered by competitors.

Reach out for a free demo

We offer a no obligation demo. Just fill out the form on the next page and a representative will be in touch.

Request a Demo