Wer nutzt diese Software?

Wir unterstützen Informationssicherheits- und Compliance-Teams, die ihre Compliance-Anforderungen besser verwalten möchten. Zielindustrien umfassen Tech, Einzelhandel, Versorgungsunternehmen, Konsumgüter, Gesundheitswesen und Finanzen.

Durchschnittliche Bewertung

19 Bewertungen
  • Gesamt 4.5 / 5
  • Benutzerfreundlichkeit 4.5 / 5
  • Kundenservice 5 / 5
  • Funktionen 4.5 / 5
  • Preis-Leistungs-Verhältnis 4.5 / 5

Produktdetails

  • Startpreis 2.500,00 $/Monat
  • Kostenlose Version Nein
  • Kostenlose Testversion Nein
  • Einsatz Cloud, SaaS, Web
  • Training Persönlich
    Live Online
    Webinare
    Dokumentation
  • Kundenbetreuung Support während der Geschäftszeiten
    Online

Angaben zum Hersteller

  • RECIPROCITY
  • https://reciprocitylabs.com/
  • Gegründet 2009

Über ZenGRC

ZenGRC, wird von Unternehmen wie Walmart, Airbnb und Alaska Airlines geschätzt. Kunden, die ZenGRC nutzen, profitieren von Effizienzgewinnen und reduzieren die Zeit und die Kosten für die IT-Prüfung. Mit ZenGRC können Sie sicher sein, dass Ihr Unternehmen Zeit und Geld bei der Prüfung und Verwaltung von Risiken spart, um SOC, PCI, ISO, HIPAA, DSGVO, NIST, COSO und andere Vorschriften zu erfüllen. Holen Sie sich heute eine kostenlose Demo!

ZenGRC Funktionen

  • Alarmfunktion / Benachrichtigungen
  • Auditplanung
  • Aufgabenmanagement
  • Compliance Management
  • Dashboard
  • Formularverwaltung
  • Mobiler Zugriff
  • Problemmanagement
  • Risikobewertung
  • Verfolgen von Vermögensanlagen
  • Workflow-Management
  • Archivierung & Aufbewahrung
  • Compliance-Verfolgung
  • Einhaltung von Umweltvorschriften
  • FDA-Compliance
  • HIPAA konform
  • ISO-Compliance
  • OSHA-Compliance
  • Prozess-/Workflow-Automatisierung
  • Risikomanagement
  • Sardanes-Oxley-Compliance
  • Störfallmanagement
  • Testen von Steuerelementen
  • Umfragen & Feedback
  • Versionskontrolle
  • Wirtschaftsprüfung-Management
  • Data Mapping
  • Erkennung sensibler Daten
  • PIA / DPIA
  • Richtlinien Managemen-
  • Risikomanagement
  • Störfallmanagement
  • Zugriffskontrolle
  • Zustimmungs-Management
  • Betriebsrisiko-Management
  • Disaster Recovery
  • Einhaltung von Umweltvorschriften
  • IT-Risikomanagement
  • Internes Kontrollmanagement
  • Richtlinien Managemen-
  • Störfallmanagement
  • Wirtschaftsprüfung
  • Compliance Berichterstattung
  • Dateiintegritätsüberwachung
  • Erkennungssystem für unberechtigte Eingriffe
  • Korrektur-Management
  • Log-Management
  • Management by Exception
  • PCI-Bewertung
  • Richtlinien Managemen-
  • Zugriffskontrolle
  • Alarmfunktion / Benachrichtigungen
  • Betriebsrisiko-Management
  • Compliance Management
  • Geschäftsprozess-Steuerung
  • IT-Risikomanagement
  • Internes Kontrollmanagement
  • Korrekturmaßnahmen (CAPA)
  • Management by Exception
  • Mobiler Zugriff
  • Prädiktive Analytik
  • Reaktions-Management
  • Rechtliches Risikomanagement
  • Reputationsrisikomanagement
  • Risikobewertung
  • Wirtschaftsprüfung
  • Betriebsrisiko-Management
  • Compliance Management
  • Dashboard
  • Disaster Recovery
  • IT-Risikomanagement
  • Lieferanten-Management
  • Risikobewertung
  • Sicherheitsmanagement
  • Störfallmanagement
  • Wirtschaftsprüfung-Management

Alternative Produkte

Ähnliche Produkte

Die hilfreichsten Reviews für ZenGRC

Logical and minimal approach to GRC saves time!

