kindlyops / havengrc
โ๏ธHaven GRC - easier governance, risk, and compliance ๐จโโ๏ธ๐ฎโโ๏ธ๐ฆธโโ๏ธ๐ต๏ธโโ๏ธ๐ฉโ๐ฌ
โ97Updated 3 years ago
Related projects: โ
- An open source Governance Risk Compliance (GRC) solution for corporates and governmentโ25Updated 7 years ago
- An open source, self-service GRC tool to automate security assessments and compliance.โ179Updated this week
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUIโ42Updated 4 years ago
- OpenControl-formatted industry standards and requirement documentsโ44Updated last year
- Machine readable cybersecurity compliance standards library for Python, starting with FISMA and NIST Risk Management Frameworkโ57Updated 4 years ago
- Repository for the Open Information Security Risk Universeโ63Updated 2 years ago
- OpenISMS is a tool for information security managers. The goal is to create one single tool for the governance of information security. Tโฆโ18Updated 8 years ago
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizationsโ34Updated last month
- hyperGRC is a lightweight, in-browser tool for managing compliance-as-code repositories in OpenControl format.โ22Updated 2 years ago
- โ18Updated 2 months ago
- Vendor Security Model Contractโ97Updated 2 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.โ53Updated 8 months ago
- Controls Assessment Specificationโ65Updated 3 months ago
- CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluenceโ81Updated 3 months ago
- Open source tool for processing OSCAL based FedRAMP SSPsโ36Updated 4 months ago
- โ42Updated last year
- NIST SP 800-53 Rev 5 as Dataโ23Updated 4 years ago
- โ38Updated this week
- Dockerized Eramba, Open Source Governance, Risk & Compliance (GRC) system https://hub.docker.com/r/digitorus/erโฆโ27Updated 4 years ago
- The Auditree framework tool to run compliance control checks as unit tests.โ59Updated last month
- โ20Updated this week
- A catalog designed for environments with multiple or diffuse Information Security vulnerability-related information sources.โ12Updated 11 months ago
- read the docs version of risk managementโ23Updated last year
- Tools for the OSCAL projectโ34Updated last year
- cloud.gov security policies and proceduresโ24Updated last month
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on uโฆโ124Updated this week
- โOpen Source Toolkit for Quantitative Risk Assessmentโ159Updated last year
- Security Blueprint for Startupsโ38Updated 4 years ago
- A repository containing OSCAL serializations of the CIS Critical Security Controlsโ48Updated last year
- A repository for wardley maps related to security topics.โ46Updated 7 years ago