Bewertet am 21.5.2018
Andrew W.
Manager, IT Controls
Computer-Software, 1.001-5.000 Mitarbeiter
Verwendete die Software für: 1-5 Monate
Quelle des Nutzers 
5/5
Gesamt
5 / 5
Benutzerfreundlichkeit
4 / 5
Eigenschaften & Funktionalitäten
5 / 5
Kundenbetreuung
5 / 5
Preis-Leistungs-Verhältnis
Wahrscheinlichkeit der Weiterempfehlung:
Unwahrscheinlich Äußerst wahrscheinlich

Kommentare: One of the biggest benefits that has made a huge impact is the time savings we've achieved in our IT Security group by using ZenGRC. Our old email/spreadsheet process would be a multi-week process, cause confusion every audit and often get us lost in the weeds of details when we needed to be focusing on the auditors. The first audit we ran through ZenGRC saved us literally a full week of time that would have been dedicated to reviewing evidence submission via email and spreadsheets. Having ZenGRC in place allowed us to put multiple review points in place BEFORE the evidence came to our group for review practically eliminating the requirement of follow-up request corrections.

Vorteile: ZenGRC brings all the tools you need to run a successful GRC program to the table in a clear, concise and minimalist package that's nimble and efficient. Our company had been utilizing the old method of email/spreadsheets and was getting lost in the weeds even on the smallest of audits and struggling to keep up each year to stay ahead. Our evaluations with other tools fell flat, didn't meet our requirements or introduced complexity. Our evaluation of ZenGRC started with skepticism, but quickly turned positive once we realized how logically organized the system was on the back-end. During our testing period, we were able to quickly create a Sarbanes-Oxley program, using both their template import and the GUI, in a matter of days. Since that time only a few short weeks ago we have now almost completed a full internal audit of our SOX program, complete with evidence collection and control evaluations. Our rough estimate has us gaining back a full week of time from previous audits last year and year prior using the old email/spreadsheet method. We are now rolling out an ISO27001, SOC2 and internal security control framework on the heels of the SOX success.

Nachteile: As with any SaaS from a small company that is new to market (less than 5 years), there are aspects of the tool that require some creative thinking and clever workarounds. This is not necessarily a dislike in my opinion, however less technical individuals may find this aspect difficult or troublesome. ZenGRC staff do redeem themselves on this front as they're quick to respond to feature requests and have already implemented several suggestions our team has submitted. Since starting to use the product, they have continually updated the product with new features, fixes and updates to existing functionality.

ZenGRC is a major part of our successful compliance programs

Bewertet am 22.9.2017
Dave A.
Director of Security & IT
Computer-Software, 201-500 Mitarbeiter
Verwendete die Software für: Mehr als 2 Jahre
Quelle des Nutzers 
5/5
Gesamt
5 / 5
Benutzerfreundlichkeit
5 / 5
Eigenschaften & Funktionalitäten
5 / 5
Kundenbetreuung
5 / 5
Preis-Leistungs-Verhältnis
Wahrscheinlichkeit der Weiterempfehlung:
Unwahrscheinlich Äußerst wahrscheinlich

Kommentare: Because it's so well organized we've managed to keep the required staff to manage compliance at a minimum.

Vorteile: I have been using ZenGRC for over two years now and it has been an essential tool helping us get and stay organized when we embarked on gaining a SOC 2 attestation. We have since been through two SOC 2 audits and are using ZenGRC to help us assess and remediate our gaps against ISO 27001.

Nachteile: There's still a some things you have to edit by exporting to CSV, editing in your favorite spreadsheet app, then re-importing, so it would be nice if some of that functionality was built into the UI. That being said, that workflow is actually ideal for some tasks. Our last audit firm wasn't able to use the app directly for requesting and managing audit evidence so there was a bit of duplication of effort. The ZenGRC team is making some changes to make that better though.

ZenGRC Delivers Compliance and Automation

Bewertet am 10.11.2017
Travis R.
CISO
Computer-Software, 13-50 Mitarbeiter
Verwendete die Software für: Mehr als 1 Jahr
Quelle des Nutzers 
5/5
Gesamt
5 / 5
Benutzerfreundlichkeit
4 / 5
Eigenschaften & Funktionalitäten
5 / 5
Kundenbetreuung
5 / 5
Preis-Leistungs-Verhältnis
Wahrscheinlichkeit der Weiterempfehlung:
Unwahrscheinlich Äußerst wahrscheinlich

Kommentare: The immediate benefits are streamlining of processes and simplification of evidence collection. What used to be a multi-step JIRA project with a manual review, then publishing to a separate project where our auditors could view the evidence, is now a simple workflow. This is a huge timesaver and makes the audit process as painless as possible.

Vorteile: Simple, easy to use, despite managing complex workflows and multiple audits across ,multiple teams. Easy to import specific controls and modify existing control sets to meet our needs as necessary. Audit readiness dashboard is critical as you prepare for new compliance initiatives or are questioned on "how difficult" it would be to be to become compliant with a specific regulation or framework to close a deal.

Nachteile: The JIRA integration is improving in significant ways, however the complexity and manner with which we implemented JIRA makes an effective integration difficult and as a result the immediate integration is not as useful as we would like to see. That being said, the two-way sync has made a dramatic improvements, and for most customers, the existing integration is likely more than sufficient.

Best Governance, Risk and Compliance tool on the market

Bewertet am 21.4.2017
William D.
VP IT & Security
Krankenhausversorgung & Gesundheitswesen, 201-500 Mitarbeiter
Verwendete die Software für: 1-5 Monate
Quelle des Nutzers 
5/5
Gesamt
5 / 5
Benutzerfreundlichkeit
5 / 5
Eigenschaften & Funktionalitäten
5 / 5
Kundenbetreuung
5 / 5
Preis-Leistungs-Verhältnis
Wahrscheinlichkeit der Weiterempfehlung:
Unwahrscheinlich Äußerst wahrscheinlich

Kommentare: ZenGRC is the easiest to use, and most flexible, GRC tool on the market. It is simple enough that even small organizations will find it useful, but powerful enough to help the largest of companies. Its power comes from the way it links objects to each other. Controls, objectives, threats, risks, systems, vendors, customers, contracts, etc. are all cross linked to each other. And best of all, Reciprocity has a vast library of compliance standards that are cross-linked. Because of this, you can have a single set of master controls that are linked to PCI, SOC2, HIPAA, HITRUST, NIST, ISO, or whatever other frameworks you are using. Simplifies and "audit once" methodology for companies that deal with many different standards. Additionally, the risk management capabilities of ZenGRC make it easy to integrate enterprise risk management into your overall compliance program. There are few pieces of software I can't live without, but ZenGRC is one I'd fight for at any company I joined.

Vorteile: Ease of use
Relationships of objects
Standards library

Reciprocity is an invaluable partner in meeting our data management needs.

Bewertet am 15.11.2017
Julie M.
Compliance Specialist & Project Manager
Hochschulbildung, 1.001-5.000 Mitarbeiter
Verwendete die Software für: Mehr als 2 Jahre
Quelle des Nutzers 
4/5
Gesamt
4 / 5
Benutzerfreundlichkeit
5 / 5
Eigenschaften & Funktionalitäten
5 / 5
Kundenbetreuung
5 / 5
Preis-Leistungs-Verhältnis
Wahrscheinlichkeit der Weiterempfehlung:
Unwahrscheinlich Äußerst wahrscheinlich

Vorteile: The ability to customize the use of the software to meet our unique needs. The technical folks also understand our use case and suggest different ways for us to think about our data and how best to represent it. I like way the system has matured and is tying various elements together (like audit and risk). Customer service is excellent and I really, really like having the same person to deal with all the time. This eliminates having to re-explain your data set to the next help desk guy.

Nachteile: While many of the changes to the system have been helpful, the constant changes can be hard to keep up with and difficult to plan how to expand our use of the system.

Lies weitere Bewertungen